NullSoft Winamp 5.3 - Ultravox-Max-Msg Heap Overflow Denial of Service (PoC)

NullSoft Winamp 5.3 - Ultravox-Max-Msg Heap Overflow Denial of Service PoC / Nullsoft Winamp include include include define SERVERPORT 80 unsigned char buff1header1= "HTTP/1.0 200 OK\x0D\x0A" "Server: Ultravox 3.0\x0D\x0A" "Content-Type: misc/ultravox\x0D\x0A" "Ultravox-SID: 13381\x0D\x0A"...

NullSoft Winamp 5.3 - Ultravox-Max-Msg Heap Overflow Denial of Service (PoC)

/ Nullsoft Winamp include include include define SERVERPORT 80 unsigned char buff1header1= "HTTP/1.0 200 OK\x0D\x0A" "Server: Ultravox 3.0\x0D\x0A" "Content-Type: misc/ultravox\x0D\x0A" "Ultravox-SID: 13381\x0D\x0A" "Ultravox-Avg-Bitrate: 16000\x0D\x0A" "Ultravox-Max-Bitrate: 24000\x0D\x0A"...

CVE-2006-4002

Drupal vulnerable component: the user.module in Drupal 4.6 (before 4.6.9) and 4.7 (before 4.7.3) allows remote XSS via the msg parameter. Impact: arbitrary script execution in a user’s browser (potential session-related risk). Root cause: insufficient input sanitising in user module. Affected ver...

CVE-2006-3132

CVE-2006-3132 is an XSS vulnerability in QTOFileManager 1.0, specifically in the qtofm.php4 script, exploitable by injecting scripts via the msg parameter. The NVD entry lists impact to confidentiality and integrity (PARTIAL) with network attack vector and no authentication required. The connecte...

CVE-2005-4203

LogiSphere 0.9.9j is affected by CVE-2005-4203: an unrestricted ability to send messages via the msg command can be exploited remotely to cause denial of service by flooding the system with messages. Root cause: lack of restriction on the number of messages. The provided documents do not include ...

PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit

No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but he...

CVE-2004-2523

OpenFTPD affected: OpenFTPD 0.30.2 and earlier. The vulnerability is a format string flaw in the SITE MSG command’s msg.c (cat_message) that lets remote authenticated users execute arbitrary code via format specifiers in the message argument. This is a remote code execution risk with authenticati...

PT-2005-3982 · Php Fusion · Php-Fusion

SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158...

CVE-2002-1967

XiRCON 1.0 Beta 4 is affected by a buffer overflow that can be triggered remotely via overly long (ctcp, primsg, msg, notice) commands, causing denial of service (disconnect). The provided documents describe the impact but do not include exploit details or a patch. Affected component: XiRCON 1.0 ...

DEBIAN-CVE-2004-1484

Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...

Rlpr 2.0 - 'msg()' Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/10578/info It is reported that rlpr is prone to multiple vulnerabilities. These vulnerabilities can allow a remote attacker to execute arbitrary code in order to gain unauthorized access. The application is affected by a format string vulnerability. This...

XSS Vulnerabilities in Alan Ward Acart

Vulnerability: XSS Vulnerabilities in msg Description: XSS Cross Site Scripting vulnerabilities exist in the msg parameter passed in the URL to many pages. This can be used to run arbitrary code on the website, or redirect to some other malicious script. These pages include: deliver.asp error.asp...

Security update 1970-01-01

...

Bing Bar MSG v4-5

MSGMSG is installed if true...