This script allows an attacker to spawn a bash-style shell with the webserver UID. It is currently under development and is not fully functional.
The "Adobe Active File Monitor V8" service is installed with an improper security descriptor. A malicious user of the Users group (which on xp means a "limited account") can stop the service, then invoke the "sc config" command to replace the binary path with a value of choice, then restart the service to run the command with SYSTEM privileges.
This vulnerability allows an attacker to execute SQL queries on the database without the need for authentication. By injecting malicious SQL code into the 'user_id' parameter, an attacker can retrieve sensitive information from the database.
This is a scanner program written in C that is used to scan for the second dcom vulnerability (MS03-039). It is based on the work of buildtheb0x, kid, and farp, and also on packet sniffs of MS's dcom2 scanner.
This code is a proof of concept for an unknown vulnerability in MP3 Studio v1.0. The author attempted to exploit the vulnerability but was unsuccessful. The code includes a bind shell on port 4444. The author notes that this media player is unlikely to be widely used.
The NotJustBrowsing 1.0.3 application discloses passwords to local users.
ICUII 7.0 discloses passwords to local users.
GoText 1.01 discloses user informations to local users.
This is an exploit for the Traidnt UP v2.0 script that allows for SQL injection. The exploit was discovered and written by Jafer Al-Zidjali. The vulnerability occurs when the magic_quotes_gpc setting is turned off. The author has been notified and a public patch has been released for this vulnerability.
This vulnerability allows an attacker to inject SQL queries into the application's database, potentially gaining unauthorized access or modifying data.
Services By CQR