This is a remote buffer overflow exploit for the corehttp[v0.5.3alpha] httpd server. The exploit takes advantage of a bug in the http.c file, specifically in the HttpSprockMake function, where a strncpy call allows for buffer overflow. This can be triggered by sending a specially crafted HTTP request to the server. The vulnerability allows an attacker to execute arbitrary code on the server.
The CVE-2017-8464 vulnerability allows remote code execution through malicious LNK files. This vulnerability is caused by the way Windows handles LNK files, allowing an attacker to execute arbitrary code when a user opens a specially crafted LNK file. This can lead to the attacker gaining control over the affected system.
The 'q' parameter in Muviko Video CMS v1.0 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries in the 'q' parameter, potentially allowing them to access, modify, or delete the database.
$_REQUEST['order'] ('$this->order') parameter isn't properly sanitised, so we should be able (with MySQL version 4.1 or higher) to inject sql code in a subquery after 'ORDER by' statement...we can retrive admin credentials with BENCHMARK() function!
This vulnerability allows an attacker to pull out admin/users login credentials by exploiting a SQL injection vulnerability in the PHP123 Top Sites website. The attacker can use the following URLs to execute the exploit:- http://server.com/category.php?cat=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(username,0x3a,password),3,4,5/**/FROM/**/admin/*- http://server.com/category.php?cat=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(username,0x3a,password),3,4,5/**/FROM/**/users/*Note: The admin login can be found at /siteadmin/ and using the allintext: operator in the search query may return different results.
The SetLogFileName method in IntraProcessLogging.dll does not check if it's being called from the application or by malicious users. This allows a remote attacker to craft a HTML page and overwrite arbitrary files on the system.
A buffer overflow vulnerability exists in Citadel/UX when processing the USER parameter, which can lead to a denial of service (DoS) condition. The vulnerability was discovered by CoKi and a proof-of-concept exploit was developed. The exploit is not straightforward due to the presence of the tolower() function, but ret-to-libc technique can be used on certain systems.
the DivFixppCore::avi_header_fix function in src/DivFix++Core.cpp in DivFix++ v0.34 can cause a denial of service(invalid memory write and application crash) via a crafted avi file.
This exploit allows an attacker to execute SQL commands remotely in SimpleBlog version 3.0. By injecting a specially crafted SQL query, the attacker can retrieve admin credentials from the database.
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 can cause a denial of service(infinite loop and CPU consumption) via a crafted wav file.The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 can cause a denial of service(memory allocation error and application crash) via a crafted wav file.
Services By CQR