This is a proof-of-concept exploit for a remote kernel overflow vulnerability in Apple MACOS X xnu version 1228.3.13. The vulnerability is related to the appletalk zip-notify functionality. The exploit takes advantage of a buffer overflow in the zip-notify functionality to execute arbitrary code on the target system.
This is a remote buffer overflow exploit for the Medal of Honor Spearhead Dedicated Server on Linux. It allows an attacker to execute arbitrary code on the target server.
Bug found some time ago by n00b, improved sploit with lots of targets to choose from. Allows running Calc.exe, Bind shell on port 4444, and Win32 Adduser. Default port is 26000 and IP is 127.0.0.1. Can be exploited using SEH method.
The Pixie CMS is vulnerable to multiple vulnerabilities including Cross Site Scripting (XSS) and SQL Injection. The XSS vulnerability can be exploited by tampering with the blog post URL variables, specifically the 'x=' variable. By injecting HTML code into the page display, an attacker can redirect users to a specified URL. The SQL Injection vulnerability occurs in the 'referer' client request, allowing an attacker to manipulate the referer and perform SQL Injection attacks.
This is a remote overflow exploit for 3Com Ftp Server. It is a simple proof of concept (PoC) tested on Windows XP SP1 and may not work on other systems. The exploit code has overflows in every command.
Overlong hostnames in bsplayer playlist files causes eax and seh handlers to be overwritten. Cannot reliably debug with olly because of code compression, just used faultmon/memdump/msfpescan and I choosed the easy/universal way with seh. There are some pop ret addresses in common among the vulnerable versions...
The Bloginator V1A software is vulnerable to SQL command injection. This can be exploited by sending a crafted request to the articleCall.php page, allowing an attacker to execute arbitrary SQL commands.
This exploit targets Chasys Media Player 1.1 by exploiting a stack overflow vulnerability in the .cue file parser. The attacker can craft a specially crafted .cue file that, when opened by the vulnerable media player, will trigger the stack overflow and potentially allow the execution of arbitrary code. This exploit has been written in Ruby and can be used to gain unauthorized access to a target system.
This SQL injection allows an attacker to retrieve the username and md5 of all registered users of the site. The vulnerability is caused by the extract() function used in header.php. The attacker can set an arbitrary value to the var $qorder if $order has a value not expected.
This is a buffer overflow exploit for VisualBoyAdvanced version 1.7.x. The exploit allows an attacker to execute arbitrary code by overflowing a buffer and overwriting the return address. The exploit was found and coded by Qnix. The exploit utilizes a shellcode to gain unauthorized access.
Services By CQR