The Zortam MP3 Media Studio 23.95 software is vulnerable to a denial of service attack. By providing a specially crafted payload, an attacker can cause the software to crash.
This exploit allows users to gain full read/write access to the file system of iPhone/iTouch devices by crashing the Safari browser. It requires IPHUC and knowledge of file manipulation.
This exploit allows an attacker to execute remote code on the SEIG SCADA SYSTEM 9. The vulnerability was found by Alejandro Parodi and has a CVE ID of CVE-2013-0657. The exploit takes advantage of a buffer overflow in the software to execute arbitrary code. The vulnerability exists in version 9 of the software and has been tested on Windows 7 x86. The exploit involves sending a specially crafted payload to the target system. The payload includes a header, protocol data, padding, and a return address. A shellcode is also included in the payload, which is responsible for executing the desired code. The exploit has been successfully tested on the specified platform and version.
This exploit creates a malicious payload that causes a denial of service in the CEWE Photoshow 6.3.4 software. By running the python exploit script and copying the text inside the created 'exploit.txt' file, the user can trigger a crash by pasting the content into the 'email address' and 'Password' fields in the CEWE Photoshow program.
The Joomla com_joomla_flash_uploader component version 2.5.1 and 2.5.2 is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by manipulating the 'mosConfig_absolute_path' parameter in the 'install.joomla_flash_uploader.php' and 'uninstall.joomla_flash_uploader.php' files to include a malicious file from a remote server.
The Central Management Software v1.4.13 is vulnerable to a Denial of Service (DoS) attack. By sending a specially crafted payload to the 'Password' field in the CMS client program, an attacker can cause the software to crash, resulting in a denial of service condition.
This exploit allows an attacker to include a remote file in the index.php page of PicoFlat CMS. By manipulating the 'pagina' parameter in the URL, an attacker can include a malicious file hosted on a remote server. This can lead to remote code execution and further compromise of the system.
This module exploits a stack buffer overflow in Cloudme v1.8.x/v1.9.x.
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object to the interface to execute code on vulnerable hosts.
The vulnerability allows an attacker to insert malicious JavaScript code in the fname and lname parameters, which gets executed when the Performance Tuning module of IBM Sterling B2B Integrator is accessed. This can lead to various attacks such as stealing sensitive information or performing actions on behalf of the user.
Services By CQR