When authenticated as an admin, an attacker can manipulate the URL to access arbitrary files on the server. By substituting the target IP, desired file path, and session-specific vid parameter, the attacker can bypass security controls and view sensitive files.
The vulnerability is caused by an out-of-bounds read from static memory in Wireshark. It can be triggered by feeding a malformed file to tshark.
The vulnerability exists in the 'template_csv.php' file of Libstats version 1.0.3 and earlier. It allows an attacker to include remote files by manipulating the 'rInfo[content]' parameter. An example exploit URL is provided.
Allows an attacker to gain admin privileges.
This vulnerability allows remote attackers to include arbitrary files via a crafted request to the Base/Application.php, Widgets/Base/Footer.php, Widgets/Base/widget.BifContainer.php, Widgets/Base/widget.BifRoot.php, Widgets/Base/widget.BifRoot2.php, Widgets/Base/widget.BifRoot3.php, or Widgets/Base/widget.BifWarning.php script.
The vulnerability allows an attacker to include a remote file in the system's ImageImageMagick.php file. By manipulating the 'glConf[path_system]' parameter, an attacker can specify a malicious file hosted on a remote server to be executed on the target system.
This exploit allows an attacker to upload a web shell using the 'save_email.php' file in the JMX2 Email Tester application. By providing a target URL and PHP code, the attacker can execute arbitrary commands on the target system.
phpMyBackupPro v.2.5 (PMBP) allows a malicious user to inject persistent arbitrary PHP/OS commands into the configuration file, leading to remote command execution. This can be achieved through a CSRF driveby or by a local malicious user in a shared host environment. The payload leverages the backtick operator to execute OS commands on the victim's system.
smbgrind.exe succumbs to buffer overflow when supplied a large number of bytes (1206) for the -r switch for the remote NetBios name of destination host. Resulting in memory corruption overwriting several registers...
Magic iso has a stacked based buffer overflow vulnerability when an overly-long file name is passed inside the .cue file. This allows an attacker to control registers and execute commands. This exploit is currently released as a denial-of-service proof of concept until further help is received. Debug information shows that registers eax, ecx, and edx can be controlled.
Services By CQR