The vulnerability exists in the searchvote.php script of the 2daybiz Polls Script. An attacker can exploit this vulnerability by injecting malicious SQL queries through the 'category' parameter. This can lead to unauthorized access, data manipulation, or data leakage.
The exploit is a stack buffer overflow in UltraISO software. It affects versions 9.3.6.2750 and can be exploited remotely as well as locally. The bug allows an attacker to overwrite the stack buffer, potentially leading to arbitrary code execution. The exploit is specific to Windows operating systems including Windows 7/2008/Vista/2003/XP (32-bit and 64-bit), Windows 2000, ME, 98SE, 98, or Windows NT4.0 SP6a. There is no known fix for this vulnerability. The exploit code is written in C and requires the gcc compiler version 3.4.4 (cygming special, gdc 0.12, using dmd 0.125). It is recommended to use the cygwin console to avoid any problems under Windows.
This exploit targets a buffer overflow vulnerability in Winamp version 5.572 on Windows 7 Ultimate x64 ENG. It bypasses ASLR and DEP protections. The exploit involves replacing the 'whatsnew.txt' file in the Winamp folder and then right-clicking on the flash symbol and selecting 'Nullsoft Winamp...' and then 'Version history'. The exploit uses a ROP chain to control program execution.
This exploit is designed to work with PHP versions 4.3.10 and 4.4.0 under Windows XP SP 1. It overwrites the EIP (Extended Instruction Pointer) with a CALL ESI from ws2_32.dll from Windows XP SP1. The shellcode is written into the $user variable and a temporary memory location is trashed. This exploit is specifically for Apache/1.3.33 and PHP/4.4.0 on Windows only.
This is a local buffer overflow exploit for WinRAR version 3.3.0 and below. The exploit uses a jmp esp instruction in various DLLs to gain control of the program flow. The exploit also includes Metasploit shellcode to establish a reverse shell on port 4444.
This exploit is a proof of concept for a local buffer overflow vulnerability in Plotwn 18 (.wp2) file format. It has been tested on Windows XP SP3 FR. The exploit is triggered by opening a specially crafted .wp2 file. The vulnerability allows an attacker to overwrite the EIP register, leading to arbitrary code execution.
This exploit is a Proof of Concept for a local buffer overflow vulnerability in Winstats (.fma) file. The exploit is tested on Windows XP SP3 FR.
This paper discusses how an unprivileged remote attacker can execute arbitrary code on networked players' computers. The IRC client component of UFO: Alien Invasion 2.2.1 contains multiple security vulnerabilities that allow a malicious IRC server to remotely execute arbitrary code on the client's computer.
This vulnerability allows an attacker to inject malicious SQL queries into the 'sid' parameter of the 'products.php' page, potentially leading to unauthorized access or manipulation of the database.
Services By CQR