PCRE is prone to a buffer-overflow vulnerability because the library fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of an application using the PCRE library. Failed attacks may result in denial-of-service conditions.
The vulnerability allows an attacker to perform SQL injection attacks by manipulating user-supplied data in an SQL query. By exploiting this vulnerability, an attacker can compromise the application, access or modify data, or exploit other vulnerabilities in the database.
Last Wizardz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
EmiratesHost is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks.
DeluxeBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The exploit bypasses full ASLR, DEP, and EMET 4.1.X in Internet Explorer 8.
The TVUPlayer ActiveX control in TVUPlayer 2.4.9beta1 allows attackers to overwrite arbitrary local files on the victim's computer through a crafted XML package. This vulnerability can be exploited in the context of the vulnerable application, typically Internet Explorer, using the ActiveX control.
The VMware View application fails to properly sanitize user-supplied data, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially allowing the attacker to steal authentication credentials and launch further attacks.
This exploit takes advantage of a reference counter overflow vulnerability in PHP 4. By creating a string with the same size as a Hashtable and creating a large number of references to it, the reference counter overflows and the string gets freed. Then, by freeing more zvals and creating a new array with a specific key, the exploit gains access to the Hashtable's content and can execute code in the shellcode.
ShopEx Single is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR