The Enemy Territory: Quake Wars application is prone to a remote buffer overflow vulnerability due to inadequate boundary checks on user-supplied input. Attackers can exploit this vulnerability to execute arbitrary code within the application's context. Failed attacks may result in denial-of-service conditions.
This exploit targets the mssql_connect() and mssql_pconnect() functions in PHP versions <= 4.4.6. It allows for local buffer overflow and can also bypass the safe_mode restriction. The exploit is specific to Windows 2000 SP3 EN with a SEH overwrite. It was created by rgod as a contribution to MOPB.
The vulnerability allows an attacker to inject malicious code into the Skype ID field of a user's profile, leading to a persistent XSS attack.
The exploit allows an attacker to perform SQL injection, disclose passwords, and execute remote code execution (RCE) in Pligg version 2.0.1 and below. The vulnerability is found in the recover.php file, where user input is not properly sanitized before being used in SQL queries. By manipulating the 'id' and 'n' parameters, an attacker can inject malicious SQL code and retrieve sensitive information or execute arbitrary code. This can lead to unauthorized access, data disclosure, and potential system compromise.
KubeSupport is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
1. Hardcoded cookie to access the admin section: The file storlib.js contains a function get_cookie() which checks for the presence of a hardcoded cookie 'LoginUser=admin' in the document's cookies. If the cookie is not found, it redirects to the index.html page. This allows an attacker to bypass authentication by setting the cookie manually.2. Authentication bypass: By creating the cookie 'LoginUser=admin' and accessing specific URLs, an attacker can gain access to admin features such as enabling/disabling the Telnet server and managing users.
This exploit allows an attacker to perform a remote BLIND SQL injection attack on the Links Management Application V1.0 (lcnt) script. By exploiting this vulnerability, an attacker can retrieve the admin username and password.
The Gallery XML Joomla! component is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database; by using directory-traversal strings to execute local script code in the context of the application, the attacker may be able to obtain sensitive information that may aid in further attacks.
An attacker can exploit this vulnerability in Chrome Engine 4 to crash the affected server, leading to denial-of-service conditions.
Firebook is prone to multiple cross-site scripting vulnerabilities and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, and to view arbitrary local files and directories within the context of the webserver. This may let the attacker steal cookie-based authentication credentials and other harvested information may aid in launching further attacks.