This exploit targets the gld 1.4 software on various Linux distributions, including Red Hat, Gentoo, and Debian. It allows remote attackers to execute arbitrary code or cause a denial of service.
The 'auth.php' file in Mobilelib Gold v3 allows an attacker to bypass authentication and perform SQL injection. The 'adminName' parameter is not properly sanitized before being used in a SQL query, allowing an attacker to inject arbitrary SQL code. A successful exploit can result in unauthorized access to the application's database.
NT_Naming_Service.exe (License Manager 2005 for SAP Business One 2005-A) is vulnerable to a stack-based buffer overflow allowing for full system compromise by an unauthenticated user that has TCP/IP access to SAP's license service on TCP port 30000.
This exploit takes advantage of a buffer overflow vulnerability in VLC Media Player 0.8.6f. It allows an attacker to execute arbitrary code remotely by sending a specially crafted smb:// URI. The vulnerability was discovered by Pankaj Kohli and the exploit was developed by His0k4.
The exploit involves using JavaScript to create and manipulate objects in Internet Explorer. By using certain methods, an attacker can cause unexpected behavior or crash the browser. This can potentially lead to remote code execution.
There is a race condition when using appendChild to append an element in one window to an element in another. A 'dirty' read can be exploited to gain control over the process.
A local privilege escalation attack against the community supported version of Real.com's Realplayer, version 9. By default, configuration files are stored in ~$USER/.realnetworks/ and are group writeable. A malicious local user can edit the config files of fellow users to perform unauthorized actions. The attack involves modifying the path to shared libraries and writing malicious shared libraries.
This exploit targets the Winmod 1.4 (.lst) software on Windows XP SP3. It utilizes a stack overflow vulnerability to execute arbitrary code. The exploit overwrites the return address (RET) and structured exception handler (SEH) to gain control of the program. It then injects shellcode to execute a calculator application. The shellcode used in this exploit is based on the Metasploit framework.
A stored cross-site scripting vulnerability exists in the Responsive E-Learning System 1.0, which allows an attacker to inject malicious JavaScript code into the application. By exploiting this vulnerability, an attacker can gain access to the application and execute malicious code on the victim's browser.
The 'id=' parameter in Responsive E-Learning System is vulnerable to Sql Injection.
Services By CQR