When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder() does not adequately check that sections are in the correct order when a binary contains custom sections. This leads to a number of possible overflows and type confusion bugs, as parsing assumes most sections are unique and in the right order. The attached html file causes a crash in Safari, the wasm file is attached as well. This particular use of the bug causes an overflow in the function vector.
PMS 0.42 is prone to a local unauthenticated stack-based overflow. The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious crafted values.
Versions 0.2 to 0.3.5 of the Simple Fields WordPress plugin are vulnerable to local file inclusion if running on PHP <5.3.4. This can even lead to remote code execution, for example by injecting php code into the apache logs or if allow_url_include is turned on in php.ini. The vulnerability was fixed (commented out) in version 0.3.6 on 2011-02-03.
proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter.
GoldWave 5.70 is vulnerable to a local buffer overflow vulnerability when a maliciously crafted file is opened. This can be exploited to execute arbitrary code by corrupting the SEH chain and overwriting the return address with a pointer to the shellcode.
H2 Database is vulnerable to Alias Abuse. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This vulnerability was discovered by gambler in 2018 and affects all versions of H2 Database.
Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS before 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.
Create a thread with the following subject <p """><SCRIPT>alert("XSS")</SCRIPT>"> and navigate to the index to see a board wide persistent XSS alert.
There is a vulnerability in Cobub Razor 0.7.2 that allows an attacker to add an administrator user without authentication. An attacker can update the URL and save it to an HTML file, then open it to exploit the vulnerability.
Cross-site request forgery (CSRF) vulnerability in WolfCMS before 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings and can uninstall plugins by sending malicious request.
Services By CQR