The vulnerability allows an attacker to perform SQL injection attacks on the GaziYapBoz Game Portal. By injecting SQL queries into certain parameters, an attacker can retrieve sensitive information from the database.
The application suffers from an unquoted search path issue impacting the service 'atserver' for Windows deployed as part of atvise SCADA. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local userβs code would execute with the elevated privileges of the application.
Ultra ISO is exploitable via opening a specially crafted Cue file. There is a limitation that the user must have the bin file in the same directory as the cue file. Command execution is possible as we can control $ebp and $eip registers.
DotNetNuke 07.04.00 does not prevent anonymous users from accessing the installation wizard, allowing a remote attacker to 'reinstall' DNN and gain unauthorized access as a SuperUser. Previous versions of DotNetNuke may also be affected.
The vulnerability allows an attacker to create references to BPF programs, which can overflow the 32-bit reference counters in the kernel. By filling approximately 32GB of memory, the overflow can occur, subject to RLIMIT_MEMLOCK restrictions. This can lead to a kernel paging request error and potentially cause a system crash or instability.
Zabbix Agent 3.0.1 is vulnerable to a command injection vulnerability in the mysql.size user parameter. An attacker can exploit this vulnerability by injecting malicious input in the user parameter, leading to the execution of arbitrary commands on the target system. The vulnerability occurs due to improper sanitization of user input, allowing the injection of dangerous characters. This can be exploited by an attacker to execute arbitrary commands with the privileges of the user running the Zabbix Agent.
The Acunetix WP Security plugin 3.0.3 is vulnerable to Cross-Site Scripting (XSS) attacks. By inserting scripts into the content search field in WordPress, an attacker can exploit this vulnerability and execute malicious code.
The vulnerability occurs when the project description (Project Property page and select Company Name) is opened. The affected version is Visual Basic 6. The vulnerability can be exploited to cause DoS or privilege escalation. Owned registers are ESI and EDI. The company name is dumped at Memory Address of : 04520020. Due to stack overflow, USER32 gets stuck in a loop, causing 100% CPU usage and making the system unstable. UNICODE exploitation must be implemented to exploit this vulnerability. The generated binary file does not display any vendor information in EXE format due to overflow.
This is a proof-of-concept demo for a buffer overflow exploit in MagicISO. The exploit allows for arbitrary code execution by overwriting registers and triggering exceptions. The vulnerable instructions are MOV DWORD PTR DS:[EDX],EAX and MOV DWORD PTR DS:[EAX+4],EDX. The exploit requires precise control of the buffer size and manipulation of null bytes in EDX and EAX registers. The SEH handler is overwritten to achieve the exploit.
This exploit allows an attacker to retrieve the admin username and hash from the Dokeos <= 1.8.0 website. The vulnerability exists in the my_progress.php file, where an SQL query is executed without proper input validation. By injecting a specially crafted payload in the course parameter of the URL, the attacker can bypass authentication and retrieve sensitive information from the database.
Services By CQR