The vulnerability allows an attacker to include local files on the server by exploiting an insecure file inclusion function in the 'compatible.php' script. By manipulating the 'module_name' parameter, an attacker can access sensitive system files and potentially execute arbitrary code.
The nt!NtQueryVolumeInformationFile system call in Windows 10 (32/64-bit) discloses uninitialized kernel stack memory to user-mode clients. The vulnerability can be triggered by invoking the syscall against certain kernel objects. There are two types of leaks that can occur, both involving the output IO_STATUS_BLOCK structure. The first type is a 64-bit specific leak of 4 bytes of uninitialized kernel stack memory, caused by a mismatch in the size of NTSTATUS and PVOID on x64 platforms. The second type is when a completely uninitialized copy of IO_STATUS_BLOCK is passed down to the user-mode client, resulting in the disclosure of 8 kernel stack bytes on x86 systems and 16 bytes on x64 systems.
This exploit allows an attacker to include a remote file in the config.inc.php file of WordSmith 1.0 RC1. By providing a specially crafted URL with the '_path' parameter pointing to a malicious file, the attacker can execute arbitrary code on the vulnerable server.
The nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The bug results in the disclosure of 4 uninitialized kernel stack bytes.
The SysGauge Pro v4.6.12 software is vulnerable to a local buffer overflow vulnerability. By providing a specially crafted payload in the Customer Name and Unlock Key fields, an attacker can trigger a buffer overflow and potentially execute arbitrary code on the target system. The vulnerability has been tested on Windows XP Professional - SP3.
There is a CSRF vulnerability in WUZHI CMS 4.1.0 that allows an attacker to add a user account via the index.php?m=member&f=index&v=add endpoint. After the administrator logs in, the attacker can open the CSRF exploit page and add a user account.
The vulnerability allows an attacker to perform arbitrary SQL injections by manipulating the 'class' parameter in the 'products.php' page. By injecting a UNION SELECT statement, the attacker can retrieve sensitive information such as usernames and passwords from the 'admin' table.
There is a CSRF vulnerability in WUZHI CMS 4.1.0 that can add an admin account via index.php?m=core&f=power&v=add. After the administrator logs in, the exploit can be triggered by opening the CSRF exploit page.
The exploit involves a buffer overflow vulnerability in DVD X Player Standard version 5.5.3.9. By sending a specially crafted payload, an attacker can overwrite the SEH (Structured Exception Handler) to gain control of the program execution flow. This can lead to remote code execution and potential compromise of the system. The exploit has been tested on Windows XP SP3 x86.
The plugin Woocommerce CSV importer 3.3.6 allows any registered user to perform remote code execution. The vulnerability exists due to the lack of escaping in the $_POST['filename'] parameter. By sending a specially crafted request to the admin-ajax.php file, an attacker can unlink files on the server.
Services By CQR