The vulnerability exists due to failure in the "6.13.1!>" script to properly sanitize user-supplied input in "desc" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. An attacker can use browser to exploit this vulnerability. The following PoC is available: <form action="http://host/folder" method="post" name="main"><input type="hidden" name="object" value="folder"><input type="hidden" name="desc" value='title"><script>alert(document.cookie)</script>'><input type="hidden" name="tags" value=""><input type="hidden" name="position" value=""><input type="hidden" name="readme" value="post txt"></form><script>document.main.submit();</script>
User can execute arbitrary JavaScript code within the vulnerable application. The vulnerability exists due to failure in the 'admin/pages/configuration/index.php' script to properly sanitize user-supplied input in 'copyright' variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
User can execute arbitrary JavaScript code within the vulnerable application. The vulnerability exists due to failure in the "/admin/settings.php" script to properly sanitize user-supplied input in "title" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. An attacker can use browser to exploit this vulnerability.
This exploit is a local denial of service vulnerability in AVG Internet Security. It is triggered by sending a malicious DeviceIoControl request to the avgtdi.sys driver. This causes the system to crash and the driver to become unresponsive.
A denial of service vulnerability exists in Rising RSNTGDI.sys driver due to improper handling of 0x83003C13 control code. An attacker can send a specially crafted request to the driver to trigger this vulnerability and cause a denial of service condition.
Douran Portal is vulnerable to multiple remote vulnerabilities such as XSS, Remote File Upload, Information Leakage, and XSS. XSS None Present vulnerability can be exploited by sending a malicious request to the server with a malicious script in the query string. Remote File Upload vulnerability can be exploited by bypassing the authorization check and uploading malicious files. Information Leakage vulnerability can be exploited by accessing the DeviceInfo.aspx page. XSS Present vulnerability can be exploited by sending a malicious request to the server with a malicious script in the query string.
Collabtive has 'union' type SQL injection vulnerability. In 'managechat.php' when the value of parameter 'actions' equal to 'pull' application gets value of the cookie named like chatstart[USERTOID]. Application apply mysql_real_escape_string function to same variable but include it without quotes. So mysql_real_escape_string function can't provide any security in this case. Attacker can exploit this vulnerability for executing arbitrary sql codes.
A remote denial of service (DoS) vulnerability exists in Xerox 4595 due to improper validation of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a long string of characters to the vulnerable device. This will cause the device to crash, resulting in a denial of service condition.
Advantage Data Architect is prone to heap overflow when user opens crafted script file (.SQL) with long data inside. This issue causes a function pointer overwrite, allow us executing arbitrary code (UNICODE).
The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute arbitrary code within the kernel. An attacker would need local access to a vulnerable computer to exploit this vulnerability.
Services By CQR