Embedthis GoAhead before 3.6.5 and after 2.5.0 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
AllMediaServer is prone to a buffer overflow when handling specially crafted HTTP request packets.
The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator.
Dup Scout is prone to a buffer overflow when handling an overly long username.
VX Search Enterprise is prone to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring.
Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.
The application allows an attacker to specify a server to perform authentication. That server also allows to execute controlled SQL directly against the database.
This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM.
This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM.
Username parameter in Registeration page 'register.ghp' is prone to a stack-based buffer-overflow vulnerability.
Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Apache Tomcat allows the upload of JSP files to unauthenticated users via a specially crafted request when the readonly initialization parameter of the Default servlet is set to false.
The vulnerability is a buffer overlow when parsing a POST command with a crafted username.