It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to exploits/linux/misc/ueb9_bpserverd however it runs against the localhost by dropping a python script on the local file system. Unitrends stopped bpserverd from listening remotely on version 10.
This vulnerability allows an attacker to disclose arbitrary files on the server. By manipulating the 'file' parameter in the URL, an attacker can traverse directories and access sensitive files. In this case, the attacker is able to access the '/etc/passwd' file. This vulnerability was published on milw0rm.com on October 31, 2007.
Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
A Stored Cross-site scripting (XSS) was discovered in wordpress plugins easy testimonials 3.2. Three parameters(_ikcf_client _ikcf_position _ikcf_other) have Cross-Site Scripting.
Ticketly 1.0 is affected by SQL Injection in multiple parameters and resources through POST. This allows an attacker to read and modify sensitive information from the database used by the application.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certai actions with administrative privileges if a logged-in user visits a malicious web site.
The unmarshaler for Storage objects is completely unsafe and yet is marked as a system trusted marshaler. There are multiple ways of abusing this unmarshaler to get privilege escalation.
The AGTC-Membership system v1.1a allows an attacker to add an admin user remotely, resulting in unauthorized access to the system.
The HTML Video Player 1.2.5 software is vulnerable to a buffer overflow (SEH) vulnerability. This can be exploited by an attacker to execute arbitrary code on the affected system.
The exploit allows an attacker to crash the XMPlay media player by providing a specially crafted '.m3u' file. By launching XMPlay and either dragging the 'xmplay.m3u' file into the XMPlay window or selecting 'winamp.m3u' from the File menu, the application will crash.
Services By CQR