The vulnerability allows for XSS attacks in the URL and form fields, as well as an upload vulnerability that can be used to upload a shell.
This exploit allows remote attackers to execute arbitrary commands via a vulnerable Web_store.cgi script. The exploit requires the ability to write to the /tmp directory.
QuickHeal antivirus 2010 allows local users to escalate privileges by replacing files in the install folder.
The Linkster script is vulnerable to SQL Injection. An attacker can exploit the vulnerability by injecting malicious SQL code in the 'CID' parameter of the linkster.php file. This can lead to unauthorized access to the database and potentially sensitive information leakage.
This exploit allows an attacker to create a staff account in the Traidnt Discovery software through a Cross-Site Request Forgery (CSRF) attack. By submitting a form with hidden fields containing the necessary account information, the attacker can bypass the authentication process and create a new staff account.
This exploit allows an attacker to create an administrator account in Easy Banner Pro through a Cross-Site Request Forgery (CSRF) attack. The attacker can submit a form with the necessary parameters to create the account.
The AdManagerPro software is vulnerable to a CSRF (Cross-Site Request Forgery) attack that allows an attacker to create a new administrator account without proper authentication. By exploiting this vulnerability, an attacker can gain unauthorized access to the system and perform malicious actions.
This is a buffer overflow exploit for Savant web server version 3.1. The exploit takes advantage of a vulnerability discovered by Muts from Offensive Security. It uses a specific payload to execute arbitrary code, in this case, launching the Windows calculator application. The exploit includes a specific sequence of instructions and a return address to execute the code successfully.
The Zabbix Agent allows bypassing the EnableRemoteCommands=0 configuration by exploiting a vulnerability in the function NET_TCP_LISTEN(). This vulnerability affects Zabbix Agent on FreeBSD and Solaris systems. An attacker can execute arbitrary commands by sending a specially crafted request to the agent.
Services By CQR