C2S DVR allows an unauthenticated user to disclose the username & password remotely by a simple request to the server page 'read.cgi?page=2'. Moreover, an attacker could easily access the password change page without any authentication, as the web application does not perform any session management.
This exploit allows an attacker to perform a remote SQL injection attack on PNphpBB2 version 1.2 and below. The attacker can execute arbitrary SQL queries on the database, potentially gaining unauthorized access to sensitive information or modifying the database.
The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMR_PLGBLT, EMR_BITBLT, EMR_STRETCHBLT, EMR_STRETCHDIBITS etc. The GDI+ implementation supports bitmaps compressed with the BI_RLE8 (8-bit Run-Length Encoding) compression algorithm, and performs the actual decompression in the gdiplus!DecodeCompressedRLEBitmap function.
This exploit allows an attacker to include and execute remote files on the target system. It can be used to execute arbitrary commands on the target server.
WSo2 Carbon has multiple XSS vectors allowing attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy, stealing session cookies and used as a platform for further attacks on the system.
DVD X Player 4.1 Professional is prone to a buffer-overflow vulnerability when playing an overly long file name inside a .plf file. This file is used as a playlist file by both InterVideo WinDVD and DVD X Player. The vulnerability allows for a potential SEH overwrite, leading to remote code execution. Tested on Windows XP Service Pack 2.
The default installation and configuration of Colorado FTP Prime Edition (Build 8) is prone to a security vulnerability. Colorado FTP contains a flaw that may allow a remote attacker to traverse directories on the FTP server. A remote attacker (a colorado FTP user) can send a command (MKDIR, PUT, GET or DEL) followed by sequences (\..) to traverse directories and create, upload, download or delete the contents of arbitrary files and directories on the FTP server. To exploit the vulnerability It is important to use "\" at the beginning of string.
This exploit targets the Provideo Camimage class in ISSCamControl.dll version 1.0.1.5. By exploiting a vulnerability in Internet Explorer 6 on Windows 2000 SP4, an attacker can overwrite the Structured Exception Handler (SEH) and gain unauthorized access. The exploit involves adding a user 'su' with the password 'tzu' using Metasploit. The script includes the shellcode, SEH handler address, and NOP sled.
This exploit allows an attacker to include a remote file in the XOOPS Module icontent v.1.0. The vulnerability exists in the 'spaw_control.class.php' file located in the '/modules/icontent/include/wysiwyg/' directory. By manipulating the 'spaw_root' parameter in the URL, an attacker can include a malicious file from a remote server, potentially leading to remote code execution.
NUUO NVRmini, NVRmini2, Crystal, NVRSolo and NVRTitan suffers from multiple authenticated OS command injection vulnerabilities. This can be exploited to inject and execute arbitrary shell commands as the root user.
Services By CQR