SUSE CVE-2017-15098

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

postgresql: Memory disclosure in JSON functions

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

postgresql: Memory disclosure in JSON functions

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

php: Use after free in wddx_deserialize

Use-after-free vulnerability in the wddxstackdestroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field...

ALPINE-CVE-2017-15098

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

UBUNTU-CVE-2017-15098

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

Microsoft Windows ADO Recordset GetRows Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Windows ADO Recordset Update Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

ALPINE-CVE-2016-7413

Use-after-free vulnerability in the wddxstackdestroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field...

CVE-2016-7413

CVE-2016-7413 is a Use-After-Free vulnerability in PHP’s WDDX deserialization path. The issue resides in wddx_stack_destroy in ext/wddx/wddx.c and can be triggered by a wddxPacket XML document that lacks an end-tag for a recordset field, leading to denial of service or potentially other impact. A...

Dream Flash website management system FCMS v6. 5 vulnerability-vulnerability warning-the black bar safety net

Author:roker xmlEditor/adminadd. asp !-- include file="Conn. ASP" - !-- include file="inc/md5. asp" - !-- include file="chkuser. asp" - % if request. cookies"key""super" then response. Write"script language=javascriptalert'you are not authorized to modify admin!'; this. history. go-1;/script"...

Code Widget Database Driven Product Catalogue (ASP) SQL Injection

Exploit for asp platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Code Widget Database Driven Product Catalogue SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 inj3ct0r 1337 Day Team 1 0 0...

Network fun online shopping users fashion Edition Build 1 0 1 1 0 1 SQL injection exploit-vulnerability warning-the black bar safety net

listshj. asp page there is the injection, not for authentication, wherein %dim shjiaid shjiaid=request. querystring"id" set rs=server. createobject"adodb. recordset" rs. open "select from shjia where shjiaid=" shjiaid ,conn,1,1% ID is not filtered, and injected into the generated/admin/listshj...

Old Y article management system of the injection 0day-vulnerability warning-the black bar safety net

Magic springsB. S. N. hacking Defense Vulnerability rating: moderate Vulnerability description: The vulnerability appears in the js. asp, we first look at the source code. Code: If CheckStrRequest"ClassNo" "" then ClassNo = splitCheckStrRequest"ClassNo","|" 'Here is to get the variable using...

MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit

No description provided by source. usage: exploit.py print "-----------------------------------------------------------------------" print ' PoC 2 MS Visual Basic Enterprise Ed. 6 SP6 ".dsr" File Handling BoF\n' print " author: shinnai" print " mail: shinnaiatautisticidotorg"...

MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit

Exploit for unknown platform in category local exploits =============================================================== MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit =============================================================== usage: exploit.py print...

MS Internet Explorer Recordset Double Free Memory Exploit (MS07-009)

No description provided by source. HTML !-- Microsoft Internet Explorer ADODB.Recordset Double Free Memory Exploit ms07-009. Review: This code exploit "double free error" in msado15.dll NextRecordset function. As a result of double freeing of same string, rewriting of Heap Control Block ...