This module exploits a remote command execution vulnerability in Nostromo <= 1.9.6. This issue is caused by a directory traversal in the function `http_verify` in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request.
Unquoted service paths in OpenVPN Private Tunnel v2.8.4 have an unquoted service path. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
The flaw is located in the HP Software Update tool, which is preinstalled in HP notebook machines. It allows a potential attacker to remotely write arbitrary files on the system, leading to user files loss or damage to vital system files, potentially rendering the PC unbootable.
The WMV to AVI MPEG DVD WMV Convertor version 4.6.1217 is vulnerable to a buffer overflow vulnerability, which can be exploited to execute arbitrary code. By pasting specially crafted content from EVIL.txt into the 'License Name and License Code' field and clicking 'OK', an attacker can trigger the buffer overflow and gain a bind shell on port 4444.
This module exploits a command injection in Ajenti <= 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.
This exploit code targets vulnerable systems in order to corrupt GPO updates which causes the target system to revert various security settings to their default settings. This includes SMB server and network client settings, which by default do not require SMB signing except for domain controllers. Successful exploitation against a system with a hardened configuration that requires SMB Signing by the network client will make the target system vulnerable to MS15-011, which can lead to remote code execution.
This exploit allows an attacker to remotely trigger a buffer overflow in the 'POP3 User' field of Win10 MailCarrier version 2.51. By exploiting this vulnerability, an attacker can gain unauthorized access and control over the affected system. The exploit code is written in Python and includes a payload generated using msfvenom. It should be noted that different versions of Windows 10 may have different offsets, and sometimes the exploit needs to be run twice to successfully pop a shell.
This is an exploit for a bug in php-fpm (CVE-2019-11043). In certain nginx + php-fpm configurations, the bug is possible to trigger from the outside. This means that a web user may get code execution if you have vulnerable config.
This exploit demonstrates a buffer overflow vulnerability in ChaosPro 2.0. By sending a specially crafted payload, an attacker can trigger a buffer overflow and potentially execute arbitrary code. This specific exploit targets the SEH (Structured Exception Handling) mechanism.
The vulnerability exists in the RR.php file of PhpMyDesktop|arcade 1.0 Final, where the phpdns_basedir parameter is not properly validated, allowing remote attackers to include arbitrary files.
Services By CQR