This exploit allows an attacker to bypass the login mechanism and perform SQL injection in TaskDriver version 1.2. The vulnerable code is in the 'login.php' and 'notes.php' files. The payload retrieves the admin username and password hash. The exploit can be executed by inputting ' OR 1=1 /*' in the username field of the login page or by accessing 'notes.php?taskid=-999' and using a UNION SELECT statement. This vulnerability is subject to the magic_quotes_gpc setting being turned off.
A vulnerability exists in Thyme Calendar 1.3 (and possibly lower versions) which allows execution of a custom SQL query. The vulnerability exists in event_view.php, because the 'eid' field is not properly validated. An attacker could exploit the vulnerability with a specific request. By changing the 'eid' field, the attacker can retrieve all the usernames from the database instead of the intended 'id' from thyme_Attachments. The attacker can grab the usernames from the HTML source by searching for 'aid='.
This exploit allows an attacker to include a remote file in the config.inc.php file of Original Version 0.11. By manipulating the 'x[1]' parameter in the URL, an attacker can include a shell or any other remote file.
The vulnerability allows attackers to crash the VLC Media Player application, causing a denial of service for legitimate users.
This exploit takes advantage of a buffer overflow vulnerability in the IsOldAppInstalled ActiveX control in McAfee Security Center. It allows an attacker to execute arbitrary code on a vulnerable system. The exploit is tested on Windows 2000 with the dll version Mcsubmgr.dll 6.0.0.15.
The vulnerability in Apple Safari for Windows allows an attacker to bypass certain security warnings, which can be exploited to conduct phishing attacks.
The vulnerability allows an attacker to modify arbitrary files on the system. The exploit uses the NMSA Session Description Object SaveAs control to modify the boot.ini file. This vulnerability is documented in Microsoft Security Advisory MS07-027.
It is possible for an attacker to execute a DLL planting attack in Microsoft Office with a specially crafted OLE object. The attached POC document contains an embedded Packager object with a modified CLSID that triggers the vulnerable LoadLibraryW() call, resulting in the loading of a malicious DLL from the current working directory of Word.
Exploit allows an attacker to execute arbitrary code or cause a denial-of-service condition.
The attacker can bypass the authentication mechanism in the WIMAX LX350P(WIXFMR-108) modem by upgrading the firmware.
Services By CQR