The exec_ibcs2_coff_prep_zmagic() function in OpenBSD 2.x through 3.3 allows remote attackers to execute arbitrary code via a crafted iBCS2 header with a length parameter that exceeds the actual header length, which triggers a stack-based buffer overflow.
This is a local buffer overflow exploit for PhotoFiltre Studio X .tif files. It allows an attacker to overwrite the seh handler with a pop pop ret instruction and overwrite the next seh with a jmp ebp instruction. The exploit then finds the exact location ebp points to and writes a jmp 0x40 bytes instruction. This exploit does not have space for shellcode, so a jmp ebp option is chosen instead of an egghunter. The exploit is designed for MS Windows xp pro sp3.
This exploit allows remote attackers to bypass ASLR and DEP protections in ProSSHD 1.2, leading to unauthorized access.
This is a 0day exploit that crashes all major browsers including Mozilla Firefox, Internet Explorer, Google Chrome, Netscape, and Opera. The exploit utilizes a DoS (Denial of Service) attack by creating a buffer overflow. It injects a script into the browser's body onload event, which continuously adds characters to a buffer until it overflows and crashes the browser.
This exploit allows an attacker to execute commands on a phpBB forum through the admin_styles.php file. It has been tested on phpBB version 2.0.13. The exploit works by creating a new style and running SQL queries in the database. The attacker can then execute commands through the created file. The exploit also has the ability to retrieve the database prefix.
-9999+union+all+select+0,0,group_concat(es_admin_name,char(58),es_pwd)v3n0m,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+esb2b_admin--
Multiple vulnerabilities have been found in ASPCode CMS. These include multiple XSS vulnerabilities, persistent XSS vulnerability, CSRF vulnerability, and a possible SQL injection vulnerability. The XSS vulnerabilities can be exploited through various URLs, including default.asp?sec=1&ma1= and default.asp?sec=1&tag=. The persistent XSS vulnerability can be exploited by posting in the guestbook section. The CSRF vulnerability allows an attacker to delete a user account or create a super admin account. The possible SQL injection vulnerability can be exploited through the URL default.asp?sec=64&ma1=tag&tag=CMS'.
The exploit involves using the SQL injection vulnerability in the B2B Gold Script (id) software to execute a union-based select statement and retrieve the admin username and password.
-9999+union+all+select+0,0,group_concat(es_admin_name,char(58),es_pwd)v3n0m,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+esb2b_admin--
The Scratcher application is vulnerable to SQL injection and cross-site scripting (XSS) attacks. An attacker can exploit these vulnerabilities to execute arbitrary SQL queries and inject malicious scripts into the application.
Services By CQR