The AdManagerPro software is vulnerable to a CSRF (Cross-Site Request Forgery) attack that allows an attacker to create a new administrator account without proper authentication. By exploiting this vulnerability, an attacker can gain unauthorized access to the system and perform malicious actions.
This is a buffer overflow exploit for Savant web server version 3.1. The exploit takes advantage of a vulnerability discovered by Muts from Offensive Security. It uses a specific payload to execute arbitrary code, in this case, launching the Windows calculator application. The exploit includes a specific sequence of instructions and a return address to execute the code successfully.
The Zabbix Agent allows bypassing the EnableRemoteCommands=0 configuration by exploiting a vulnerability in the function NET_TCP_LISTEN(). This vulnerability affects Zabbix Agent on FreeBSD and Solaris systems. An attacker can execute arbitrary commands by sending a specially crafted request to the agent.
The vulnerability is caused by the lack of proper sanitization of the variable $_SERVER["DOCUMENT_ROOT"] in multiple PHP files. An attacker can exploit this vulnerability by injecting a malicious file path in the DOCUMENT_ROOT parameter to execute arbitrary remote files.
With this exploit we can alter admins info such as email, password and some permissions. NOTE: password must be more then 5 chars.
This exploit targets the HP NNP ovalarm.exe CGI and allows for a remote buffer overflow. It has been tested on XP SP3 + IIS + NNM Release B.07.50.
This application is affected by many SQL Injection security flaws. In order to exploit them, the Magic Quotes GPG (php.ini) must be Off. The vulnerable files include functions.php and searchend.php. In functions.php, there is an authentication bypass vulnerability that allows a guest to bypass the authentication process. In searchend.php, there are multiple SQL injection vulnerabilities that allow a guest to view reserved information stored in the database.
This is a remote formatstring exploit for gnu mailutils-0.5 - mailutils-0.6.90. It is written and tested on FC3.
This exploit takes advantage of a buffer overflow vulnerability in Xenorate 2.50(.xpl) to execute arbitrary code. It utilizes a short jump instruction to bypass the next structured exception handler (SEH) and overwrite the SEH with a return address in the bass.dll library. The exploit then injects shellcode to execute the Windows calculator application. This exploit has been tested on Windows XP SP2.