The addlist.php file in the newsletter/admin directory of the server application does not properly sanitize the user-supplied input. This allows an attacker to inject malicious code, such as a script tag, which can be executed by other users visiting the page. In this specific case, the vulnerability allows an attacker to execute arbitrary JavaScript code and potentially steal cookies or perform other malicious actions on behalf of the user.
This is a buffer overflow exploit for the M3U To ASX-WPL 1.1 software. It uses a SEH overwrite method and a shellcode to execute arbitrary code on the target system.
This exploit takes advantage of a local buffer overflow vulnerability in IDEAL Administration 2009 v9.7. It allows an attacker to execute arbitrary code on the target system. The exploit payload is a shell_bind_tcp payload with an encoder: x86/alpha_mixed. It uses the SEH (Structured Exception Handling) technique and binds a shell to port 4444 on the target system.
This exploit allows for remote code execution through a buffer overflow vulnerability in RPCDCOM2.c version 1.1. The vulnerability is triggered by sending a specially crafted bind request to the target system. The exploit payload is included in the bindstr array. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.
When a crafted .PNG file is opened, a stack buffer overflow occurs due to DEP, resulting in the overwrite of a SEH handler with a POP/POP/RET instruction from the gear12d.dll module. The exploit is universal and can execute multiple shellcodes.
The Public Media Manager <= 1.3 has a vulnerability in the forms_dir parameter of the comcal/calmenu.php file. An attacker can include a remote file using the forms_dir parameter, which can lead to remote code execution.
An overlong string as DSC comment (more than 42000 bytes) results in a direct EIP overwrite. Exception is first-chance so the program will never crash. At the moment of the redirection EAX and ESI are user-controlled. This portion of the buffer begins with '%' (it is the next DSC comment) but as you can see the resulting pattern is nop-equivalent.
This is a proof of concept (PoC) exploit for a remote stack overflow vulnerability in Crob FTP Server 3.6.1 on Windows XP. The exploit is designed to execute arbitrary code on the vulnerable server.
This exploit allows an attacker to bypass the admin login of PHP/MYSQL scripts. By using the login '-' and password '-', the attacker can gain admin access.
This POC code binds shell on port 2001 of a vulnerable e-Post SPA-PRO Mail @Solomon IMAP server. It assumes default mailbox configuration C:mailinbox%USERNAME%. Any changes to the mailbox configuration will cause this POC to fail due to the length differences.
Services By CQR