A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a new subdirectory, causing the data directory to become unusable.
The Celerra appliance's NFS server freely exports its "/" file system and enforces access using a factory-defined list of authorized IP addresses. An attacker can mount this file system by spoofing an authorized IP address. Because the appliance's NFS server does not enable the "rootsquash" feature, full access to the file system is possible by mounting the export using root (UID 0). Fully spoofing the source IP address (for sending and receiving packets) will usually require access to the local subnet or the ability to exploit some other network infrastructure vulnerability.
68KB is an open source PHP MySQL driven knowledge base script. A vulnerability exists in the 'path/themes/admin/default/modules/show.php' script, which allows an attacker to include a remote file. This is the same vulnerability in other lower versions.
Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter is vulnerable to a stack buffer overflow vulnerability. An attacker can exploit this vulnerability by sending a specially crafted payload to the vulnerable application. This can result in arbitrary code execution in the context of the application.
Multiple Reflected Cross Site Scripting vulnerabilities were found in MyIT CRM ver.0.2.8.1 web console, because the application fails to sanitize user-supplied input. The vulnerabilities can be triggered by any logged-in user who is able to access the “View Employees” functionality. Parameters name, employee_id, and page are not properly sanitized. Other parameters might also be affected.
A SQL injection vulnerability exists in Joomla CamelcityDB 2.2, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in a 'index.php?option=com_camelcitydb2&view=all&Itemid=15' request. An attacker can exploit this vulnerability to gain access to sensitive information from the database, such as usernames and passwords.
A SQL injection vulnerability exists in the APT-WEBSHOP-SYSTEM v3.0 web application. The vulnerability is due to improper sanitization of user-supplied input in the 'id' parameter of the 'modules.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database.
WM Downloader 3.1.2.2 is vulnerable to a buffer overflow stack exploit when a specially crafted .m3u file is opened. This exploit was tested on Windows XP SP3 (fr). The exploit code contains a shellcode that executes calc.exe when the vulnerable application is opened.
The overwrite is caused by a wsprintfW() function, however the program checks for a XOR'd DWORD at ESP+7D8 with DS:[601E60] (if not matched --> TerminateProcess). Having control over the SEH does not actually cause any exception between wsprintfW() to TerminateProcess().
A SQL injection vulnerability exists in SnoGrafx, which is a web-based content management system. The vulnerability is located in the 'cat.php?cat' parameter of the application. An attacker can inject malicious SQL commands to gain access to the database and execute arbitrary code.
Services By CQR