header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

CA Brightstor Backup Mediasvr.exe Remote Code Exploit

There seems to be an design error in the handling of RPC data with xdr procedures across several .dll's imported by Mediasvr.exe. Four bytes from an RPC packet are processed as a particular address (xdr_handle_t data which is run through multiple bit shifts, and reversing of bytes), and eventually loaded into ECX. The 191 (0xbf) procedure, followed by nulls (at least 8 bytes of nulls, which may be Null Credentials and Auth?) leads to an exploitable condition. At this point, you have control of ECX (esp+8 is your address data). The data from the packet is stored in memory and is relatively static (see NOTE). The address is then loaded into EAX, and then called as EAX+2Ch, which is controllable data from the packet. In this code, I just jump ahead to the portbinding shellcode. NOTE: The only issue I have found is when the system is rebooted, the packet data appears at a higher memory location when Mediasvr.exe crashes and is restarted. I have accounted for this in the code, when the port that Mediasvr.exe is listening on is below TCP port 1100, which is usually only after a reboot

Cross-Site Scripting Vulnerabilities in eShop Plugin for WordPress

The eShop plugin for WordPress is vulnerable to multiple cross-site scripting vulnerabilities due to inadequate input sanitization. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other malicious activities.

Remote Denial-of-Service Vulnerability in Adobe Flash Media Server

The Adobe Flash Media Server is prone to a remote denial-of-service vulnerability. Successful exploits will allow attackers to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed.

BlueSoft Rate My Photo Site SQL Injection Vulnerability

The BlueSoft Rate My Photo Site is vulnerable to SQL injection due to insufficient sanitization of user-supplied data used in SQL queries. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the underlying database.

BlueSoft Banner Exchange SQL Injection Vulnerability

BlueSoft Banner Exchange is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

OpenEMR Multiple Cross-Site Scripting Vulnerabilities

OpenEMR is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Cross-Site Scripting Vulnerability in Search Network

The Search Network is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.

Softbiz Recipes Portal script Cross-Site Scripting Vulnerabilities

The Softbiz Recipes Portal script is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data, allowing an attacker to execute arbitrary script code in the context of the affected site. By exploiting these vulnerabilities, an attacker can steal cookie-based authentication credentials and launch further attacks.

Xoops Module MyAds Bug Fix <= v2.04jp (index.php cid) BLIND SQL Injection Exploit

The Xoops Module MyAds Bug Fix <= v2.04jp (index.php cid) has a blind SQL injection vulnerability that allows an attacker to execute arbitrary SQL queries on the database. The vulnerability exists in the 'cid' parameter of the 'index.php' file. By injecting SQL queries, an attacker can bypass authentication and gain unauthorized access to the database.

Recent Exploits: