This exploit targets Abee Chm Maker version 1.9.5 and utilizes a stack overflow vulnerability. By importing a specific file and performing a specific action, an attacker can trigger the exploit and execute arbitrary code.
This exploit allows an attacker to execute commands remotely on a server running My Simple Forum v7.1. The vulnerability is caused by a local file inclusion vulnerability at /theme/default/index.template.php?action=[lf]%00. Additionally, there is an XSS vulnerability at /theme/default/index.template.php?Name=[XSS] which requires Register Globals to be turned on. The exploit was discovered by Giovanni Buzzin and Osirys.
An input filter for TeX formulas can be exploited to disclose files readable by the web server. This includes the moodle configuration file with all authentication data and server locations for directly connecting to backend database.
This exploit allows an attacker to change the password of a Thomson TCW690 router by sending a malicious POST request. The vulnerability was discovered by MurDoK in 2005. The exploit code is written in C and can be compiled and executed on a Linux system. The exploit sends a POST request to the router's /goform/RgSecurity URL with the new password as a parameter. The exploit requires the IP address of the router and the new password as command line arguments. After successful execution, the user is instructed to visit http://192.168.0.1 to confirm the password change.
This exploit targets Knox Arkiea Server Backup versions up to 5.3.x. It allows an attacker to gain root or SYSTEM privileges on Linux and Windows systems. On Linux, it exports an xterm to a chosen box by exploiting a stack overflow in a type 77 request. On Windows, it spawns a shell on port 80 of the remote host by overwriting EIP. The exploit includes targets for Redhat 7.2/8.0, Windows 2000 SP2/SP3/SP4, Windows XP SP1, and Windows 2003 EE.
This exploit allows an attacker to perform a universal SEH overwrite in POP Peeper 3.4.0.0. By opening a specially crafted .html file, the attacker can overwrite the Structured Exception Handler (SEH) and gain control of the program's execution flow.
This exploit is for POP Peeper version 3.4.0.0 and targets a universal SEH (Structured Exception Handling) overwrite vulnerability. The exploit is triggered by opening a message or using the Ctrl + O command and selecting a specially crafted .eml file. Upon successful exploitation, the exploit executes a payload that launches the Windows Calculator application. This exploit was developed by Stack and credited to Mountassif Moad. Special thanks are given to Simo, SOft, Jadi, and Str0ke.
This exploit targets the Pluck v 4.6.1 CMS and takes advantage of a local file inclusion vulnerability in the 'module_pages_site.php' file. By manipulating the 'post' parameter in the URL, an attacker can include arbitrary files on the server. The exploit provides a proof of concept by including the 'ls' command to list the contents of the '/bin' directory.
This exploit targets a FTP server without the need for authorization. It takes advantage of a buffer overflow vulnerability in 3com 3CDaemon FTP server.
This exploit targets the Zinf Audio Player version 2.2.1 and utilizes a universal SEH overwrite vulnerability. It allows an attacker to execute arbitrary code with the privileges of the user running the vulnerable software.
Services By CQR