The vulnerability allows an attacker to perform SQL injection by manipulating the 'id' parameter in the URL. By using a UNION SELECT statement, the attacker can retrieve sensitive information such as usernames and passwords from the database.
VideoCharge Studio is prone to a remote stack-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
This exploit targets the PrecisionID Barcode ActiveX control, specifically the PrecisionID_DataMatrix.DLL version 1.3. By sending a specially crafted input, an attacker can cause a denial of service condition in the affected software. The exploit code is written in VBScript and utilizes a buffer overflow vulnerability.
This is a remote root exploit for AppleFileServer. It allows an attacker to gain root access to the target system.
This exploit allows an attacker to include remote files by manipulating the 'languagePath' parameter in the 'splash.lang.php' file of the Beacon 2.0 application.
The Yaap script is affected by a bug in the common.php file, specifically in the include_once function call. This vulnerability allows an attacker to execute arbitrary shell code by manipulating the 'root_path' parameter in the URL.
The igeneric.co.uk shopping cart website is vulnerable to SQL injection. By appending a malicious payload to the page parameter, an attacker can retrieve the passwords from the users table in the database.
A buffer overflow exists in the NPPftp plugin. When the plugin is connected to a malicious server which serves a crafted LIST response, it causes the application to crash.
This exploit allows remote attackers to include arbitrary files on a vulnerable PhpFirstPost 0.1 website. The vulnerability occurs due to improper input validation in the block.php file. By manipulating the 'Include' parameter in the URL, an attacker can specify a remote file to be included, which can lead to remote code execution or other malicious activities.
The vulnerability allows an attacker to execute arbitrary SQL queries in the backend database. By manipulating the 'forumid' parameter in the '/W1L3D4_bolum.asp' page, an attacker can bypass authentication and retrieve sensitive information from the 'users' table.
Services By CQR