This exploit demonstrates a buffer overflow vulnerability in the PerlIO_Debug() function in Perl. By exploiting this vulnerability, an attacker can gain root privileges on a vulnerable system. The exploit code sets the effective user ID (euid) to 0, allowing the attacker to execute commands with root privileges. This exploit has been tested on Debian 3.1 with perl-suid version 5.8.4-5.
The Social Engine (blog.php) application is vulnerable to SQL injection. An attacker can exploit this vulnerability by injecting malicious SQL queries into the 'user' parameter in the blog.php URL.
This exploit takes advantage of a SQL injection vulnerability in PerlDesk. It allows an attacker to extract usernames and passwords from the users table.
This code exploits a vulnerability in DameWare Mini Remote Control Server prior to version 3.71.0.0. It allows an attacker to execute arbitrary code with SYSTEM privileges on the target system.
The script version Lore 1.5.6 is vulnerable to blind SQL injection. The vulnerability can be exploited by sending a specially crafted request to the 'article.php?id' parameter. The 'Comentarios Habilitados' (Add Comment) feature is affected. An attacker can use the 'intext:"Powered by Lore 1.5.6"' dork to find potentially vulnerable websites. This exploit allows an attacker to extract sensitive information from the database.
This exploit allows an attacker to remotely crash the NGircd server version 0.8.1. The attacker sends a specially crafted request to the server, causing it to crash and become unresponsive.
The OSH 1.7 has a buffer overflow vulnerability in the iopen() function. By invoking osh in non-interactive mode and providing a valid command as argv[1], an attacker can trigger the overflow and potentially execute arbitrary code. The vulnerability lies in the improper handling of inputstring, allowing an attacker to overflow the buffer. This can lead to remote code execution with root privileges.
The E-ShopSystem script is vulnerable to SQL injection. An attacker can bypass the login page by injecting malicious SQL statements in the username and password fields.
This exploit sends a 253-byte payload to the Savant Web Server 3.1, causing a buffer overflow. The exploit overwrites the EIP register with bytes 254 to 258, successfully creating an Administrator user on the victim server. It has been tested on a Windows Server 2003 using the return address 00b7ead8.
This is a remote kernel crash exploit for SunOS Release 5.11 Version snv_101b. It sends a specially crafted IPV6 packet that triggers a kernel crash. The exploit code is written in C.
Services By CQR