The WebBuilder version 2.0 is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by including a malicious file using the 'GLOBALS[core][module_path]' parameter in the StageLoader.php file. This allows the attacker to execute arbitrary code on the affected system.
CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system.
This exploit allows an attacker to include arbitrary files from remote servers.
The SIPS version 0.3.1 and earlier is vulnerable to remote file inclusion. The 'box.inc.php' file does not properly validate user input, which allows an attacker to include remote files and execute arbitrary code.
Nokia PC Suite is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This may facilitate the complete compromise of affected computers. Failed exploit attempts may result in a denial-of-service condition.
This module exploits a default hardcoded private SSH key or default hardcoded login and password in the vAPV 8.3.2.17 and vxAG 9.2.0.34 appliances made by Array Networks. After logged in as the unprivileged user, it's possible to modify the world writable file /ca/bin/monitor.sh with our arbitrary code. Execution of the arbitrary code is possible by using the backend tool, running setuid, to turn the debug monitoring on. This makes it possible to trigger our payload with root privileges.
Remote exploit for the CA BrightStor Arcserve stack overflow
This module exploits a use-after-free vulnerability found in Internet Explorer. The flaw was most likely introduced back in 2013, therefore only certain builds of MSHTML are affected. In our testing with IE9, these vulnerable builds appear to be between 9.0.8112.16496 and 9.0.8112.16533, which implies August 2013 until early March 2014 (before the patch).
This exploit allows an attacker to include arbitrary files from a remote server by manipulating the 'phpbb_root_path' parameter in the 'portal.php' script. By including a malicious script, an attacker can execute arbitrary code on the target server.
DATAC RealWin SCADA server is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This may facilitate the complete compromise of affected computers. Failed exploit attempts may result in a denial-of-service condition.
Services By CQR