Ayukov NFTP FTP Client version 2.0 and below is vulnerable to a buffer overflow vulnerability. An attacker can exploit this vulnerability by sending a specially crafted MKD command with a long string of data to the FTP server. This will cause a buffer overflow and overwrite the EIP register, allowing the attacker to execute arbitrary code on the vulnerable system.
EZ CD Audio Converter 8.0.7 is vulnerable to a Denial of Service (DoS) attack due to a Local Buffer Overflow. The vulnerability can be triggered by running a python code that creates a file with a malicious payload of 10000 bytes, copying the content of the file to the clipboard, opening the EZ CD Audio Converter application, pasting the content of the file into the 'Key' field, and then observing a crash.
The parameter under /install/index.php is that the Database name has reflective XSS. The Database name, username and password must be correct. An example exploit is <script>alert(1)</script>
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'selectedPlace' parameter of the 'addIcon.php' script. A remote attacker can execute arbitrary SQL commands in the application database, cause denial of service, access or modify data, or exploit vulnerabilities in the underlying database. An example payload is 'selectedPlace=1 AND (SELECT * FROM (SELECT(SLEEP(1)))abcD); -- -'
A buffer overflow vulnerability exists in NBMonitor Network Bandwidth Monitor 1.6.5.0 when a maliciously crafted 'Name' field is supplied, which could allow an attacker to cause a denial of service condition.
Iperius Backup 5.8.1 is vulnerable to a buffer overflow vulnerability when a maliciously crafted file is opened. This can be exploited to execute arbitrary code by causing a stack-based buffer overflow via a specially crafted file. The vulnerability is due to a lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.
Terminal Services Manager 3.1 is vulnerable to a buffer overflow vulnerability when importing from files. An attacker can exploit this vulnerability by creating a malicious file and importing it into the application, which will cause a buffer overflow and allow the attacker to execute arbitrary code on the target system.
Product Key Explorer 4.0.9 is vulnerable to a Denial of Service attack when a maliciously crafted payload is pasted into the Registration Key/Name field. This causes the application to crash.
Unrestricted file upload in record upload process allowing arbitrary extension. An attacker can upload a malicious file with an arbitrary extension to the WordPress media upload directory and access it by guessing the filename if directory listing is disabled.
This exploit is used to gain access to the Kubernetes API server. It uses two stages of requests to the API server to open a pipe and execute code on the target. The first stage is used to open the pipe and the second stage is used to execute the code.
Services By CQR