ATFTP is vulnerable to a buffer overflow when a maliciously crafted packet is sent to the server. The packet contains a long string of NOP instructions followed by shellcode and an address to jump to. The address points to a CALL ESP instruction in IMM32.dll on Windows 2000 Server SP4 Italian. This allows an attacker to execute arbitrary code on the vulnerable system.
PLS-Bannieres is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'language' and 'footerpage' parameters to the 'activate.php' script. This can be exploited to include arbitrary local and remote files by passing directory traversal strings to the 'language' parameter and a URL to the 'footerpage' parameter.
mx_tinies 1.3.0 is vulnerable to a file include vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system. The vulnerability is caused due to the 'module_root_path' parameter in 'common.php' script not properly sanitized before being used to include files. This can be exploited to include arbitrary local or remote files containing malicious code and execute it in the context of the webserver process. The attacker can also include remote files containing arbitrary HTML and script code and execute it in the victim's browser.
Shop-Script is prone to multiple HTTP response-splitting vulnerabilities because the application fails to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
This vulnerability allows an attacker to download any file that the webserver has access to, including files outside of the SFM directory. This can be used to gain access to sensitive information such as passwords, configuration files, etc.
Microsoft Class Package Export Tool ('clspack.exe') is prone to a local buffer-overflow vulnerability because the application fails to properly size attacker-supplied data before copying it into an insuficiently sized memory buffer. Exploiting this issue allows local attackers to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users.
A vulnerability exists in Ultimate HelpDesk All Version, which allows an attacker to inject malicious code into the application. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is located in the 'filename' parameter of the 'getfile.asp' script and the 'keyword' parameter of the 'index.asp' script. Successful exploitation requires that the attacker has knowledge of the application's directory structure and the ability to inject malicious code into the application.
BlazeVideo HDTV v2.1 and prior fails to properly handle large file paths inside PLF files, the result is a stack based buffer overflow that allows an attacker to execute code in the context of the player.
ContentServ is a cms and "cross media publishing" software. It is vulnerable to remote file reading, which allows an attacker to read arbitrary files on the server. This exploit was first discovered in 2005 and is still present in the latest version of ContentServ.
Services By CQR