smbind <= v.0.4.7 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by entering malicious input in the username and password fields. If the magic_quote_gpc is set to Off, the attacker can use blind SQL injection to gain access to the application. The attacker can also use the username field to enter 'admin'; # and the password field to enter any value to gain access to the application.
A remote user can cause denial of service conditions on remote hosts by embedding a specially crafted AVI file into an HTML page. The included PoC will also cause crash conditions locally if viewed by My Computer.
FFDshow is vulnerable to a SEH Exception leading to a NULL pointer on Read. This vulnerability is caused by a stack-based buffer overflow in the ffdshow.ax module. When a specially crafted media file is opened, an attacker can overwrite the SEH chain and control the execution flow of the application. This can lead to arbitrary code execution.
A vulnerability in Trend Micro Internet Security Pro 2010 ActiveX extSetOwner allows remote attackers to execute arbitrary code via a crafted web page. The vulnerability is due to a boundary error when handling the extSetOwner method. An attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. Successful exploitation of this vulnerability could result in complete compromise of the affected system.
Input passed via the 'xGrp' parameter to catgrp.php is not properly sanitised before being used in a SQL query. Input passed via the 'xCat' parameter to catmain.php and prodmain.php is not properly sanitised before being used in a SQL query. Input passed to the 'nLoginUser', 'nCustPhone' parameters in account_signup.php is not properly sanitised before being returned to the user. Input passed to the 'nReferrer', 'Zipcode' parameters in cart.php is not properly sanitised before being returned to the user. Input passed to the 'nPhone', 'nMailName', 'nFullName', 'nEmail', 'nComments' parameters in popup_contact.php is not properly sanitised before being returned to the user. Input passed to the 'nEmail' parameter in process_email.php is not properly sanitised before being returned to the user. Input passed to the 'xRef' parameter in customer_login.php is not properly sanitised before being returned to the user. Input passed to the 'xProd', 'xCat' parameter in prodmain.php is not properly sanitised before being returned to the user. Input passed to the 'nSearch' parameter in search.php is not properly sanitised before being returned to the user.
At the HAR2009 conference, the existence of a backdoor password in Accton-based switches was revealed by Edwin Eefting, Erik Smit and Erwin Drent. The backdoor password can be calculated if you have the switch MAC-address, which can be obtained via ARP or SNMP (if you know the community string). It seems to work on all management interfaces: telnet, ssh and http. If you don't know the MAC-address but can guess the OUI, brute forcing the password is probably feasible as well.
A successful exploit can allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
vbShout 5.2.2 is vulnerable to a Remote/Local File Inclusion vulnerability. This vulnerability allows an attacker to include a file from a remote or local location, which can be used to execute arbitrary code. The vulnerability exists due to the 'do' parameter in the 'vbshout.php' script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g. '../') followed by a null byte (%00) to the vulnerable script. This can be used to include files from remote or local locations, which can be used to execute arbitrary code.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenSSH service. The service fails to properly validate user-supplied data when handling certain requests. An attacker can leverage this vulnerability to execute arbitrary code under the context of the SYSTEM user.
The vulnerability exists due to insufficient filtration of user-supplied data passed via the 'sbjoke_id' parameter to '/index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the administrative panel.
Services By CQR