The vulnerability exists in the SKNetResource.ocx ActiveX control, which is part of the Magneto Software Net Resource package. The vulnerability is caused due to a boundary error within the NetFileClose() method when handling user-supplied input. This can be exploited to cause a stack-based buffer overflow by supplying a specially crafted argument to the method. This may allow an attacker to execute arbitrary code.
A buffer overflow vulnerability exists in Magneto Software Net Resource ActiveX control (SKNetResource.ocx) when handling the NetSessionDel function. By supplying a large string as the second parameter, an attacker can overwrite the EAX, EBX, and SEH registers, resulting in arbitrary code execution.
A buffer overflow vulnerability exists in Magneto Software SNTP ActiveX SntpSendRequest function, which can be triggered by sending a specially crafted string of 1044 characters to the vulnerable application. This can lead to arbitrary code execution.
This exploit is a proof-of-concept for a buffer overflow vulnerability in the Magneto Software ActiveX Control. The vulnerability is triggered when the DNSLookupHostWithServer function is called with an overly long argument. This causes a crash in the application, potentially allowing for remote code execution.
QPersonel is a Joomla component vulnerable to SQL Injection. The vulnerable parameter is 'katid' which can be exploited by appending malicious SQL code to the URL. The vulnerable file is qpersonel.php. Selected information gets displayed within the title tag.
An attacker can download the database files from the vulnerable web application by accessing the following URLs: http://127.0.0.1/My.School/odevsitesi.mdb, http://127.0.0.1/My.School/sayac.mdb, http://127.0.0.1/My.School/admin.asp
An attacker can exploit this vulnerability by accessing the backup directory of the Games Script (Galore) application, located at http://127.0.0.1/Games Script (Galore)/admincp/backup/ and by logging in to the admincp directory at http://127.0.0.1/Games Script (Galore)/admincp/.
An attacker can exploit this vulnerability by accessing the following URLs: http://127.0.0.1/Mp3/dbaze/ and http://127.0.0.1/Mp3/admin.
The vulnerability exists in the joelz bulletin board version 0.9.9rc3. An attacker can exploit the vulnerability by sending a specially crafted SQL query to the vulnerable parameter. This can allow the attacker to gain access to sensitive information such as usernames, passwords, and emails.
Police Municipale Open Main Courante 1.01beta is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Services By CQR