SAS Hotel Management System is vulnerable to SQL Injection. This vulnerability allows an attacker to manipulate the database by injecting malicious SQL queries. The exploit can be used to extract sensitive information, modify or delete data, or even gain unauthorized access to the system.
PHP Online Jobs is an Extensive and Powerful script written in PHP to launch your own jobs portal with quality features (upload resume, resume search, pound sterling payments and much much more). It has a very high potential to generate very heavy online revenues for you. Script is built with a focus on increases ease of users and profits of webmasters.
The Digital Interchange Document library allows you to easily and seamlessly store your documents online! The administration area is a secured area with an intuitive interface that will let you manage all of your documents from any location with an internet connection. By storing your documents in folders you setup in the Document Library, you will be able to quickly and easily organize and access the information you need most.
The vulnerability allows an attacker to disclose local files on the target system by exploiting a flaw in the 'download.php' script of Yamamah Photo Gallery version 1.00. By manipulating the 'download' parameter, an attacker can traverse the file system and access sensitive files.
The script is vulnerable to SQL injection because it fails to properly sanitize user-supplied input to the 'uid' parameter in the 'managechat.php' script. An attacker can exploit this vulnerability to execute arbitrary SQL code on the underlying database. Additionally, the script is also vulnerable to arbitrary file upload, allowing an attacker to upload malicious files to the server. This vulnerability was first discovered and reported by DNX. The password stored in the database is encoded with sha1.
VU Mass Mailer sends mass mail smartly. There is a time interval that separates each email from being treated as mass mailing. Emails are stor
This exploit targets the Sygate Personal Firewall 5.6 build 2808 ActiveX software on Windows. It uses a DEP bypass technique to exploit a Structured Exception Handling (SEH) vulnerability. The exploit code is provided as-is and should only be used for educational purposes. Any modification or misuse of the code is not the responsibility of Corelan. The exploit has been tested on IE 7/6 with a nop slide used.
This tool allows for remote bruteforce or dictionary attacks on PhpBB versions up to 2.0.18. It includes options for different attack methods, character sets, attack length, victim details, logging, and email notifications. The tool was coded by DarkFig.
This module exploits a stack overflow in the GoldenFTPd server. The flaw is triggered when a APPE command is received with a specially crafted overly-long argument. This vulnerability affects all versions of GoldenFTPd prior to 1.92 and was discovered by Tim Shelton.
SEH gets overwritten at 970 bytes in the LIST command. No space for shellcode, so 1st stage shellcode is used to jump back 768 bytes into the bindshell (2nd stage) shellcode.
Services By CQR