This exploit allows an attacker to gain access to a user's account by exploiting a SQL injection vulnerability in IP.Board 2.2.1. The attacker can use the vulnerability to inject a malicious SQL query into the application, which can be used to extract the user's password hash from the database. The attacker can then use the hash to log in to the user's account.
deV!L`z Clanportal (short "DZCP") is a suite of PHP scripts that allow anybody to create a feature-rich website for her online gaming clan. The attacker can run own code on the web sever with the same privileges as DZCP itself, enabling her to do almost anything from getting the MySQL password to hosting own files and scripts or getting a shell on the server. The attacker needs a file that is both a valid JPEG or GIF file and valid PHP (or probably other) code.
The NetBSD ftpd and the tnftpd port suffer from a remote stack overrun, which can lead to a root compromise. The bug is in glob.c file. The globbing mechanism is flawed as back in 2001. To trigger the overflow, an attacker can create a folder and use the globbing special characters (like STARS) to overflow an internal stack based buffer.
AtomixMP3 Player/Mixer fails to properly handle large file paths inside M3U files, the result is a stack based buffer overflow that allows an attacker to execute code in the context of the player.
A classical buffer overflow. if we supply less than 800 bytes of buffer we can trigger an access violation and we can overwrite SEH handler. btw stack gets too much contaminated with lowecase transforming, section repetitions and a lot of bad things that make exploiting quite impossible. Well... if we make it eat a thousand of bytes we can really overwrite some juicy RET sections and full controlling EIP.
A remote SQL injection vulnerability exists in LDU <= 8.x. An attacker can exploit this vulnerability by sending a crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, modify data, execute system commands, and even gain access to the underlying server.
Exporia is prone to a remote file-include vulnerability because the application fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible.
CakePHP is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
Line 67 of import-mt.php (blogs/inc/CONTROL/imports) contains a vulnerability that allows an attacker to include a remote file. The PoC requires register_globals and allow_url_fopen to be On.
evince-ps-field-bof.c is a C program created by K-sPecial (xzziroz.net) of .aware (awarenetwork.org) in 2006. It is a buffer overflow exploit for Evince, a document viewer. The exploit is triggered when a maliciously crafted PostScript file is opened in Evince. The exploit uses a shellcode from Metasploit to gain remote access to the system. The shellcode must be set to Encoder=None for it to work.
Services By CQR