The vulnerability allows an attacker to include arbitrary files from the server by manipulating the 'phpbb_root_path' parameter in the URL.
VLC Media Player contains a flaw that is triggered as user-supplied input is not properly sanitized when handling a specially crafted M2V file. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
VLC Media Player contains a flaw that is triggered as user-supplied input is not properly sanitized when handling a specially crafted FLV file. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
This exploit allows an attacker to perform a blind SQL injection attack on the Joomla Component D4JeZine version 2.8 or below. The exploit uses a one character brute force technique to extract sensitive information from the database.
This is a proof of concept exploit for the DRCATD remote exploit vulnerability. It allows an attacker to execute arbitrary code remotely.
An attacker can exploit this issue to download arbitrary attachment files within the context of the affected application.
The CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application (typically Internet Explorer) that uses the ActiveX control. Attackers may execute arbitrary code with user-level privileges.
Attackers can exploit this issue to cause the server to dereference an invalid memory location, resulting in a denial-of-service condition. Due to the nature of this issue arbitrary code-execution maybe possible; however this has not been confirmed.
Joomla! CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The 'Pretty Link Lite' plugin for WordPress is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.