434 matches found
Microsoft Data Access Components DSN Overflow Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Data Access Components. The vulnerability is present in an API call and as such successful exploitation will depend on an application's implementation of this call. The specific flaw exists with...
Overflow exploit technology mining preliminary-vulnerability warning-the black bar safety net
From MS03-0 4 9 exploit see to debug the system process Text/figure dangguai27 This article I mainly from the period of time the use of the WorkStation service overflow vulnerability, MS03-0 4 9 process encountered some problems as the basis, to talk about how I through the system the process of...
NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow
NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow ----------------------------------------------------------------------------- NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow url: http://www.nctsoft.com Author: shinnai mail: shinnaiatautisticidotorg site:...
CVE-2008-1318
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...
CVE-2008-1318
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...
CVE-2008-1318
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...
Cross site scripting
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...
CVE-2008-1318
CVE-2008-1318 affects MediaWiki 1.11 before 1.11.2. The vulnerability is an information disclosure in the JSON API: remote attackers can obtain sensitive information by manipulating the JSON callback parameter. The underlying issue is in how the callback parameter is handled for JSON-formatted AP...
Citrix NetScaler Generic_API_Call.PL跨站脚本漏洞
Citrix NetScaler是一款安全易用的Web应用交付解决方案。 Citrix NetScaler GenericAPICall.PL不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行跨站脚本攻击,获得目标用户敏感信息。 问题是由于'GenericAPICall.PL'脚本对用户提交的'standalone'参数缺少过滤,提交恶意脚本代码作为参数数据,并诱使用户处理,可导致获得目标用户敏感信息,或未授权访问应用程序。 Citrix NetScaler 8.0 build 47.8 目前没有详细解决方案提供:...
win64 (URLDownloadToFileA) download and execute 218+ bytes
No description provided by source. ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download & execute file using URLDownloadToFileA moniker & WinExec ; ; tested on AMD64 running Windows x64 SP1 ; ; there probably are errors in the code, but this is more of an experimental source if...
win64 (URLDownloadToFileA) download and execute 218+ bytes
Exploit for win64 platform in category shellcode ========================================================== win64 URLDownloadToFileA download and execute 218+ bytes ========================================================== ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download &...
CVE-2005-4345
Adobe formerly Macromedia ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges...
CVE-2005-4345
Adobe formerly Macromedia ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges...
CVE-2002-0037
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call NSFDbReadObject that directly accesses the object...