This is a special PDF hack which allows an embedded executable to be executed without exploiting any vulnerability. It uses a launch action triggered by the opening of the PDF. With Adobe Reader, the user gets a warning asking for approval to launch the action, but the message displayed by the dialog can be partially controlled. Foxit Reader displays no warning at all, the action gets executed without user interaction.
BitComet is a torrent client which doesn't handle malicious DHT packet with an invalid bencoded message.
This exploit is a proof of concept for a SEH vulnerability in Optimal Archive 1.38 (.zip). The exploit is triggered when a specially crafted zip file is right clicked. The payload used is a bind shell on port 4444.
A buffer overflow vulnerability exists in WM Downloader 3.0.0.9 when processing a specially crafted .asx file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. This vulnerability is due to a boundary error when processing the .asx file. By sending a specially crafted .asx file, an attacker can cause a stack-based buffer overflow, which can allow the attacker to execute arbitrary code in the context of the application.
Easy-Clanpage is prone to a multiple SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code, allowing for the manipulation or disclosure of arbitrary data. This issue affects versions prior to Easy-Clanpage 2.2.
An attacker can exploit a SQL injection vulnerability in Centreon IT & Network Monitoring v2.1.5 to execute arbitrary SQL commands on the underlying database. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'host_id' parameter of the 'main.php' script. An attacker can exploit this vulnerability to gain access to sensitive information stored in the database, modify data, or execute arbitrary system commands with the privileges of the web server process.
A vulnerability exists in the DW Graph Component for Joomla 1.5, which allows an attacker to include a local file via a specially crafted URL. The vulnerability is due to insufficient sanitization of user-supplied input to the 'controller' parameter in the 'dwgraphs.php' script. An attacker can exploit this vulnerability to include a local file from the web server and execute arbitrary code.
This exploit creates a file named CDTrustBackup.BAK with a single character 'A' and when the user tries to restore the backup file, the application crashes.
A buffer overflow vulnerability exists in Free MP3 CD Ripper 2.6 when a specially crafted WAV file is opened. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to insufficient boundary checks when processing WAV files. By sending a specially crafted WAV file, an attacker can cause a buffer overflow, which can be used to execute arbitrary code.
CompleteFTP Server is vulnerable to a directory traversal attack, allowing an attacker to access files and directories outside of the web root directory. This can be exploited by sending a specially crafted FTP request containing '..' directory traversal sequences. An attacker can use this vulnerability to gain access to sensitive files and directories outside of the web root directory.
Services By CQR