ZipCentral is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This module exploits a code execution vulnerability in the IBM eGatherer ActiveX buffer overflow.
A remote file inclusion vulnerability exists in phpECard, which is a web-based e-card system. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server, which includes a URL in the include_path parameter of the functions.php script. This can allow the attacker to execute arbitrary code on the vulnerable server.
Streamripper is vulnerable to a buffer overflow when parsing the HTTP response header. The vulnerability is caused by a fixed size buffer of 50 bytes used to store the bitrate value, which can be longer than 50 bytes. This can lead to a buffer overflow and potentially allow an attacker to execute arbitrary code.
A vulnerability exists in ExBB Italian version <= v2.0, which allows a remote attacker to include a file from a remote host. The vulnerability is due to the 'home_path' parameter in the 'modules/userstop/userstop.php' script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to include arbitrary files from remote hosts, which can lead to the execution of arbitrary code on the vulnerable system.
MiniBill v1.22 Beta is vulnerable to a Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains a malicious URL in the config[plugin_dir] parameter, which is then included in the vulnerable script. This allows an attacker to execute arbitrary code on the vulnerable server.
A remote file inclusion vulnerability exists in Portail PHP mod_phpalbum 2.15. An attacker can exploit this vulnerability to include arbitrary remote files by sending a specially crafted HTTP request containing directory traversal sequences and a malicious URL in the 'chemin' parameter to the 'sommaire_admin.php' script.
A vulnerability exists in Web3news <= v0.95 due to improper validation of user-supplied input in the 'PHPSECURITYADMIN_PATH' parameter of the '/security/include/_class.security.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by supplying a malicious URL in the 'PHPSECURITYADMIN_PATH' parameter. This can be exploited to gain access to the vulnerable system.
The problem is that register_globals=On and in class2.php script unset() function is used to destroy global variables, but it is not enough to unset() GLOBALS array, because Zend Hash function used in PHP 4.4.1 and 5.0.6 to manage GLOBALS array, has a bug that allows to delete keys from GLOBALS array with Zend_Hash_Del_Key_Or_Index() function.
Some SQL injection vulnerabilities have been found in Cybozu Garoon 2. When exploited by a logon user, the vulnerabilities allow manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
Services By CQR