OpenBSD <= 5.6 kernel panic()s in sys/uvm/uvm_map.c
This exploit allows an attacker to perform a remote SQL injection attack on SmodCMS version 2.10 or below. The vulnerability is located in the 'slownik_module_id' parameter. An attacker can execute arbitrary SQL queries, which can lead to unauthorized access to the database or manipulation of data.
This exploit allows an attacker to perform remote SQL injection on SmodBIP version 1.06. The vulnerability is present in the aktualnosci zoom module. By exploiting this vulnerability, an attacker can execute arbitrary SQL queries on the target server.
The 'sl_dal_searchlocation_cbf' ajax function in Wordpress Ajax Store Locator plugin version 1.2 and below is affected by a SQL Injection vulnerability. The 'StoreLocation' variable is not sanitized, allowing an attacker to inject malicious SQL queries.
The Beryo 2.0 version contains a vulnerability that allows remote attackers to disclose files from the server. By manipulating the 'chemin' parameter in the 'downloadpic.php' script, an attacker can traverse the directory structure and access sensitive files such as the password file ('/etc/passwd'). The vulnerability can be exploited by sending a crafted request to the server with the appropriate path traversal sequence in the parameter value.
We can write some assembly instruction to jump into shellcode. At the time of EIP overwrite, ECX points to our hole request(LIST evil). So jumping forward into ECX points to our Shellcode.
This exploit is for the Wserve HTTP Server 4.6 version which is vulnerable to a buffer overflow attack. The attacker sends a specially crafted HTTP request with a long directory name, causing a buffer overrun. This results in a denial of service as the program's internal state gets corrupted and it cannot continue execution safely.
The 'getIpAddr' function in the 'classUserdb.php' file of Traidnt Up v3.0 prioritizes untrusted user input entry (HTTP_CLIENT_IP & HTTP_X_FORWARDED_FOR) over the trusted one (REMOTE_ADDR) and does not perform sanitization.
This vulnerability allows an attacker to remotely disclose files on the target system. It works independently from PHP version but depends on PHP option register_globals (= on) or PHP versions (< 4.3.0). The exploit can be triggered by accessing the picture.php file with specific parameters.
This exploit allows an attacker to perform a blind SQL injection attack on the XOOPS Module Jobs <= 2.4. By manipulating the 'cid' parameter in the index.php file, an attacker can retrieve sensitive information from the database, including the usernames and passwords of the admin users.
Services By CQR