This exploit allows an attacker to perform SQL injection in Woltlab Burning Board Lite 1.0.2. It works regardless of php.ini settings. The attacker needs to provide the target server, path to wbblite, existing thread ID, and victim user ID. Additional options include specifying a different port or using a proxy. The exploit sends a packet to the target server to exploit the vulnerability.
This exploit allows remote attackers to execute arbitrary code on a vulnerable imapd IMAP4rev1 server. The exploit takes advantage of a buffer overflow vulnerability in the server to overwrite the return address with a pointer to the attacker's shellcode. Once the exploit is successful, the attacker gains control of the server and can execute commands remotely.
The HSRS 1.0 (HIOX Star Rating System Script) is vulnerable to remote file inclusion. An attacker can exploit this vulnerability to include arbitrary files from remote servers.
TeraCopy is prone to an integer overflow vulnerability because it fails to perform adequate boundary checks when reading language files. Successfully exploiting this issue may allow local attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.
A buffer-overflow vulnerability occurs in the Festalon application because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue may allow attackers to execute arbitrary machine code in the context of the affected application, which may facilitate the remote compromise of affected computers.
This vulnerability allows attackers to bypass security restrictions in EasyCafe software. By exploiting this vulnerability, an attacker can gain unauthorized access to a client's computer. Other attacks are also possible.
XennoBB is prone to multiple SQL injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Various D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. This module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may be affected.
The centre.php file in Messagerie Locale script allows remote attackers to include arbitrary files via a URL in the page parameter.
Bomberclone is prone to remote information-disclosure and denial-of-service vulnerabilities because it fails to properly sanitize user-supplied input.These issues allow remote attackers to access sensitive information and to crash the application, denying further service to legitimate users.
Services By CQR