Running this script may crash the remote SSH server if it is vulnerable. The GitHub repository contains a vulnerable and fixed SSH server for testing.
The vulnerability allows an attacker to disclose files on the remote server by exploiting the 'download.php' script. By manipulating the 'file' parameter and using directory traversal techniques, an attacker can access sensitive files such as the '/etc/passwd' file.
Remote Unauthenticated Heap Memory Corruption in Quick N' Easy Web Server <= 3.3.8. The exploit causes a denial of service by sending a large number of requests to the server, resulting in a heap memory corruption.
This exploit allows an attacker to remotely disclose the configuration of the SecuSTATION IPCAM-130 HD Camera.
The vulnerability allows an attacker to include arbitrary files from a remote server by exploiting the 'root_path' parameter in the 'function.php' file. By manipulating the 'root_path' parameter, an attacker can execute malicious code on the target server.
The AMSS++ v 4.31 application is vulnerable to SQL Injection. An attacker can exploit the 'id' parameter in the maildetail.php file to inject malicious SQL queries.
The exploit script generates a payload and creates a file named "mi.txt" with the payload content. When this payload is pasted into the "username" field of the Core FTP application, it causes the application to crash.
The vulnerability exists in the 'content_css.php' file of the TinyMCE module in CMS Made Simple <= 1.2.2. The 'templateid' parameter is not properly checked, allowing an attacker to inject SQL code at line 67. This can be exploited to extract sensitive data from the database.
This exploit allows an attacker to remotely disclose the configuration of a DBPower C300 HD Camera.
Services By CQR