This exploit is for a stack overflow vulnerability in Windows HTML Help Workshop Index File. It was discovered and exploited by Darkeagle of Unl0ck Researchers. The exploit tested in WinXP SP2 RUS. It uses a buffer overflow to overwrite the return address of the stack and execute shellcode.
FlySpray 0.9.7 is vulnerable to a remote code execution vulnerability. This exploit allows an attacker to execute arbitrary commands on the vulnerable server. The exploit works against PHP5 and requires the attacker to fill in the requested fields. The exploit was found in FlySpray, exploiting EGS Enterprise Groupware System 1.0 rc4.
This exploit allows an attacker to inject malicious SQL queries into the Invision Power Board Army System Mod 2.1. The query of the SQL Injection depends on the number of fields in the SQL table. The exploit has been tested on a new fresh IPB 2.1.x with Army System Mod 2.1 installed.
A buffer overflow vulnerability exists in Microsoft HTML Help Workshop .hhp file Compiled File Header. The vulnerability is caused due to a boundary error when handling the Compiled File in Options in a HHP file. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted HHP file.
This exploit targets the "SITE CHMOD" command of Serv-U FTPD 3.x/4.x, which can be used to execute arbitrary code on the vulnerable system. The exploit is written in C and can be compiled with the cl compiler. It can attack Serv-U versions 3.0.0.20 to 4.1.0.11 on Windows 2000 Server EN/GB. The exploit requires a valid account and a writable directory.
A buffer overflow vulnerability exists in the 'Compiled file' option of the 'OPTIONS' section of the INFOTYPES file. An attacker can exploit this vulnerability by supplying a specially crafted INFOTYPES file with a long string in the 'Compiled file' option, resulting in a buffer overflow.
This exploit is for OpenVMPSd v1.3 which is vulnerable to a remote format string vulnerability. The exploit uses a malicious UDP packet to send a crafted buffer containing a NOP sled and shellcode to the vulnerable server. The shellcode binds a shell to a port on the vulnerable server.
This exploit is for a local privilege escalation vulnerability in the phfont binary of QNX 6.2.1. The vulnerability is due to a lack of proper input validation when handling environment variables. By setting the PHFONT and PHOTON2_PATH environment variables, an attacker can execute arbitrary code with root privileges.
This PoC causes anormal behaviours on some Sony/Ericsson cell phones, such as K600i, V600i, K750i, W800i, and maybe other ones. Vulnerable devices will slowly turn their screen into black and then display a white screen. After a short period (~45sec), they will go back to their normal behaviour.
This exploit allows attackers to gain access to vulnerable services on Windows XP with SP2 and Windows 2000 systems. The vulnerable services include DcomLaunch, UpnpHost, SSDPSRV, WMI, DHCP, NetBT, DnsCache, Pml Driver HPZ12, and Autodesk Licensing Service. The exploit is executed without admin privileges on the target system.
Services By CQR