This is a buffer overflow exploit for ShixxNote 6.net. The exploit code allows for a shellcode to be bound to port 101. The exploit works only on Windows 2000 systems. It overwrites the EIP with a JMP EBX instruction, which points to a buffer that is adjusted to jump to the shellcode. This exploit does not work on Windows XP and other operating systems due to the availability of the EBX register.
Ping target router/switch for TTL to host. Subtract that number from 255 and use that TTL on the command line. The TTL must equal 0 or 1 when it reaches the target. The target must accept packets to the given target interface address and there are some other caveats.
This exploit allows an attacker to log the keystrokes entered by a user on the CitiBank website. By opening the provided link in a new tab and focusing on the form field, the attacker can capture the user's keystrokes.
CCLeage Pro 1.2 and all prior versions suffer from multiple insecure cookie validation vulnerabilities. The script checks to see if a cookie is set and matches a value, which can be easily bypassed by creating a cookie. The session_id function returns the PHPSESSID, and if no session is created, it returns an empty string. By overwriting the PHPSESSID cookie, the authentication can be bypassed.
This exploit takes advantage of a buffer overflow vulnerability in Ability Server 2.34 FTP STOR command. It allows an attacker to execute arbitrary code on the target system.
The LNP: Lightweight news Portal v1.0-BETA is vulnerable to multiple remote vulnerabilities including Cross-Site Scripting, Insecure Administration, Permanent Code Injection, and File Upload. These vulnerabilities can be exploited to perform various malicious activities such as executing arbitrary code, injecting malicious scripts, and uploading malicious files.
This is a local exploit for the mod_include module of Apache 1.3.x. It allows an attacker to create a malicious file that can overflow a static buffer and execute arbitrary code with the privileges of the httpd child process.
An attacker can have access to classified information, register users without supervision, create admin user, perform SQL injection to obtain passwords and other information.
This exploit allows local users to gain root access on systems running BitchX version 1.0c19 and earlier. It utilizes a buffer overflow vulnerability to overwrite the return address and execute arbitrary code.
eLineStudio Site Composer is a 100% browser-based database-driven content management system that helps companies to better manage, update & share web content. It has multiple vulnerabilities including injection flaws, cross-site scripting (XSS), SQL injection, information leakage, and failure to restrict URL access. These vulnerabilities can be exploited to perform various attacks such as SQL injection, XSS attacks, database path disclosure, and unauthorized access to server folders.
Services By CQR