A buffer overflow vulnerability exists in the ConnectWithString() function of the program. The vulnerability is caused due to a lack of proper validation of user-supplied input when handling the 'string' argument. An attacker can exploit this vulnerability by supplying a specially crafted string argument to the ConnectWithString() function, resulting in a buffer overflow and potentially allowing arbitrary code execution.
ActFax Server is vulnerable to a remote buffer overflow exploit. The exploit is triggered when a malicious payload is sent to the server via the LPD/LPR protocol. The payload contains an egghunter EDI encoded shellcode which is then executed on the vulnerable system. This exploit was discovered by chap0 in 2011 and affects ActFax Server version 4.25, Build 0221 (2010-02-11).
A vulnerability exists in PHPCollab v2.x and NetOffice v2.x in the 'forgotten password' feature, where an attacker can send themselves the admin (md5(), crypt() or plain text) password by submitting a 'loginForm' POST value to the general/sendpassword.php script.
A buffer overflow vulnerability exists in the Windows Sockets library <= v1.1 (WSOCK32.DLL) which can be exploited by sending a specially crafted packet to the vulnerable system. Successful exploitation could allow an attacker to execute arbitrary code on the target system.
A cross-site request forgery vulnerability in dotProject 2.1.5 can be exploited to create a new admin. The exploit involves sending a malicious POST request to the application with the necessary parameters to create a new admin user.
A buffer overflow vulnerability exists in Winsock due to improper bounds checking of user-supplied data. An attacker can exploit this vulnerability by sending a specially crafted packet to the affected system, resulting in arbitrary code execution.
CuteNews 1.4.1 (and Below) is vulnerable to a Remote Code Execution vulnerability. This vulnerability allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'command' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious code to the vulnerable system.
This exploit allows an attacker to retrieve the admin password hash from the tftgallery 0.10 application. The exploit sends a GET request to the admin/passwd page and retrieves the password hash from the response. The plaintext password can then be retrieved using John the Ripper.
phpBookingCalendar is prone to a SQL injection attack. The attack works regardless of any magic_quotes_gpc settings. An attacker can exploit this issue to gain access to the application and potentially gain access to the underlying database.
This exploit is used to gain administrative access to a website running php ticket version 0.71 or lower. The exploit works by sending two POST requests to the search.php page with the user's credentials. If the exploit is successful, the user will be redirected to the admin page.
Services By CQR