Horde help module remote execution is a vulnerability that allows an attacker to execute arbitrary code on a vulnerable system. The vulnerability is caused by a lack of input validation in the Horde help module, which allows an attacker to inject malicious code into the module. The code is then executed on the vulnerable system, allowing the attacker to gain access to the system and potentially execute malicious code.
A vulnerability exists in PHPMyChat 0.15.0dev which allows an attacker to execute arbitrary commands on the vulnerable system. This is due to the application not properly sanitizing user-supplied input to the 'SYS' parameter when passed to the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious commands to the vulnerable server. This vulnerability is only exploitable when 'magic_quotes_gpc' is set to 'Off'.
This module will execute an arbitrary payload on a Microsoft IIS installation that is vulnerable to the CGI double-decode vulnerability of 2001.
A vulnerability exists in PHPMyChat <= 0.14.5 which allows an attacker to execute arbitrary commands remotely. This is due to the lack of sanitization of the 'T' argument in the chat/messagesL.php3 file which is used in an INSERT query. The vulnerable code is located near lines 56-60 and the eval() function is used near line 197.
INDEXU <= 5.0.1 is vulnerable to a remote file inclusion vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute it on the vulnerable server. This exploit allows an attacker to execute arbitrary code on the vulnerable server.
This code snippet provides an example of how to handle errors in Windows using the WSAGetLastError() function. It includes a switch statement that assigns a string to the error code returned by the function.
This exploit allows an attacker to execute arbitrary code on the vulnerable server by exploiting a vulnerability in AngelineCMS 0.8.1. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'installPath' parameter in the 'loadkernel.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing an arbitrary command which will be executed on the vulnerable server.
This exploit is a proof-of-concept exploit for a buffer overflow vulnerability in Total Commander's unacev2.dll. When the file is created, the user can open the archive in Total Commander and then unpack it. The exploit is written in C and contains an array of malicious data that is written to a file called evil.ace.
VWar <= 1.5.0 R12 is vulnerable to a Remote File Inclusion vulnerability which allows an attacker to execute arbitrary code on the vulnerable server. This exploit allows an attacker to execute arbitrary code on the vulnerable server by sending a maliciously crafted HTTP request to the vulnerable server. The maliciously crafted HTTP request contains a URL pointing to a malicious file which is then included and executed on the vulnerable server.
PHPNuke-Clan 3.0.1 is vulnerable to a Remote File Inclusion vulnerability which allows an attacker to execute arbitrary code on the vulnerable server. This vulnerability is due to the 'modules/vWar_Account/includes/functions_common.php' script not properly sanitizing user input supplied to the 'vwar_root2' parameter. An attacker can exploit this issue to execute arbitrary PHP code on the affected computer with the privileges of the webserver process.
Services By CQR