Western Digital MyCloud NAS - Command Injection

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data. id: CVE-2016-10108 info: name: Western Digital MyCloud NAS - Command Injection author: DhiyaneshDk severity: critical...

Goahead 3.1-3.4 a heap overflow leading to remote code execution

No description provided by source...

PYSEC-2014-30

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject...

CVE-2009-1094

Unspecified vulnerability in the LDAP implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier allows remote LDAP servers to execute arbitrary code via unknown vector...

Orbit Downloader 2.8.4 - Hostname Remote Buffer Overflow

Orbit Downloader 2.8.4 - Hostname Remote Buffer Overflow Orbit Vulnerability discovered by Secunia Exploit and POC provided by: JavaGuru Right click on link below then choose download by orbit, CALC.EXE will pop up I got a lot of problems when trying to execute shellcode, because a lot of chars w...

Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Joomla comflashmagazinedeluxe magid SQL Injection Vulnerability =================================================================== Joomla Component Flash Magazine Deluxe...

Gentoo Security Advisory GLSA 200504-19 (MPlayer)

The remote host is missing updates announced in advisory GLSA 200504-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CVE-2008-0235

The Microsoft VFPOLEServer ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method...

CVE-2007-2352

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

CVE-2007-2296

Integer overflow in the FlipFileTypeAtomBtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V MP4 file...

CVE-2006-3059

Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086...

CVE-2006-2526

PHP remote file inclusion vulnerability in index.php in PHP Easy Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...

CVE-2005-4228

Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 since, 2 sortby, and 3 itemsnumber parameters to comments.php, 4 the search parameter to category.php, and 5 imageid parameter to picture.php. NOTE: it was...