header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Savant web server 3.1 buffer overflow exploit

This is a buffer overflow exploit for Savant web server version 3.1. The exploit takes advantage of a vulnerability discovered by Muts from Offensive Security. It uses a specific payload to execute arbitrary code, in this case, launching the Windows calculator application. The exploit includes a specific sequence of instructions and a return address to execute the code successfully.

Zabbix Agent : Bypass of EnableRemoteCommands=0

The Zabbix Agent allows bypassing the EnableRemoteCommands=0 configuration by exploiting a vulnerability in the function NET_TCP_LISTEN(). This vulnerability affects Zabbix Agent on FreeBSD and Solaris systems. An attacker can execute arbitrary commands by sending a specially crafted request to the agent.

Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability

The vulnerability is caused by the lack of proper sanitization of the variable $_SERVER["DOCUMENT_ROOT"] in multiple PHP files. An attacker can exploit this vulnerability by injecting a malicious file path in the DOCUMENT_ROOT parameter to execute arbitrary remote files.

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities

This application is affected by many SQL Injection security flaws. In order to exploit them, the Magic Quotes GPG (php.ini) must be Off. The vulnerable files include functions.php and searchend.php. In functions.php, there is an authentication bypass vulnerability that allows a guest to bypass the authentication process. In searchend.php, there are multiple SQL injection vulnerabilities that allow a guest to view reserved information stored in the database.

Xenorate 2.50(.xpl) universal Local Buffer Overflow Exploit (SEH)

This exploit takes advantage of a buffer overflow vulnerability in Xenorate 2.50(.xpl) to execute arbitrary code. It utilizes a short jump instruction to bypass the next structured exception handler (SEH) and overwrite the SEH with a return address in the bass.dll library. The exploit then injects shellcode to execute the Windows calculator application. This exploit has been tested on Windows XP SP2.

Recent Exploits: