The 1CLICK DVD Converter is prone to multiple vulnerabilities that allow attackers to execute arbitrary code. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
The vulnerability allows attackers to execute arbitrary code by enticing a legitimate user to open a file from a network share location containing a specially crafted DLL file.
PluXml is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Ronny CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
This exploit allows an attacker to include local files on the target system by manipulating the 'file' parameter in the URL. By specifying a relative path to a sensitive file, such as the PHP configuration file or the password file, the attacker can view the contents of these files.
IPFire <= 2.15 core 82 Cgi Web Interface suffers from Authenticated Bash Environment Variable Code Injection (CVE-2014-6271). IPFire is a free Linux distribution which acts as a router and firewall in the first instance. It can be maintained via a web interface. The distribution furthermore offers selected server-daemons and can easily be expanded to a SOHO-server. IPFire is based on Linux From Scratch and is, like the Endian Firewall, originally a fork from IPCop.
The Torrent DVD Creator application is vulnerable to a DLL hijacking exploit. An attacker can trick a user into opening a file from a network share location that contains a specially crafted DLL file, which allows the attacker to execute arbitrary code.
The 'com_jstore' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
The vulnerability allows attackers to execute arbitrary code by tricking a user into opening a specially crafted DLL file from a network share location using Notepad++ 5.8.2. The exploit code presented in the text demonstrates the execution of a message box, but it can be modified to execute any arbitrary code.
The e2eSoft VCam application is prone to a vulnerability that allows attackers to execute arbitrary code. This can be exploited by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.