This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Internet Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IMAP LIST command. By sending a specially crafted LIST command, an attacker can cause a stack-based buffer overflow.
This exploit is a local kernel exploit for G Data TotalCare 2011. It is a 0day exploit and is unpatched. It is written in C and uses Winsock2 and Windows libraries. It is tested on Windows XP SP3 and supports Windows 2000, 2003, Vista and 7. It uses a ring0 shellcode to copy tokens from the system process to the cmd process.
Joomla Component ProDesk v 1.5 is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability to include local files on the server. This vulnerability requires magic_quotes to be set to OFF and disable_functions to be set to ini_set. The PoC for this vulnerability is http://site.com/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd
Seo Panel is prone to Critical File Disclosure due to download.php does not sanitize user-input properly via the "file" GET-parameter. By using ....// instead of ../ to traverse through directories and by appending a %00 byte in the end of the request it is possible to load virtually any file that the webserver user has read access to.
PCSX2 is a PS2 emulator to play PS2 Games on PC. This emulator is one of the popular among the gamers. A buffer overflow vulnerability exists in PCSX2 v0.9.7, which allows an attacker to crash the application by creating a file with 45000 bytes of data. This can be exploited by an attacker to crash the application.
A SQL injection vulnerability exists in the Joomla component com_clanlist. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This request contains a specially crafted SQL query that can be used to extract sensitive information from the database.
xt:Commerce Shopsoftware (fckeditor) is vulnerable to a file upload vulnerability. An attacker can exploit this vulnerability by accessing the uploadtest.html page and uploading a malicious file. This can lead to remote code execution.
A SQL injection vulnerability exists in the Joomla component com_clan. The vulnerability is due to insufficient sanitization of user-supplied input in the 'cid' parameter of the 'index.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's database.
The vulnerabilities are in the file and the file /search.php, /userlist.php and moderate.php not properly control the content of variables keywords, author and get_host. An attacker can exploit this to find out the rootpath a website.
A vulnerability in DeluxeBB version 1.3 and below allows an attacker to gain access to private information. This is done by exploiting the pm.php file, which is used to send and receive private messages. The attacker can use a Perl exploit to gain access to the private messages of a user by providing the site, nick, and id as arguments. The exploit will then use the LWP::UserAgent and HTTP::Request modules to send a request to the pm.php file, which will return the private messages of the user.
Services By CQR