VCDGEAR 3.50 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This module exploits a buffer overflow in Total Video Player 1.3.1. The vulnerability occurs opening malformed Settings.ini file e.g."C:Program FilesTotal Video Player". This module has been tested successfully over Windows WinXp-Sp3-EN
This module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICITY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE. The last one can be executed remotely through the WebView server. This module has been tested successfully in GE Proficy CIMPLICITY 7.5 with the embedded CimWebServer. This module starts a WebDAV server to provide the malicious BCL files. When the target hasn't the WebClient service enabled, an external SMB service is necessary.
The vulnerability allows an attacker to read files outside the intended directory by manipulating the 'phpbb_root_path' parameter in the 'configure.php' script. This can be exploited by appending a path traversal string like 'Evil?' to the URL.
The Forum Livre 1.0 application is vulnerable to SQL injection and cross-site scripting (XSS) attacks. The SQL injection vulnerability can be exploited by modifying the 'user' parameter in the 'info_user.asp' page. The XSS vulnerability can be exploited by injecting malicious code into the 'palavra' parameter in the 'busca2.asp' page.
The vulnerability exists in the print.asp file of the GPS 1.2 Content Managing System, allowing an attacker to inject SQL queries through the 'id' parameter. This can lead to unauthorized access and retrieval of sensitive information from the userdb table.
The vulnerability allows an attacker to inject SQL queries into the 'uid' parameter of the 'news_page.asp' page. By manipulating the SQL query, an attacker can potentially extract sensitive information from the database.
The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks.
Bound error occurs when parsing Palette Record and it causes Heap Overflow. The attack vector is through arbitrary data overwrite to the heap. The result of the heap overflow is denial of service (DOS). The pyExcelerator module needs to be modified to prevent the generation of Palette Record.
The Xero Portal v1.2 script is vulnerable to a Local File Include vulnerability. By manipulating the 'phpbb_root_path' parameter in various admin pages, an attacker can include arbitrary files from a remote server.