This module exploits a source code disclosure/download vulnerability in versions of the Xerver web server up to and including version 4.32. It also incorporates an authentication bypass vulnerability that allows you to dump the source of files in HTTP auth protected directories as well.
Intellinet IP Camera MNC-L10 and other models are vulnerable to a cookie injection attack. An attacker can inject a cookie with user_auth_level=43 to gain admin access to the camera.
This exploit is for Barcodewiz 3.29 ActiveX. It is a heap spray exploit which uses win32_exec to execute calc.exe. It uses unescape to encode the shellcode and then uses LoadProperties to execute the shellcode.
Many parameters in various files such as battle.php, scores.php etc. are not properly sanitised before being used in SQL queries. Because of the number of flaws, it is not possible to report the entire vulnerable code.
A buffer overflow vulnerability exists in Xion Audio Player version 1.0.125. The vulnerability is caused due to a boundary error when handling specially crafted .m3u files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .m3u file. Successful exploitation may allow execution of arbitrary code.
Xmyplay 3.5.1 is vulnerable to a buffer overflow vulnerability when a specially crafted .m3u file is opened. This can be exploited to cause a stack-based buffer overflow by corrupting the memory of the application, potentially allowing arbitrary code execution.
The vulnerability exists in the product_list.php and news.php files of the Concept E-commerce website. An attacker can inject malicious SQL code into the 'id' parameter of the product_list.php and news.php files, which can be used to extract sensitive information from the database.
A maliciously crafted .cps file can cause a denial of service in ChordPulse version 1.4 and below. By creating a file with 5000 'A' characters, the application will crash when the file is opened.
BarCodeWiz Barcode ActiveX Control 3.29 is vulnerable to a SEH overwrite vulnerability. The vulnerability is triggered when a specially crafted argument is passed to the LoadProperties method. This causes the SEH to be overwritten with the value 0x41414141, which allows arbitrary code execution.
The component "com_beamospetition" is vulnerable to SQL Injection. An attacker can inject arbitrary SQL queries by manipulating the "pet" parameter in the URL. For example, http://www.site.com/path/index.php?option=com_beamospetition&startpage=3&pet=-1+Union+select+user()+from+jos_users--
Services By CQR