The vulnerability exists in the index.php file of CascadianFAQ version 4.1 and earlier. By manipulating the catid parameter, an attacker can execute arbitrary SQL queries and retrieve sensitive information from the database. An example of a working exploit is provided in the text.
The PHPFootball 1.6 show.php script allows remote attackers to read sensitive information from the database by specifying the dbtable, dbfield, and dbfields parameters in a request.
This exploit allows an attacker to include local files on the target server using the vulnerable zd_numer.php script in Galeria Zdjec version 3.0.
The intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD)
The SSID and Device name settings in the wireless configuration do not sanitize their input. The VPN Tunnel name is also vulnerable for persistent XSS.
This script is used to fix certain data in a CVSTrac database after it has been attacked. It connects to the database using DBI and DBD::SQLite modules, and then iterates through various tables to fix any data that matches a specific pattern. The fixup function is used to check and modify the data if necessary. The script prints out the details of each adjustment it makes.
Bugzilla is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the server. Information harvested may aid in launching further attacks.
Vim is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.
This exploit takes advantage of the FTP server vulnerability in webfwlog version 0.92. By injecting code into the debug.php file, an attacker can read the contents of the conffile, which may contain sensitive information.
This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKBCopyD.exe when handling specially crafted packets. This module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3.