A stack-based buffer overflow occurs when you pass to "strFontName" parameter a string overly long than 24 bytes which leads into EIP overwrite allowing the execution of arbitrary code in the context of the logged on user. This happens because an inadequate space is stored into the buffer intended to receive the font name.
The Openregistrecil 1.02 version is vulnerable to multiple file inclusion. An attacker can exploit this vulnerability to include arbitrary files from the server, leading to remote code execution.
Acritum Femitter v1.03 is vulnerable to remote directory traversal attack.
This is a proof-of-concept exploit for a remote unicode stack overflow vulnerability in HP Operations Manager version 8.16. The vulnerability exists in the LoadFile() and SaveFile() functions of the srcvw4.dll module. The exploit allows an attacker to overwrite the address of the seh handler and potentially execute arbitrary code.
Openreglement 1.04 has a vulnerability that allows remote file inclusion (RFI) and local file inclusion (LFI). This vulnerability can be exploited by an attacker to include arbitrary files from the server, leading to potential information disclosure or remote code execution.
This exploit takes advantage of a stack overflow vulnerability in the SMB client of Windows 7/2008R2. By sending a specially crafted packet, an attacker can overwrite the EBP and EIP registers, allowing for arbitrary code execution. The vulnerability is tracked as CVE-2010-0270.
This is a proof-of-concept exploit for MailGust 1.9 (and possibly prior versions) that allows for SQL injection and board takeover. The exploit also has generic HTTP proxy support. It is created by rgod and can be found on his website http://rgod.altervista.org. To run this script, make sure to make certain changes in the php.ini file. The usage of this exploit involves launching the script from Apache, filling in the requested fields, and sending yourself a new admin password.
This is an exploit for Archive Searcher 2.1 software on Windows. It allows for a search for files in the application, with character restrictions. The exploit uses Zip headers to exploit the vulnerability.
The exploit is used to turn an SMB client bug into a server-side vulnerability. It allows an attacker to execute arbitrary code on the target system.
This exploit targets a vulnerability in the Magneto Net Resource ActiveX control, specifically in the NetShareEnum function. By exploiting this vulnerability, an attacker can execute arbitrary code on the victim's system. The exploit uses a shellcode payload to launch the Windows calculator application (calc.exe).
Services By CQR