Microsoft Windows - .doc Malformed Pointers Denial of Service

Microsoft Windows - .doc Malformed Pointers Denial of Service /\ Microsoft Windows .doc File Malformed Pointers DoS Just move your mouse on the file and explorer crashes. If it does not try to look at file properties. Bug comes from Ole32.dll: CMP DWORD PTR DS:EAX+EBX,3 and we can set EAX, EDX an...

Rigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit

No description provided by source. ? //RPS 6.2 SQL Injection Exploit //http://www.rps-project.com/ //Need magicquotesgpc = Off; //by s0cratex //Contact: s0cratexathotmaildotcom //Salu2: rgod, 0pt1x 'n mechas. errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; $host =...

CVE-2007-1142

Cross-site scripting XSS vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the linkparameters parameter in 1 news.php and 2 nlayouts.php...

CVE-2007-1141

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpscriptpath parameter. NOTE: This issue may overlap CVE-2006-0723...

Remote file inclusion

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpscriptpath parameter. NOTE: This issue may overlap CVE-2006-0723...

Cross site scripting

Cross-site scripting XSS vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the linkparameters parameter in 1 news.php and 2 nlayouts.php...

CVE-2007-1142

Cross-site scripting XSS vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the linkparameters parameter in 1 news.php and 2 nlayouts.php...

CVE-2007-1142

Cross-site scripting XSS vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the linkparameters parameter in 1 news.php and 2 nlayouts.php...

CVE-2007-1141

The CVE-2007-1141 issue concerns Magic News Plus 1.0.2, where a PHP remote file inclusion vulnerability exists in preview.php. The root cause is the php_script_path parameter allowing an attacker-controlled URL to be included, enabling arbitrary PHP code execution on the server. This aligns with ...

CVE-2007-1141

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpscriptpath parameter. NOTE: This issue may overlap CVE-2006-0723...

CVE-2007-1142

CVE-2007-1142 affects Magic News Plus 1.0.2. The vulnerability is a cross-site scripting (XSS) flaw exploitable via the link_parameters parameter in the files (1) news.php and (2) n_layouts.php, allowing remote attackers to inject arbitrary web script or HTML. The provided sources identify the af...

Magic News Plus 1.0.2 - n_layouts.php?link_parameters Cross-Site Scripting

Magic News Plus 1.0.2 - nlayouts.php?linkparameters Cross-Site Scripting source: https://www.securityfocus.com/bid/22661/info Magic News Pro is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These issues include a remote...

Magic News Plus 1.0.2 - 'news.php?&link_parameters' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22661/info Magic News Pro is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These issues include a remote file-include issue and two cross-site scripting vulnerabilities. An...

GuppY 4.5.16 - Remote Command Execution

GuppY 4.5.16 - Remote Command Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r...

Stack overflow

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control NCTAudioFile2.dll, as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include 1 NCTsoft NCTAudioStudio, NCTAudioEdito...

CVE-2007-0018

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control NCTAudioFile2.dll, as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include 1 NCTsoft NCTAudioStudio, NCTAudioEdito...

CVE-2007-0018

CVE-2007-0018 describes a stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll) that allows remote code execution via a long argument to the SetFormatLikeSample function. Affected products include numerous NCTAudioFile2-based apps (AudioStudio/Editor/Voice...

Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities

Actually, this can be pretty serious depending on server settings, but an improper example was given. Better one: jaxpetitionbook.php?languagepack=../../someotherallowedfileuploads/myfile.php.gif00 Many servers will have magic quotes on to defeat the null byte, but by no means all. John...

bmforum漏洞exp

No description provided by source. ?php printr" +------------------------------------------------------------------+ Exploit For Blue Magic Forum All Version Fuck Register Global && Magic Quote BY 拖鞋王子 Mokfly 媒婆X Just For Fun : +------------------------------------------------------------------+...

AIOCP SQL Injection Vulnerability

i Product Name: AIOCP - All In One Control Panel i Vulnerable Versions: = 1.3.009 i Bug found by: Coloss i Contact: [email protected] i Date: 9.1.2007 i Spec: Parameter 'did' is not checked before it's used in a SQL Query so you are able to inject some evil SQL code Example shows how to retrieve...