This exploit causes Windows machines supporting SMB2 to crash (leaves the system hanging and unresponsive) by sending a malformed negotiate protocol response and quickly closing the connection. It has been tested on Win 7 build 2600.
Because $root is not specific in the require_once($root."/include/phpmailer/phpmailer.inc.php"); statement, an attacker can exploit this vulnerability to execute arbitrary code on the vulnerable server.
WeBProdZ CMS is vulnerable to SQL Injection. The vulnerable code is present in the /backoffice/textos/editar.php file. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'id' in the URL. For example, an attacker can send the following malicious SQL queries: -1 UNION ALL SELECT 1,2,3--, -1 UNION ALL SELECT 1,2,concat(username,char(58),password)+from+utilizadores--, -1 UNION ALL SELECT 1,2,concat(username,char(58),password_ori)+from+utilizadores--
Factux is vulnerable to Local File Inclusion (LFI) vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The vulnerable files are admin_modif.php, admin.php, article_new.php, article_update.php, backup.php, backup_timeout.php, bon_suite.php, and ca_annee.php. An example of exploiting this vulnerability is by sending a maliciously crafted HTTP request to the vulnerable server, such as http://[site]/factux/ca_annee.php?lang=../../index
A vulnerability in OCS Inventory NG Server version 1.3.1 and prior (except 1.02.1 to 1.02.3) allows an attacker to bypass authentication and manipulate data remotely. This is due to the application not properly validating user credentials. An attacker can exploit this vulnerability by sending a specially crafted request to the application.
AV arcade is a free arcade script from AV Scripts. It has features which easily match those of paid scripts. Go to search field and query those strings: HTML Injection: '><marquee>hey, this works!</marquee> XSS: '><script>alert(String.fromCharCode(88,83,83))</script>
A Local File Inclusion (LFI) vulnerability exists in GetSimple 2.01, which allows an attacker to read arbitrary files on the server. An attacker must be an admin to exploit this vulnerability. The vulnerable code is present in the download.php file, which allows an attacker to read arbitrary files on the server by passing the file path in the 'file' parameter. For example, an attacker can read the /etc/passwd file by sending a request to http://localhost/GetSimple_2.01/admin/download.php?file=../../../../../etc/passwd.
A buffer overflow vulnerability exists in BaoFeng Storm M3U File Processing, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to insufficient boundary checks when processing specially crafted M3U files. An attacker can exploit this vulnerability by enticing a user to open a malicious M3U file, resulting in arbitrary code execution.
A vulnerability exists in slooze.php, which allows an attacker to execute arbitrary commands on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input to the 'file' parameter. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable system. Successful exploitation of this vulnerability can result in arbitrary code execution on the vulnerable system.
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'sid' parameter of the 'links.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in the application's database. This can allow the attacker to bypass authentication and gain access to sensitive data, such as passwords, usernames, etc.
Services By CQR