RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successful exploits may allow an attacker to execute arbitrary code in the context of a user running an application that uses the affected library. Failed exploit attempts may crash the application, denying service to legitimate users.
Successful exploits will allow attackers to make the affected computer unresponsive, denying service to legitimate users.
Aigaion is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
This exploit allows an attacker to change the admin login and password in Guestbara version 1.2. The attacker can modify the admin email, admin name, and admin password through a form submission. The exploit is performed by sending a POST request to the configuration.php file with the necessary parameters.
This exploit allows an attacker to upload a shell to a website using the Creative Contact Form plugin in Wordpress version <= 0.9.7 or the Creative Contact Form extension in Joomla version <= 2.0.0. The vulnerability was discovered by Gianni Angelozzi. The exploit was written by Claudio Viviani. The exploit works by creating a multipart header with the payload and sending it to the target website.
Freefloat FTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to retrieve arbitrary files outside of the FTP server root directory. This may aid in further attacks.
This exploit allows an attacker to execute arbitrary code remotely on Net Portal Dynamic System (NPDS) version 5.10 and below. The exploit works regardless of PHP settings.
The Techno Dreams FAQ Manager Package is prone to an SQL-injection vulnerability due to insufficient sanitization of user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Techno Dreams Articles & Papers Package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Attackers can exploit this issue to gain administrative control of the affected application.