The GD Star Rating plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The exploit takes advantage of a stack overflow vulnerability in Mercur Messaging 2005 SP3 IMAP service. It allows an attacker to add a user with username 'x' and password 'x' to the admin group. The exploit has been tested on Windows 2000 Server SP4 in a VMware environment. The overflow occurs when the EBX register points to a buffer, which provides a maximum of 224 bytes of uninterrupted space for shellcode.
The vulnerability exists due to a NULL-pointer dereference condition in Battlefield 2 and Battlefield 2142. An attacker can exploit this vulnerability to crash the application, leading to a denial-of-service condition.
The IBM Lotus Sametime Server is vulnerable to a cross-site scripting (XSS) vulnerability due to insufficient sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a targeted user within the context of the affected site. This can lead to the theft of cookie-based authentication credentials and the launch of further attacks.
The IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The UltraCam ActiveX Control 'UltraCamX.ocx' suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code.
Batavi is prone to multiple local file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute local files within the context of the affected application. The attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
The vulnerability allows an attacker to inject SQL commands into the application's database queries, potentially allowing unauthorized access to the database or manipulation of its contents. The specific exploit involves injecting a UNION SELECT statement to retrieve sensitive information from the admins table.
PHP 5.5.12 suffers from a memory corruption vulnerability that could potentially be exploited to achieve remote code execution. The vulnerability exists due to inconsistent behavior in the get_icu_value_internal function of extintllocalelocale_methods.c. In most cases, get_icu_value_internal allocates memory that the caller is expected to free. However, if the first argument, loc_name, satisfies the conditions specified by the isIDPrefix macro (figure 1), and fromParseLocal is true, loc_name itself is returned. If a caller abides by contract and frees the return value of such a call, then the pointer passed via loc_name is freed again elsewhere, a double free occurs.
This module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware versions but due to the available test device this module only supports the DS-7204 model.