The Halon Security Router is affected by multiple vulnerabilities including Reflected XSS, CSRF, and Open Redirect. The Reflected XSS vulnerability allows an attacker to inject malicious scripts into the application, potentially leading to unauthorized access or data theft. The CSRF vulnerability allows an attacker to trick a user into performing unwanted actions on behalf of the user, potentially leading to unauthorized changes in the system. The Open Redirect vulnerability allows an attacker to redirect users to malicious websites, potentially leading to phishing attacks or malware downloads.
This is a MySQL backdoor kit for Windows based on the UDFs (User Defined Functions) mechanism. Use it to spawn a reverse shell (netcat UDF on port 80/tcp) or to execute single OS commands (exec UDF). Don't forget to edit the MySQL bin path below according to your target's configuration.
The "ps" command on HP OSF1 v5.1 Alpha allows unprivileged users to see values of all processes environment variables. This can be used for information discovery.
The bug discovered by AmesianX in powerhacker.net can crash Microsoft Internet Explorer 6 when executing a 'for' script. The impact of this vulnerability is a denial of service.
This exploit allows remote attackers to execute arbitrary code or deface the website running GGCMS v1.1.0 RC1. The vulnerability is caused by insufficient input validation in the software.
The vulnerability exists in the DSpellCheck plugin of Notepad++ version 1.2.12.0. By entering a large number of characters in the 'hunspell dictionaries path' field, an access violation exception occurs, leading to a denial of service.
Crash PoC for EagleGet 1.1.8.1 tested on Windows XP SP3. Creating "Setting.dat" file. The exploit causes a Denial of Service (DoS) by creating a large string in the defualt_dl_path parameter.
Using a specially crafted HTTP request to the administration web server, it is possible to exploit a lack in the user input validation. Successful exploitation of the vulnerability may result in remote code execution. Unsuccessful exploitation of the vulnerability may result in a Denial of Service of the administrative interface.
This is a remote file include exploit for Categories hierarchy v2.1.2 script. It allows an attacker to include a remote file by manipulating the 'phpbb_root_path' parameter in the 'class_template.php' file.
The 'xterm' program is prone to a remote command-execution vulnerability because it fails to sufficiently validate user input. Successfully exploiting this issue would allow an attacker to execute arbitrary commands on an affected computer in the context of the affected application.
Services By CQR