A vulnerability exists in WPS to RTF convert filter that is part of Microsoft Office 2003. It could be exploited by a remote attacker to take complete control of an affected system. This issue is due to a stack overflow error in a function that reads sections from a WPS file. When the size of a section is changed to a number larger than 0x10, a stack overflow occurs - very easy to exploit.
This is a proof-of-concept exploit for a denial of service vulnerability in Windows Metafile Format (WMF) files. It generates a malicious WMF file that can cause the Windows Explorer in Windows XP to crash when browsing a folder containing the file.
The script creates a disk image with an arbitrary volume name. It uses the 'hdiutil' command-line tool to create the disk image with the specified size, file system, and volume name. The volume name is generated randomly using characters from the ASCII character set. The script then reads the created disk image and prints information about it, including the length of the volume name and the size of the disk image in bytes.
This Perl script attempts to log in to a MySQL server using a zero-length password. It sends a login packet with a zero-length password hash and checks the server's reply.
This exploit targets the Wordpress version 2.0.6 and below. It takes advantage of a vulnerability in the wp-trackback.php file to perform a SQL injection attack and disclose the admin hash. The exploit requires the server to have register_globals=on and PHP version between 4.0.0 and 4.4.2 or between 5.0.0 and 5.1.3. The exploit was created by rgod and the contact details for the author are provided in the script. The exploit can be used to retrieve sensitive information from the target server.
OpenBSD bgplg is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Axiom 0.8.6 photo gallery (template.php) is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by providing a malicious file as the baseAxiomPath parameter in the template.php file. This allows the attacker to execute arbitrary code on the server.
This module exploits the buffer overflow found in the LIST command in FileCopa FTP server pre 18 Jul 2006 version discovered by www.appsec.ch.
The uniForum version 4 (wbsearch.aspx) is vulnerable to remote SQL injection. An attacker can exploit this vulnerability by sending a specially crafted request to the wbsearch.aspx page. By manipulating the input parameters, an attacker can inject malicious SQL code into the application's database query, allowing for unauthorized access or manipulation of data.
The vulnerability exists due to a lack of proper sanitization of user-supplied input. An attacker can exploit this issue by sending a specially crafted request to retrieve arbitrary files in the context of the webserver process. This information can be used to launch further attacks.
Services By CQR