This exploit is a denial of service attack against freeFTPd version 1.0.10. It uses a malformed TYPE command to cause the server to crash.
This module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
A buffer overflow vulnerability exists in Macromedia Flash Plugin v7.0.19.0. The vulnerability is caused due to a boundary error when handling crafted .swf files. This can be exploited to cause a stack-based buffer overflow via an overly long string passed to the vulnerable application. Successful exploitation may allow execution of arbitrary code.
EkinBoard 1.0.3 is vulnerable to a SQL injection attack through a maliciously crafted cookie. This vulnerability can be exploited to execute arbitrary commands on the server.
This exploit causes services.exe to consume memory to a point where the target machines virtual memory gets exhausted, leading to a sustained DOS attack. The exploit works by sending a specially crafted request to upnp_getdevicelist. The exploit fails if the operation number in the DCERPC request is changed to something else other than 0xa (upnp_getdevicelist).
This exploit is used to gain access to the PHPNuke <=7.8 by sending a malicious POST request to the server. The malicious request contains a query which is used to extract the username and password from the nuke_authors table.
This exploit allows an attacker to inject malicious SQL queries into the vulnerable application. The exploit is coded in Perl and is used to retrieve the MD5 hash of the password of a given user ID from the phpwebthing v 1.4.4 application.
This exploit allows an attacker to gain access to the Wizz Forum by exploiting a SQL injection vulnerability. The exploit takes the full path of the forum and the user ID as arguments and retrieves the user name and MD5 hash of the password.
This exploit allows an attacker to inject malicious SQL code into a vulnerable web application. The malicious code can be used to extract sensitive information from the database, such as user credentials. The exploit is written in Perl and takes two arguments, the full path of the vulnerable web application and the user ID of the target user. The exploit then retrieves the user name and the hash of the password from the database.
ArkiDB is prone to a remote SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries in the context of the affected application, allowing for the manipulation or disclosure of arbitrary data. This issue affects ArkiDB version 1.0.0.
Services By CQR