This module exploits a stack overflow in SoftiaCom WMailserver 1.0 (SMTP) via a SEH frame overwrite.
This exploit allows an attacker to execute arbitrary commands on the vulnerable system. It is done by sending a specially crafted HTTP request to the target system. The exploit uses the LWP::UserAgent module to send the malicious request and the HTTP::Cookies module to set the cookie values.
Winamp 5.12 is vulnerable to a remote buffer overflow vulnerability. This exploit creates a crafted.pls file which when opened with Winamp, launches a Calculator (calc.exe). The exploit can also be used remotely by making a HTML page containing an iframe linking to the .pls file.
As long as HTML is ON in the latest version of phpBB forums, several XSS attack vectors are possible. phpBB incorrectly filters in both messages and profiles, making cookie stealing, and other XSS attacks possible. The exploit leads to arbitrary JavaScript execution, which in turn can lead to HTML defacement. Use of the <pre> tag means that the cursor must pass it in the y direction only. e.g. the mouse only needs to cross a point horizontally equal to the link in order for the JavaScript to be executed.
This exploit tries to upload the shellcode to a fixed address and execute it. It is written by crash-x and targets Shoutcast versions 1.9.4 and 1.9.2 on all Linux distros.
This exploit allows an attacker to inject malicious SQL queries into the vulnerable application. It was tested on phpclan's website and it worked + my local server and on ra4ev.com. But on versions below 1.23.1 it doesn't seem to work.
This exploit is a proof-of-concept denial of service attack against Tftpd32. It sends a specially crafted packet containing a format string to the server, which causes the server to crash.
A remote buffer overflow exists in Microsoft Windows Media Player 9.0/10.0/11.0. By sending a specially crafted ASX file, an attacker can cause a stack-based buffer overflow, resulting in arbitrary code execution.
Cerberus FTP Server version 2.32 is vulnerable to a denial of service attack. An attacker can send a specially crafted string of data to the FTP server, causing it to crash. This exploit was discovered by cvh and exploit by Pi3cH from KAPDA - Computer Security Science Researchers Institute.
This exploit is a buffer overflow exploit that is used to generate a malicious WMF file. It is based on the WMF nDay vulnerability which was discovered in 2006. The exploit is written in C and uses the Win32 API to execute arbitrary code.
Services By CQR