This exploit takes advantage of a stack buffer overflow vulnerability in CastRipper version 2.50.70. It allows an attacker to execute arbitrary code by sending a specially crafted .M3U file. The exploit contains shellcode that spawns the Windows calculator (calc.exe).
This exploit targets the Mambo CMS versions 4.5.2.1 and below, as well as MySQL version 4.1. It allows an attacker to perform SQL injection by manipulating the user_rating parameter in the index.php file. By exploiting this vulnerability, an attacker can retrieve the password of a user with a specific ID.
The vulnerability allows an attacker to execute arbitrary SQL queries in the weenCompany website's index.php moduleid parameter, leading to unauthorized access or manipulation of the database.
The mypage0.4 application is vulnerable to Local File Inclusion (LFI) attacks. The vulnerability allows an attacker to include local files on the server by manipulating the 'page' parameter in the index.php file. By providing a crafted value for the 'page' parameter, an attacker can include sensitive files such as the /etc/passwd file. This can lead to unauthorized access, information disclosure, and potential system compromise.
This exploit allows an attacker to upload and execute arbitrary PHP code on the server running PHPhotoalbum. The vulnerability can be found by searching for the dork 'Powered By PHPhotoalbum' or 'inurl:"PHPhotoalbum-upload.php"'. The attacker can upload a shell.php.pgif or shell.php.pjpeg file and access it through a userpics folder. This can lead to remote code execution on the server.
This is a SQL injection exploit for MercuryBoard version 1.1.4 and MySQL version 4.1. The exploit allows an attacker to execute arbitrary SQL queries and potentially gain unauthorized access to the database.
The vulnerability allows an attacker to bypass authentication by injecting a specific code.
This exploit takes advantage of a buffer overflow vulnerability in the PlayMeNow media player. By creating a specially crafted M3U playlist file, an attacker can cause a buffer overflow and potentially execute arbitrary code. The exploit includes a shellcode that launches the Windows calculator (calc.exe).
The FestOs version 2.2.1 is vulnerable to multiple Remote File Inclusion (RFI) exploits. Attackers can include malicious files from a remote server, leading to arbitrary code execution.
Services By CQR