8.8
CVE-2019-25635 - Zeeways Matrimony CMS Lastest SQL Injection via profile_list
Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the profile_list endpoint. Attackers can inject SQL code via the up_cast, s_mother, and s_religion parameters to extract sensitive database information uβ¦
8.6
CVE-2019-25634 - Base64 Decoder 1.1.2 Local Buffer Overflow SEH Egghunter
Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input file that overflows a buffer, overwrites the SEH chain with a POP-POP-Rβ¦
8.6
CVE-2019-25633 - AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via EggHunter
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name β¦
6.9
CVE-2019-25632 - phpFileManager 1.7.8 Local File Inclusion via index.php
phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the action, fm_current_dir, and filename parameters. Attackers can send GET requests to index.php with crafted parameter values to access sensitive files β¦
8.6
CVE-2019-25631 - AIDA64 Business 5.99.4900 SEH Buffer Overflow via EggHunter
AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences oβ¦
8.7
CVE-2019-25630 - PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manβ¦
8.6
CVE-2019-25629 - AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via Logging
AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging preferβ¦
9.3
CVE-2019-25628 - Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and eβ¦
8.6
CVE-2019-25627 - FlexHEX 2.71 Local Buffer Overflow via SEH Unicode
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. Attackers can craft a malicious text file with carefully aligned shellcode and SEH chain pointers, β¦
8.6
CVE-2019-25626 - River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and Sβ¦