$whereClause and $whereClauseT and $whereClauseW and $whereClause2W variables are not properly escaped in the ad.class.php file of Simple Ads Manager plugin.
This is a remote buffer overflow exploit for webdesproxy[v0.0.1] on the cygwin platform. The vulnerability occurs in the strncpy function call in webdesproxy.c on line 111.
notepad++ contains a buffer overflow vulnerability in the way it processes ruby source files (.rb). This exploit works by overwriting EAX which gets called during processing as 'CALL DWORD EAX+4', so EAX needs to point to a user-controlled area that contains another address which will then become EIP. Once EIP is controlled it simply jumps a little bit forward in memory to the nop sled/shellcode.
A remote overflow exists in the KiTTY Chat feature, which enables a remote attacker to execute code on the vulnerable system with the rights of the current user, from Windows XP x86 to Windows 10 x64 included (builds 10240/10586). Chat feature is not enabled by default. When sending a long string to the KiTTY chat server as nickname, a crash occurs. The EIP overwrite does let little room for exploitation (offset 54) with no more than 160 to 196 bytes for the shellcode from XP to Windows10. Using a Metasploit
The vulnerability allows an attacker to perform SQL injection by manipulating the 'id' parameter in the URL. By using a UNION SELECT statement, the attacker can retrieve sensitive information such as usernames and passwords from the database.
VideoCharge Studio is prone to a remote stack-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
This exploit targets the PrecisionID Barcode ActiveX control, specifically the PrecisionID_DataMatrix.DLL version 1.3. By sending a specially crafted input, an attacker can cause a denial of service condition in the affected software. The exploit code is written in VBScript and utilizes a buffer overflow vulnerability.
This is a remote root exploit for AppleFileServer. It allows an attacker to gain root access to the target system.
This exploit allows an attacker to include remote files by manipulating the 'languagePath' parameter in the 'splash.lang.php' file of the Beacon 2.0 application.
The Yaap script is affected by a bug in the common.php file, specifically in the include_once function call. This vulnerability allows an attacker to execute arbitrary shell code by manipulating the 'root_path' parameter in the URL.