Component name: PegasusImaging.ActiveX.ThumbnailXpress1.dll Version: 1.0.45.0 This control contains an insecure "CacheFile()" method that delete, once the process is terminated, the file passed as argument.
The vulnerability allows an attacker to perform SQL injection attacks on the Furkan TaÅŸtan Blog website. By manipulating the 'id' parameter in the '/kategori.asp?kat=goster&id=' URL, an attacker can execute arbitrary SQL queries and retrieve sensitive information from the database.
The WordPress Contact Form Maker Plugin version 1.12.20 and below is vulnerable to SQL Injection. By sending specially crafted requests to the plugin settings page, an attacker with appropriate privileges can exploit these vulnerabilities to escalate their privileges or modify database contents.
Ftp Server 1.32 Insecure Data Storage, the result of storing confidential information insecurely on the system i.e. poor encryption, plain text, access control issues etc. Attacker can find out username/password of valid user via /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml
The Trionic Cite CMS 1.2 rev9 is vulnerable to remote file inclusion attacks. An attacker can exploit this vulnerability by manipulating the 'bf_data' parameter in the '/interface/editors/-custom.php' and '/interface/editors/custom.php' scripts to include malicious files from a remote server. This can lead to arbitrary code execution on the affected system.
The vulnerability exists in the getvolattrlist function, which takes a user-controlled bufferSize argument via the fgetattrlist syscall. When allocating a kernel buffer to serialize the attribute list, there is a lack of lower size check, which can lead to a heap overflow. The code does not correctly handle the case when the user-supplied buffer size is smaller than the requested header size. This can be exploited to overwrite kernel memory and potentially execute arbitrary code.
The latest PHP distributions contain a memory corruption bug while parsing malformed HTTP response packets. If the proceeding buffer contains 'r' as either controlled content or junk on stack, under a realistic setting (non-ASAN), tmp_line_len could go do -1, resulting in an extra large string being copied subsequently. Under ASAN a segfault can be observed.
The exploit takes advantage of a local buffer overflow vulnerability in 10-Strike Network Scanner 3.0. By copying a specially crafted payload into the 'Host name or address' field and performing a trace route action, an attacker can trigger the buffer overflow and gain control of the application. The exploit has been tested on Windows XP Professional - SP3 (x86) and may also affect other versions of the software.
The 'Registration Key' field in 10-Strike Network Inventory Explorer 8.54 is vulnerable to a buffer overflow exploit. By pasting a specially crafted payload into the 'Registration Key' field, an attacker can overwrite the SEH (Structured Exception Handling) and execute arbitrary code.
This exploit allows an attacker to execute arbitrary code on a vulnerable FSFDT Windows FSD Beta from FSD V3.000 draft 9 installation running on Windows 2000 SP4. The exploit spawns a reverse shell to 10.0.0.100:4321. It leverages a buffer overflow vulnerability in the FSFDT software.
Services By CQR