This is a Perl script that exploits a SQL injection vulnerability in LiteForum 2.1.1. The exploit works on all versions of MySQL. It allows an attacker to retrieve user IDs and passwords from the database.
This is a buffer overflow exploit for the socket_getline() function in the Newspost software. It allows an attacker to execute arbitrary code or gain unauthorized access to the system.
This exploit targets ngIRCd version 0.8.2 and earlier. It takes advantage of a format string vulnerability in the ngIRCd software, which allows remote attackers to execute arbitrary code or cause a denial of service.
Due to insufficient validation of client-side data, an attacker can inject scripts directly into the file-based storage used for blog comments. This allows for XSS attacks where a malicious script is executed when the comment is viewed, or CSRF attacks where the user is redirected to a malicious website and performs unintended actions.
The Painkiller game client sends a packet containing the password encrypted using the server challenge string. This algorithm can be used to decode/encode the password stored in the packet.
Unknown
This exploit allows an attacker to perform a Denial of Service attack on a target running TinyWeb version 1.9. It sends multiple requests to the target's /cgi-bin/.%00./dddd.html URL, causing the server to become unresponsive.
The Simple PHP Newsletter 1.5 script is vulnerable to local file inclusion. The vulnerability exists in the 'mail.php' and 'mailbar.php' files, where the 'olang' parameter is not properly sanitized before being used in a require statement, allowing an attacker to include arbitrary local files. By manipulating the 'olang' parameter, an attacker can include sensitive files, such as the '/etc/passwd' file, which may contain hashed passwords and other system information.
This is a buffer overflow exploit for the Savant web server. It allows an attacker to execute arbitrary code on the server. The exploit code is written in Python and targets a specific vulnerability in the server. It was discovered by Mati Aharoni and coded by Tal Zeltzer and Mati Aharoni. This exploit is for research purposes only and should not be used maliciously.
Registered users with blog keeping privileges can access personal gallery functionality and upload image files to the server. File uploading can be dangerous without proper security checks.
Services By CQR