N/A
SCO Unixware 7.1.3 kernel allows unprivileged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has the suid bit set. An attacker can use a shellcode to gain root access.
PwsPHP <= 1.2.4 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially gain access to sensitive information.
ArgoSoft FTP Server is vulnerable to a buffer overflow attack when a long string is sent to the DELE command. This can be exploited to execute arbitrary code by sending a specially crafted string to the FTP server.
This exploit allows an attacker to gain access to the user's credentials by exploiting a SQL injection vulnerability in the topics.php file of phpWebSite. The attacker can use the URL http://[server][path]/topics.php?op=viewtopic&topic=-1+Union+select+name,name,pass,name+From+users+where+uid=[uid] to gain access to the user's credentials.
This exploit is for VHCS version <= 2.4.7.1. It allows an attacker to create an admin user with a predefined username and password. The exploit is launched by submitting a form with the target URL, username, and password. The username should not exist in the system.
This exploit is a critical SQL injection vulnerability in phpNuke 7.5-7.8. It was found by Janek Vind 'waraxe' and allows an attacker to get the MD5 passwords of the users. The exploit is coded in VC++ and compiled in VC++. It is used to send a SQL injection to the vulnerable server and exploit it to get the MD5 passwords of the users.
NOCC Webmail version 1.0 is vulnerable to remote commands execution exploit through arbitrary local inclusion & attachment filename prediction. This exploit works regardless of any magic_quotes_gpc settings. An attacker can upload an evil mail attachment and then try to include it, predicting its name and its location.
Noah's classifieds 1.3 is vulnerable to a remote code execution vulnerability. This vulnerability is due to the lack of proper input validation in the application when handling user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the vulnerable system.
This exploit code is intended only as a demonstration tool for educational or testing purposes. It is not intended to be used for any unauthorized or illicit purpose. Any testing done with this tool OR ANY PRODUCT OR ALTERATION THEREOF must be limited to systems that you own or are explicitly authorized to test. By utilizing or possessing this code, you assume any and all responsibility for damage that results. The author will not be held responsible, under any circumstances, for damage that arises from your possession or use of this code.
Services By CQR