This exploit causes a denial of service in Arm Whois 3.11 by creating a text file with 700 'A' characters and pasting the content of the file into the 'IP address or domain' field of the application. This causes the application to crash.
A denial of service vulnerability exists in WebDrive 18.00.5057 when a maliciously crafted string is copied to the clipboard and pasted into the username field, resulting in a crash of the application.
Artha The Open Thesaurus 1.0.3.0 is vulnerable to a denial of service attack. An attacker can create a malicious file containing a large number of 'A' characters, which when opened in the application will cause it to crash. This can be used to deny access to the application.
SmartFTP Client 9.0.2615.0 is vulnerable to a denial of service attack when a specially crafted string is sent to the application. This causes the application to crash when the user attempts to paste the string into the 'Host' field of the 'Connection' window.
An arbitrary file upload vulnerability exists in Simple PHP Shopping Cart 0.9. An attacker can exploit this vulnerability to upload malicious files to the web server and execute arbitrary code. This vulnerability is due to insufficient validation of the uploaded file type. An attacker can exploit this vulnerability by sending a malicious file with a double extension such as shell.php.jpg. This will bypass the validation and allow the attacker to upload the malicious file to the web server.
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter.
Instagram Clone 1.0 is vulnerable to an arbitrary file upload vulnerability. An attacker can upload a malicious file to the web server by sending a specially crafted HTTP request to the add_profile.php page. This can be exploited to execute arbitrary code on the web server.
Notes Manager 1.0 is vulnerable to an arbitrary file upload vulnerability. An attacker can upload a malicious file to the web server by sending a specially crafted HTTP request. This can be exploited to execute arbitrary code on the web server.
A vulnerability exists in University Application System 1.0 which allows an attacker to inject malicious SQL commands and perform Cross-Site Request Forgery (CSRF) attacks. The vulnerability is located in the 'process.php' script when processing to add a new admin user. Attackers can inject malicious SQL commands to add a new admin user and perform CSRF attacks.
Expense Management 1.0 is vulnerable to an arbitrary file upload vulnerability. An attacker can upload a malicious file to the web server by sending a specially crafted HTTP request with a malicious file attached. This can be exploited to execute arbitrary code on the web server.
Services By CQR