Remote exploit for the CA BrightStor Arcserve stack overflow
This module exploits a use-after-free vulnerability found in Internet Explorer. The flaw was most likely introduced back in 2013, therefore only certain builds of MSHTML are affected. In our testing with IE9, these vulnerable builds appear to be between 9.0.8112.16496 and 9.0.8112.16533, which implies August 2013 until early March 2014 (before the patch).
This exploit allows an attacker to include arbitrary files from a remote server by manipulating the 'phpbb_root_path' parameter in the 'portal.php' script. By including a malicious script, an attacker can execute arbitrary code on the target server.
DATAC RealWin SCADA server is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This may facilitate the complete compromise of affected computers. Failed exploit attempts may result in a denial-of-service condition.
This exploit allows an attacker to include arbitrary remote files in the target system using the 'phpbb_root_path' parameter in the 'functions.php' file of Omegaboard v1.0b4. By manipulating the 'phpbb_root_path' parameter, an attacker can execute malicious code or gain unauthorized access to the target system.
Omnicom Content Platform is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. To exploit this issue an attacker may need administrative privileges to the affected application. Exploiting the issue may allow the attacker to obtain sensitive information that could aid in further attacks.
The Hunkaray Duyuru Scripti (tr) is vulnerable to SQL Injection. An attacker can exploit this vulnerability to execute arbitrary SQL queries and potentially gain unauthorized access to the database.
The vulnerability allows remote attackers to execute arbitrary code on the target system by injecting a malicious shell command through the 'galleryfilesdir' parameter in the template.php file of JV2 Folder Gallery. This can be exploited to gain unauthorized access to the system or perform other malicious activities.
The Ping of Death is a type of attack where an attacker sends an oversized ping packet to a target system. This oversized packet can cause the target system to crash or become unresponsive, leading to a denial of service condition. The specific command mentioned in the text is an example of how the Ping of Death can be executed.
This form is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious code into the input fields, which will be executed by the victim's browser when the form is submitted. This can lead to unauthorized access, cookie theft, and other malicious actions.