BlazeVideo HDTV Player is prone to a stack-based buffer-overflow vulnerability because the application fails to handle malformed playlist files. An attacker can exploit this issue to execute arbitrary code within the context of the application or to trigger a denial-of-service condition.
The vulnerability allows an attacker to include a remote file in the 'lib_head.php' file, which can lead to remote code execution.
The exploit overwrites the UnhandledExceptionFilter in Windows 2000 SP0 with the address of call dword ptr [esi +4C] located in user32.dll. At the time when UEF is called esi +4C contains a pointer to the shellcode. The exploit opens a shell on TCP port 4444.
The chernobiLe Portal 1.0 (default.asp) is vulnerable to remote SQL injection. An attacker can exploit this vulnerability to execute arbitrary SQL commands on the target system.
This exploit is a buffer overflow vulnerability in the Linux umount utility. It allows an attacker to execute arbitrary code with root privileges by providing a specially crafted argument to the umount command.
EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This vulnerability allows an attacker to inject and execute malicious code through the 'server_base_dir' parameter in the xt_counter.php script. By supplying a specially crafted value for 'server_base_dir', an attacker can execute arbitrary code on the server.
SWAT 4 is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle certain input. An attacker may exploit these issues to crash the affected application, denying service to legitimate users.
This module exploits a stack-based buffer overflow vulnerability in ALLPlayer 2.8.1, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .M3U file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows 7 SP1.
This exploit allows an attacker to remotely include a file in the Drunken:Golem Gaming Portal, version 1.2. By manipulating the 'root_path' parameter in the 'phpIRC.php' script, an attacker can execute arbitrary code on the target system. The exploit uses a shell located at 'http://pang0.by.ru/shall/pang057.zz' to execute commands.