The 'catid' parameter in categorydetail.php and the 'ddlCategory' parameter in search.php are not properly filtered, allowing attackers to manipulate SQL queries.
GNU Barcode suffers from a memory leak vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the 'cmdline.c', which can be exploited to cause a memory leak via a specially crafted file. The vulnerability is confirmed in version 0.99. Other versions may also be affected.
The vulnerability is caused due to a boundary error in the processing of an input file, which can be exploited to cause a buffer overflow when a user processes e.g. a specially crafted file. Successful exploitation could allow execution of arbitrary code on the affected machine.
The 'my_item_search' parameter in the demo.com/login-script-demo/users.php page is vulnerable to blind SQL injection / XPath injection. An attacker can use crafted payloads to exploit this vulnerability and extract sensitive information from the database, such as table names and column names.
A persistent/stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to admin/settings/general.
The CyberLink PowerDVD CLAVSetting Module (CLAVSetting.DLL 1.00.1829) allows an attacker to overwrite files with an empty one. This vulnerability is installed by default on Acer Travelmate series. The extension of the files being overwritten does not matter.
This exploit allows an attacker to change user information and passwords in the Joomla! extension JoomOCShop 1.0. The attacker can modify the user's firstname, lastname, email, telephone, and fax. Another exploit allows the attacker to change the user's password.
The Joomla! extension jCart for OpenCart 2.3.0.2 is vulnerable to cross site request forgery. This allows an attacker to change user information, change passwords, and change affiliate account information without proper authentication.
This exploit targets the CloudMe Sync software version 1.10.9 and allows for a buffer overflow, bypassing DEP. The exploit is a Python script that sends a specially crafted buffer to the CloudMe service, which should be running a bind shell on port 4444. Once the exploit is successful, the attacker can gain remote access to the victim machine. The exploit includes a register setup to defeat DEP by using VirtualProtect(). The script also generates a ROP chain using mona.py from www.corelan.be.
The smbftpd 0.96 Proof of concept exploit allows an attacker to overwrite a GOT (Global Offset Table) entry with the address to BSS (Block Started by Symbol) and send shellcode, leading to remote code execution. The exploit takes advantage of a buffer overflow vulnerability in the smbftpd software.
Services By CQR