The exploit is a Perl script that sends a long string in the Authorization header to the target web server, causing it to crash due to a buffer overflow. This leads to a denial of service (DoS) condition, as the server becomes unresponsive and stops serving requests.
Infoblox NetMRI is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The Joomla! 'com_alfcontact' extension is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks.
AShop is prone to multiple open-redirection issues and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, and conduct phishing attacks. Other attacks may also be possible.
The vulnerability allows local attackers to execute arbitrary code with superuser privileges by exploiting a flaw in the 'pam_start()' function in OpenPAM. This can lead to the complete compromise of affected computers.
The PBCS Technology is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the database implementation.
The Linux kernel is prone to a local information-disclosure weakness. Successful exploits allow local attackers to obtain the password length of a victim's account; information harvested may aid in further attacks.
The Centreon application is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application.
Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process.
Multiple cross-site scripting vulnerabilities in XAMPP allow remote attackers to inject arbitrary web script or HTML via the (1) /security/xamppsecurity.php, (2) /xampp/perlinfo.pl, or (3) /xampp/cds.php URI.