This exploit creates a file called bluetab.txt with the user's Bluetooth nickname. When the file is sent to a Nokia mobile device and the nickname is copied and pasted into the device's Bluetooth nickname, any mobile device that searches for and finds the nickname will restart. This exploit also works on many other Symbian and Java mobile devices.
This exploit targets a memory corruption vulnerability in the Linux Kernel 2.6.x SCTP FWD Chunk. It allows remote execution of arbitrary code.
This exploit targets Apache web servers on Windows systems. It sends a specially crafted header to the server, causing a denial of service condition. The trys parameter determines the number of times the exploit is executed. Increasing the trys parameter can increase the impact of the DoS attack. The exploit has been tested on Apache 2.0.49 running on Windows 2000 SP4.
This exploit takes advantage of a buffer overflow vulnerability in the winsock.h library. By sending a specially crafted input, an attacker can overwrite adjacent memory and execute arbitrary code.
This exploit targets Destiny Media Player version 1.61 by creating a malicious .rdl file that triggers a buffer overflow. When the file is double-clicked, it executes arbitrary code, in this case, a command to open the calculator on Windows systems.
The Absolute Form Processor XE-V 1.5 allows remote attackers to change the password of a user account by sending a specially crafted request to the edituser.asp script.
This exploit allows a user to execute arbitrary commands on the remote server with the privileges of the httpd. It combines three methods of exploitation and acts as a remote shell, parsing all returned data to display command output and running in a loop for continuous access.
The exploit causes a trap in the Listener process by exploiting a vulnerability in the memcpy() function called from the ncrfintn() function in the oranro11.dll library.
The NotFTP 1.3.1 application is vulnerable to local file inclusion. By manipulating the 'newlang' parameter in the 'config.php' file, an attacker can include arbitrary files, potentially leading to unauthorized access to sensitive information.
This exploit takes advantage of a vulnerability in the Dokeos LMS version <= 1.8.5, specifically in the 'whoisonline.php' file. The vulnerable code is located in the 'tablesort.lib.php' file, where user input is not properly sanitized before being used in a comparison function. This allows an attacker to inject arbitrary PHP code and execute it remotely. The exploit uses the 'sort_table' function to execute the injected code.
Services By CQR