Exploit for educational purpose only. SuperNews are a brazilian news system in PHP and MySQL. Versions priors to 2.6 have a simple SQL Injection on view news. The developer tried to fix the bug removing keywords like "union" and "select". But, with a recursion, it's possible to bypass this filters. Another SQL Injection on the administration panel: When deleting a post, you can inject SQL for delete all news on the database. Another vulnerability allows to delete files, on the administration panel: When deleting a post, a variable called "unlink" will talk to the system the new's image for delete. But it's possible to delete others files, typing all the file path or using "../".
This vulnerability allows an attacker to inject malicious scripts into the first name or last name field on the Edit account page. When a user visits the attacker's page, the injected script will execute.
The vulnerability lies in the COM component used by the product SkinCrafter from DMSoft Technologies. This COM component, SkinCrafter3_vs2005.dll, implements a function InitLicenKeys, whose parameter is not checked for the bounds, hence leading to the overflow condition.
Making a HTTP request to any file in /cgi-bin/ directory, with .cfg extension, will return all the device configuration.
Multimedia Builder 4.9.8 is vulnerable to a denial of service attack when opening a malicious .mef file. The exploit involves triggering the vulnerability by going to file->MEF Import ->load MEF.
FlexNet License Server Manager is affected by a stack buffer overflow vulnerability in the function that copies data received after the header into a buffer smaller than the required bytes. This vulnerability can be exploited remotely against the server.
This exploit triggers a buffer overflow in AnvSoft Any Video Converter 4.3.6. By generating a .reg file, executing it, and then opening the application, the exploit is triggered. The exploit uses a unicode buffer overflow to execute arbitrary code.
The username input on the registration page is not sanitized, allowing for a persistent XSS vulnerability. An attacker can inject malicious JavaScript code as the username, which is then stored in the database and displayed in the admin panel and user pages. This vulnerability can be exploited remotely. The exploit can also retrieve the admin cookie session.
The exploit is a Unicode Conversion Stack Based Buffer Overflow that occurs when processing overlong asset elements in Adobe Photoshop CS5.1 U3D.8bi Library Collada. By exploiting this vulnerability, an attacker could be able to return inside an ASCII memory region with an ultra large nop through assigning eip to ex. Photoshop.00630041. The shellcode should be alphabetic.
This exploit takes advantage of a bug with Variant type parsing in PHP 5.4.3. It allows an attacker to execute arbitrary code on a vulnerable system. The exploit is in the form of an HTML page and a PHP script. The HTML page repeatedly sends requests to the PHP script with different offsets to attempt to exploit the vulnerability. The PHP script performs some operations with the offset value and then executes the payload.
Services By CQR