The RFI bug is present in the lang_main_album.php file of PhpBBPlus version 1.53. It can be exploited by appending a malicious URL as the value for the 'phpbb_root_path' parameter. This can allow an attacker to include remote files and potentially execute arbitrary code.
This exploit allows an attacker to create a malicious AVI file that when opened in Easy Avi Divx Xvid to DVD Burner v2.9.11, will cause a denial of service on the local system.
This exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in Easy CD DVD Copy v1.3.24. The vulnerability occurs when a user pastes a specially crafted content in the 'Enter User Name' field during registration. This allows the attacker to overwrite the Structured Exception Handler (SEH) and gain control of the program execution flow. The exploit includes a payload that launches the Windows calculator (calc.exe) as an example. The vulnerability has been tested on Windows XP professional SP3, Windows 7 Enterprise SP1, and Windows 10 Professional 64bit, with different offset values.
This is a proof of concept exploit for a Denial of Service vulnerability in Dell EMC NetWorker. The vulnerability allows an attacker to crash the service, resulting in a denial of service condition.
This exploit allows an attacker to run arbitrary code on a system with Allok Video Converter installed. By creating a specially crafted file and pasting its contents into the License Name field, an attacker can trigger a buffer overflow and execute arbitrary code.
OneCMS contains a flaw that allows an attacker to carry out an SQL injection attack. The issue is due to the userreviews.php script not properly sanitizing user-supplied input to the 'abc' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database if magic_quotes_gpc = off.
The exploit triggers a buffer overflow in the isInstalled.dnsResolve function in Sun's JRE version 1.6.0_X. The provided code by Yag Kohha creates a string 'b' and continuously appends it to itself until its length exceeds 512*512. This causes the buffer overflow when the dnsResolve function is called with 'b' as the argument.
1. Lack of file type filter enabling attacker to upload PHP scripts that can later be executed2. Found SQLI in the Date of Birth text box3. Found Stored XSS in manufacturer_name4. Multiple vulnerabilities (SQLI and Information Leak)
This exploit allows an attacker to include local files by manipulating the 'page' parameter in the URL. The attacker needs admin credentials to download files. The exploit author used default credentials to demonstrate the vulnerability.
The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in EoP.
Services By CQR