This vulnerability allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a BGSOUND element. This vulnerability affects Internet Explorer 7.0 Beta 2 when running on Windows XP SP2. The vulnerability is due to a boundary error within the urlmon.dll library when processing a long string in the SRC attribute of a BGSOUND element. This can be exploited to cause a stack-based buffer overflow by tricking a user into visiting a malicious web page.
This exploit shows the username of the administrator and the password In plain text. It uses LWP::UserAgent and HTTP::Cookies to login and store a cookie to view the admin panel later. It then creates a request and checks the outcome of the response to get the username and password.
This exploit allows an attacker to execute arbitrary commands on a vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'ask' parameter of the 'myquiz.pl' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious commands to the vulnerable system. Successful exploitation of this vulnerability can result in arbitrary command execution on the vulnerable system.
This exploit allows an attacker to gain access to the user's password hash by exploiting a SQL injection vulnerability in phpBB 2.0.19.
Clever Copy <= 3.0 is vulnerable to an SQL injection vulnerability. This vulnerability allows an attacker to gain access to the admin authentication details. This exploit works when magic_quotes_gpc is set to Off.
LoudBlog 0.4 is vulnerable to remote code execution. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This will allow the attacker to execute arbitrary code on the server.
This exploit allows an attacker to gain access to the MD5 hash of a user's password by exploiting a SQL injection vulnerability in IPB Portal 1.3. The vulnerability exists in the 'index.php' file, which allows an attacker to inject malicious SQL code into the 'act' and 'site' parameters. By exploiting this vulnerability, an attacker can gain access to the MD5 hash of a user's password.
This module exploits a stack overflow in the log handler of Samftpd. It sends an evil buffer containing a payload and 5 return addresses to the remote FTP server.
Multiple buffer overflows are present in the handling of command line arguements in chpasswd. The bug allows a hacker to exploit the process to run arbitrary code.
This exploit takes advantage of a vulnerability that was discovered by Eric Smith on January 12, 2006 (bid:16217). The vulnerability exists in the way the affected versions of Cisco Aironet 350 IOS, Cisco Aironet 1400, Cisco Aironet 1300, Cisco Aironet 1240AG, Cisco Aironet 1230AG, Cisco Aironet 1200, Cisco Aironet 1130AG, and Cisco Aironet 1100 handle ARP replies. If enough specially crafted ARP packets are sent on the network with the affected systems, it will cause the access point memory exhaustion which will in a few seconds (depending on the speed of the attacker and the memory of the target) crash the system, making all ingoing/outgoing traffic stopped.
Services By CQR