This exploit allows an attacker to grant DBA privileges to the scott user and execute an OS command 'net user' using the advanced extproc method in Oracle 10g. It has been tested on Oracle version 10.1.0.5.0.
This Perl script exploits a buffer overflow vulnerability in the XPSP2 goldenftpserver. It binds to port 4444 and executes a payload to gain unauthorized access to the server.
This is a buffer overflow exploit in mRouter, a suid binary used by iSync, on OSX versions up to 10.3.7. The exploit is written by nemo and the bug was discovered by Braden Thomas.
This exploit targets PNphpBB2 version 1.2i (ModName) and allows an attacker to include local files on the server. It can be used to read sensitive files such as the /etc/passwd file.
A remote code execution vulnerability exists in the way that cursor, animated cursor, and icon formats are handled. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
This exploit targets a buffer overflow vulnerability in various versions of Apache web server. It allows an attacker to execute arbitrary code on the targeted system.
This exploit allows for accessing remote files in a specified directory. There are no limitations on file accessing other than it must be a filename/path equal to 10 or fewer bytes. This limits the remote possibilities somewhat, but symlinking to a short path locally can access anything. This exploit works locally.
This exploit causes a Denial of Service for Darwin Kernel Version < 7.5.0. It opens a file for writing, seeks to 'ncmds', changes 'ncmds' to 0xffffffff, and re-executes with the modified mach-o header.
The vulnerability exists in the usercheck.php file of the Flexphplink Pro CMS. It allows an attacker to execute arbitrary SQL queries by manipulating the 'username' and 'password' parameters. By providing the SQL code ' or '1=1, an attacker can bypass authentication and gain unauthorized access to the system.
The vulnerability exists in the usercheck.php file of the Flexphpsiteen CMS. By manipulating the 'username' and 'password' parameters, an attacker can inject malicious SQL code and bypass authentication. The provided exploit code demonstrates the use of a common SQL injection technique by using the payload ' or '1=1' to always evaluate to true, granting unauthorized access to the admin panel.
Services By CQR