This module exploits a buffer overflow in the VideoPlayer.ocx ActiveX installed with the X360 Software. By setting an overly long value to 'ConvertFile()', an attacker can overrun a .data buffer to bypass ASLR/DEP and finally execute arbitrary code.
This exploit takes advantage of a buffer overflow vulnerability in the ActSoft DVD-Tools (dvdtools.ocx) ActiveX control. It allows an attacker to execute arbitrary code on the target system by overflowing the buffer and overwriting the SEH handler.
The Flash FTP Server v2.1 is vulnerable to a directory traversal attack, which allows an attacker to access files outside the intended directory by using specially crafted input in the FTP commands.
The Mambo CMS N-Skyrslur is prone to a cross-site scripting vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by injecting arbitrary script code in the browser of a targeted user. This can lead to the theft of cookie-based authentication credentials and facilitate other malicious activities.
The Web Professional application is vulnerable to SQL injection attacks due to inadequate sanitization of user-supplied data before using it in an SQL query. This vulnerability can be exploited by an attacker to compromise the application, gain unauthorized access or modify data, and potentially exploit other vulnerabilities in the underlying database.
Serendipity is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and execute arbitrary local files within the context of the webserver.
The vulnerability is due to a double free condition in MapServer. Attackers can exploit this issue to crash the application, denying service to legitimate users. It is possible that code execution may also be possible, but this has not been confirmed.
IBM Open Admin Tool is prone to multiple cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.
ClickCMS is prone to a denial-of-service vulnerability and a CAPTCHA-bypass vulnerability. Attackers can leverage these issues to cause the affected server to stop responding or to bypass certain security mechanisms.
Services By CQR