This exploit leverages a buffer overflow vulnerability in the Easy File Management Web Server v5.3. By sending a specially crafted UserID string, an attacker can overflow the buffer and execute arbitrary code.
The vulnerability allows an attacker to disclose the path of sensitive files on the server and execute arbitrary code by injecting a shell command in the 'path_to_smf' parameter in two different PHP files: 'logout.php' and 'get_session_vars.php'. This vulnerability was discovered by ThE dE@Th from the AsB-MaY DiScOvEr ExPlIoTs Gr0uP.
The vulnerability allows an attacker to crash the affected browser, resulting in a denial-of-service condition. Memory corruption or code execution might be possible, but it has not been confirmed.
The vulnerability allows an attacker to crash the affected browsers, resulting in a denial-of-service condition. Memory corruption or code execution may be possible but has not been confirmed.
Huski Retail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Huski CMS is prone to a local file-include vulnerability due to insufficient sanitization of user-supplied data. An attacker can exploit this vulnerability to compromise the application and the computer, and perform other possible attacks.
SystemTap is prone to multiple local memory-corruption vulnerabilities. An attacker may exploit these issues to execute arbitrary code with SYSTEM privileges. Failed exploit attempts will result in a denial of service.
An attacker can exploit the cross-site request forgery issue to alter the settings on affected devices. This may lead to further network-based attacks, including command-injection attacks to the device's underlying operating system, which can lead to a complete compromise of a vulnerable device. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible.
Attackers can gain administrative access, execute arbitrary script code in the browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This module exploits a flaw (0 day) in DBMS_JVM_EXP_PERMS package that allows any user with create session privilege to grant themselves java IO privileges. Works on 11g R1 and R2 (Windows only).