This is a basic file manager written by WebInsta.com. The vulnerability exists in the login.php file, where the adminname and adminpass cookies are not properly sanitized before being included in the $absolute_path variable. This allows an attacker to include arbitrary files from remote servers.
Normal user can inject SQL query in the URL which leads to read data from the database.
This exploit allows an attacker to read and copy information on a victim's computer when they view a website crafted with this exploit. The exploit works on Firefox versions before 39.0.3.
XnView is vulnerable to a buffer overflow while processing a crafted XPM File. It fails to check the length of the arguments passed to the defined array which leads to code execution. This exploit runs calc.exe or binds shell to port 4444.
Copies a file to any privileged location on disk
ACDSee is vulnerable to an unspecified buffer overflow when processing a crafted .XPM file. This exploit runs calc.exe or binds shell to port 4444, and works against ACDSee and ACDSee Quick View.
The uPHP_ring_website portal is vulnerable to SQL injection. An attacker can exploit the vulnerability by injecting malicious SQL queries through the 'ring' parameter in the index.php file. The attacker can retrieve sensitive information such as admin usernames and passwords or user details.
Doing reverse engineering of the protocol was found several ways to cause a crash in the nvpmgr.exe process. The entire application (all processes) will die and it won't be able to restart again by itself unless someone do it manually.
This module embeds an exploit into an uncompressed map file (.h3m) for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution.
This is an exploit for a SEH buffer overflow vulnerability in Tomabo MP4 Player version 3.11.3. By crafting a specially crafted .m3u file, an attacker can overwrite the Structured Exception Handler (SEH) to execute arbitrary code.