19 matches found
EUVD-2003-0852
Malware in sbrugna...
SWFMill base64_encode component buffer overflow vulnerability
SWFMill is a tool for working with Adobe Flash SWF files from Daniel Cassidy, a personal developer in the UK. A buffer overflow vulnerability exists in SWFMill 0.3.6 and prior versions, which stems from a boundary error in its base64encode component when processing untrusted input. An attacker...
CVE-2022-36144
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
CVE-2022-36144
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
CVE-2022-36144
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
Heap overflow
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
CVE-2022-36144
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
CVE-2022-36144
SWFMill commit 53d7690 contains a heap-buffer overflow in the base64_encode path. Affected software/component: SWFMill (versions up to 0.3.6 and earlier). Root cause: boundary/error condition in base64_encode leading to a heap-buffer overflow. Impact: as described in multiple sources, potentially...
Meow Gallery < 4.1.9 - Contributor+ SQL Injection
The plugin does not sanitise, validate or escape the ids attribute of its gallery shortcode available for users as low as Contributor before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also allows the returned values to be manipulated in a way that...
openSUSE Security Update : mbedtls (openSUSE-2015-898)
This update for mbedtls fixes the following security and non-security issues : - Update to 1.3.15 - Fix potential double free if sslsetpsk is called more than once and some allocation fails. Cannot be forced remotely. Found by Guido Vranken, Intelworks. - Fix potential heap corruption on windows...
KingCms最新版(k9)绕过过滤6处注入打包
简要描述: KingCms最新版(k9)绕过过滤6处注入打包 详细说明: 朋友的公司想购买kingcms的授权,让我帮忙看下。发现kingcms很长一段时间没更新了,憋了一段时间放出了最新版的k92014-12-13更新,官网下下来学习一下。 在wooyun上看到了几个漏洞,如: WooYun: kingcms最新版sql注入漏洞 注入点:GET...
PHPNuke 6.x Category Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9630/info It has been reported that PHPNuke may prone to a SQL injection vulnerability, due to insufficient sanitization user-supplied input. The problem is reported to exist in the $category variable contained within the...
AJ Shopping Cart 1.0 (maincatid) - SQL Injection
AJ Shopping Cart 1.0 maincatid - SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...
AuraCMS [Forum Module] - Remote SQL Injection
AuraCMS Forum Module - Remote SQL Injection Vendor : http://auracms.org/ Download : http://iwan.or.id/redirect/download/36.html -- Forum Module Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Dork : inurl:"?pilih=forum" file; /forum/komentar.php bug at...
AuraCMS [Forum Module] Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= AuraCMS Forum Module Remote SQL Injection Vulnerability ========================================================= AuraCMS Forum Module - Remote SQL Injection Vendor :...
WordPress 1.5.1.3 - Remote Code Execution
WordPress 1.5.1.3 - Remote Code Execution ?php echo "Wordpress = 1.5.1.3 - remote code execution 0-DDAAYY exploit\n"; echo "C Copyright 2005 Kartoffelguru\n\n"; echo "! info: requires registerglobals turned on on target host\n\n"; if !extensionloaded'curl' die "- you need the curl extension...
CVE-2003-0861
Integer overflows in 1 base64encode and 2 the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors...
CVE-2003-0861
Integer overflows in 1 base64encode and 2 the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors...
CVE-2003-0861
CVE-2003-0861 concerns integer overflows in two PHP components prior to 4.3.3: (1) base64_encode and (2) the GD library. Root cause: integer overflow conditions in these functions. Affected software/components: PHP versions before 4.3.3, specifically the base64_encode path and GD library usage. I...