A stack overflow vulnerability exists in WarFTP 1.65, which can be triggered by sending a long username (>480 bytes) along with the USER ftp command. This exploit binds a shell on TCP port 4444 and connects to it.
The DragDropCart application is prone to multiple cross-site scripting vulnerabilities due to insufficient sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially stealing authentication credentials and launching further attacks.
Input passed to the "$moddir" parameter in load.inc.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
Input passed to the "$base_path." parameter in base.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
The 'com_tax' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This exploit allows an attacker to perform SQL injection in the search.asp page of JGBBS 3.0beta1. By injecting a specially crafted SQL query in the 'author' parameter, an attacker can retrieve sensitive information from the database.
This is an exploit for a buffer overflow vulnerability in the squid-2.4.1/lib/rfc1035.c file. The exploit allows remote attackers to execute arbitrary code on the target system. The vulnerability was discovered by scut in 2001 and further researched by lorian. The exploit code was written by lorian, with additional modifications by scut.
OpenText LiveLink is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The vulnerability in Microsoft Excel allows an attacker to execute arbitrary code within the application. Exploiting this issue may also lead to denial-of-service conditions.
The Sothink SWF Decompiler is prone to a vulnerability that allows attackers to execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to open a file from a network share location that contains a specially crafted DLL file.
Services By CQR