This exploit is a proof of concept for a local buffer overflow vulnerability in Plotwn 18 (.wp2) file format. It has been tested on Windows XP SP3 FR. The exploit is triggered by opening a specially crafted .wp2 file. The vulnerability allows an attacker to overwrite the EIP register, leading to arbitrary code execution.
This exploit is a Proof of Concept for a local buffer overflow vulnerability in Winstats (.fma) file. The exploit is tested on Windows XP SP3 FR.
This paper discusses how an unprivileged remote attacker can execute arbitrary code on networked players' computers. The IRC client component of UFO: Alien Invasion 2.2.1 contains multiple security vulnerabilities that allow a malicious IRC server to remotely execute arbitrary code on the client's computer.
This vulnerability allows an attacker to inject malicious SQL queries into the 'sid' parameter of the 'products.php' page, potentially leading to unauthorized access or manipulation of the database.
2daybiz Video Community portal is the ultimate solution for starting your video sharing and uploading community similar to YouTube, Daily Motion and Myspace Videos. This enterprise level video sharing software offers a powerful and rich featured solution. In this software members can upload videos, rate videos, tag videos, leave comments, edit uploaded videos, title and description set video as public/private, video play list, create channels, groups and favorite videos.
This vulnerability allows an attacker to inject SQL queries into the website's database, potentially gaining unauthorized access to sensitive information or modifying data.
iBoutique is a PHP ecommerce solution that allows you to setup and maintain your own estore. It has a SQLi vulnerability and an XSS vulnerability. The SQLi vulnerability can be exploited by manipulating the 'page' parameter in the index.php file. The XSS vulnerability can be exploited by injecting malicious script code into the 'page' parameter in the index.php file.
There are two persistent XSS vulnerabilities in the Joomla Component RSComments version 1.0.0. The first vulnerability is in the Name field and the second vulnerability is in the Website field. The exploit payload is "x"/style="position:absolute;top:0;left:0;width:999pc;height:999pc"/onmouseover="alert(1)//". The first vulnerability only executes in the backend, while the second vulnerability executes in both the frontend and backend.
Blind SQL Injection: Requires magic_quotes OFF. Exploit: option=com_answers & task=categ & id=-1' union select benchmark(100000,md5(5)) as a -- 'Title Field SQL Injection: Exploit: title',(select concat(username,char(32),password) from jos_users where gid=25 limit 1),'0','1','0','','') -- ;SQL Injection: Requires magic_quotes OFF, Joomla! debug OFF. Exploit: option=com_answers & task=detail & id=-1' union select concat(username,char(32),password),2,3,4,5,6,7,8,9 from jos_users where gid=25 limit 1 -- '
This is a proof-of-concept code for a buffer overflow vulnerability in PowerZip. The vulnerability allows an attacker to overwrite the stack buffer, but the code does not provide an exploit to take advantage of this. The affected versions are 7.21 (Build 4010) of PowerZip. The vulnerability is local, meaning it can be exploited by a user with local access to the vulnerable system. The vulnerability is a boundary condition error that leads to a stack buffer overflow. However, the code does not provide an exploit to actually exploit the vulnerability. The vulnerability affects Windows 7, Windows Vista, Windows XP, Windows 2000, Windows Me, Windows 98, and Windows NT 4.0. There is no known fix for this vulnerability.
Services By CQR
