The Modbus Poll 7.2.2 software is vulnerable to a denial of service (DoS) attack. By providing a specially crafted payload, an attacker can cause the program to crash, resulting in a denial of service condition.
This exploit allows an attacker to grant DBA privileges to an unprivileged user in Oracle 10g by exploiting the CTX_DOC.MARKUP function. The exploit involves creating a function called HACKIT that executes a dynamic SQL statement to grant the DBA role to the user 'scott'. The function is then called, granting the DBA role to the user. This vulnerability was reported by David Litchfield in June 2005 and was publicly disclosed on October 17, 2007. This exploit has been tested on Oracle 10.1.0.2.0.
The PHP-SHOP master 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attack. An attacker can forge a request to the 'users.php' page and add a new admin user with arbitrary credentials.
This exploit allows an attacker to add, edit, and delete admin and all users in the Time and Expense Management System 3.0. By sending a specially crafted HTTP request to the target server, the attacker can update the admin user's information and gain administrative privileges. This vulnerability does not have a CVE assigned to it.
The vulnerability allows an attacker to include a remote file in the application, which can lead to remote code execution or other malicious activities.
The exploit allows an attacker to create a specially crafted file that triggers a buffer overflow in Any Sound Recorder 2.93. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.
When a user logs in, Flatnuke sets a cookie value. The code checks if the cookie value contains the string 'myforum='. If it does, the user is asked to log in again. However, this filter can be bypassed using a nullbyte and logging in as admin. Additionally, in the download module, if the 'fneditmode' parameter is set to '1', a directory can be created and a PHP code can be executed through the directory description.
In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.
A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter.
Profile type users+ can download arbitrary files. The vulnerability is present in the navigate_download.php file. By manipulating the 'id' parameter, an attacker can download any file from the server.
Services By CQR