13 matches found
CVE-2018-25226
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter...
CVE-2018-25226 FTPShell Server 6.83 Denial of Service via Account Name
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter...
CVE-2018-25226
FTPShell Server 6.83 is affected by a buffer overflow in the account name field of the Manage FTP Accounts interface. A 417-byte payload pasted into the Account name to ban parameter can trigger a denial of service, allowing a local attacker to crash the application. The advisory notes a local at...
EUVD-2019-19979
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...
CVE-2019-25619 FTP Shell Server 6.83 Buffer Overflow via Account Name
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...
CVE-2019-25619
The CVE-2019-25619 case affects FTP Shell Server 6.83. A buffer overflow is triggered in the 'Account name to ban' field, enabling local attackers to execute arbitrary code by supplying a crafted string. The account name parameter in the Manage FTP Accounts dialog can be used to inject shellcode ...
CVE-2020-35270
Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result...
How to remove a user from a shared Android device
Some of our loyal readers may remember my little mishap when I was able to track my wife by accident after inadvertently adding myself to her phone as a user. For exactly that reason we want to warn against sharing devices and at least show you how to remove other people’s accounts from your...
Pidgin 2.13.0 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Pidgin 2.13.0 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://pidgin.im/ Software https://cfhcable.dl.sourceforge.net/project/pidgin/Pidgin/2.13.0/pidgin-2.13.0.exe Version: 2.13.0 Tested on: Windows 7, Windows 10 Proof of Concept: 1.-...
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor NPM before 11.5, NetFlow Traffic Analyzer NTA before 4.1, Network Configuration Manager NCM before 7.3.2, IP...
Sql injection
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor NPM before 11.5, NetFlow Traffic Analyzer NTA before 4.1, Network Configuration Manager NCM before 7.3.2, IP...
CVE-2014-9566
CVE-2014-9566 : SolarWinds Orion Platform is affected by multiple SQL injection vulnerabilities in the AccountManagement.asmx endpoints (GetAccounts, GetAccountGroups). The issue allows remote authenticated users to execute arbitrary SQL commands by supplying crafted dir or sort parameters. Affec...
CVE-2011-5078
The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...