Some parameters are not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
This script exploits a Denial of Service vulnerability in Inetserv version 3.23. By sending a specially crafted buffer in the RETR or DELE command, an attacker can cause the server to crash or become unresponsive. The vulnerability allows an unauthenticated attacker to disrupt the normal operation of the POP3 service.
This exploit targets GoldenFTP version 4.70 and allows an attacker to gain unauthorized access to the server. By sending a specially crafted password (PASS command), an attacker can trigger a buffer overflow vulnerability, potentially leading to remote code execution. The exploit requires knowledge of the server's subnet and certain settings to be enabled. It has been tested on Windows XP SP3.
APPFLT.sys driver in Panda Global Protection 2010 (3.01.00) does not properly check inputs integers of an IOCTL, allowing for a local privilege escalation. Although the provided exploit is not functional, it can be modified to achieve privilege escalation.
kl1.sys driver in Panda Global Protection 2010 (3.01.00) does not check inputs integer of an IOCTL, allowing an exception to be thrown if one DWORD is modified. This can lead to a BSOD (Blue Screen of Death).
This exploit targets a vulnerability in bomberclone version 0.11.6.2. It allows an attacker to execute arbitrary code on the target system. The exploit code includes shellcode for both Linux and Windows systems. The Linux shellcode performs a bind shell on port 31337, while the Windows shellcode binds to port 4444. The exploit code is written in C.
CakePHP is vulnerable to a file inclusion attack because of its use of the "unserialize()" function on unchecked user input. This makes it possible to inject arbitrary objects into the scope.
This is a kernel exploit that takes advantage of the missing do_munmap return check in the mremap function. It allows an attacker to gain elevated privileges on vulnerable systems. The exploit works by exploiting a vulnerability in the mremap function of the Linux kernel, specifically in versions <= 2.2.25, <= 2.4.24, and <= 2.6.2. By exploiting this vulnerability, an attacker can execute arbitrary code with root privileges. This exploit requires the suid permission on the target binary /bin/ping. The exploit code is written in C and requires compilation with gcc. The exploit can be executed by running the compiled binary with optional arguments for suid and shell.
This exploit is for a buffer overflow vulnerability in eXtremeMP3 Player. It allows an attacker to execute arbitrary code by loading a malicious file through the playlist manager.
This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TCP/IP packet.
Services By CQR