The Flexphpdiren CMS version 0.0.1 is vulnerable to SQL injection in the 'usercheck.php' and 'add.php' files. An attacker can exploit this vulnerability to bypass authentication and execute arbitrary SQL queries. Additionally, the 'add.php' file allows an attacker to upload malicious files and gain unauthorized access to the server.
NodeManager Professional V2.00 has a stack overflow vulnerability that can be exploited by sending a specially crafted SNMPv1 trap. By sending more than 512 bytes in the Trap DATA field, it is possible to overflow the stack buffer and overwrite the EIP.
The IntelliTamper software version 2.07/2.08 is vulnerable to a local stack overflow. The vulnerability allows an attacker to execute arbitrary code by exploiting a buffer overflow in the ProxyLogin function. By sending a specially crafted request, an attacker can overflow the buffer and overwrite the return address on the stack, allowing them to execute arbitrary code.
This exploit allows an attacker to dump passwords encrypted by Peer2Mail 1.4 and prior versions. The exploit targets the 'p2m.exe' process and retrieves the password. It was discovered and coded by ATmaCA in 2002-2005.
This exploit targets the Windows RPC DCOM vulnerability and includes two universal targets for Windows 2000 and Windows XP. It uses ExitThread in its shellcode to prevent the RPC service from crashing upon successful exploitation. It also has options for definable bindshell and attack ports. The shellcode has been modified to call ExitThread instead of ExitProcess to prevent the crash of the RPC service on the remote machine. This code is provided as proof-of-concept only for educational purposes and authorized testing.
This exploit targets a buffer overflow vulnerability in Apple iTunes playlist. It allows an attacker to download and execute shellcode on the target system.
This exploit is designed to create a buffer overflow in Microsoft Internet Explorer version 7+ on Windows Vista. It uses a script that contains shellcode to exploit the vulnerability.
The vulnerability exists in the dialog.php file of BloofoxCMS 0.3.4, which allows an attacker to include arbitrary files from the server by manipulating the 'lang' parameter. By using directory traversal techniques, an attacker can include sensitive files such as /etc/passwd. This can lead to further exploitation of the system.
Generates a .pls file that, when loaded in iTunes on OS X 10.3.7, binds a shell to port 4444. The shellcode used in the exploit does not contain any null or newline characters.
A local exploit for the .mx4 project file affecting MixCraft 4.2 (other versions may also work). The exploit implements the SEH technique to exploit the issue and it works on all Windows versions.
Services By CQR