This exploit allows an attacker to inject arbitrary SQL code into a vulnerable web application. The attacker can use this vulnerability to gain access to the database and modify or delete data, or even gain access to the underlying operating system.
This exploit is used to cause a denial of service (DoS) on TYPSoft FTP Server version 1.11. It sends two error codes, RETR 0 and RETR 1, to the server which causes it to crash.
W-Agora 4.2.0 (possibly prior versions) is vulnerable to remote commands execution through quicklist.php and/or upload features. An attacker can exploit this vulnerability by making changes in php.ini to allow_call_time_pass_reference and register_globals, then launching the script from Apache, filling requested fields, and uploading a shell.
This exploit is a buffer overflow vulnerability in Solaris 10 DtPrintinfo/Session. It was discovered by Charles Stevenson (core) in 2005 and is used to gain root access. The exploit uses an environment variable to overwrite the return address of the stack and execute malicious code.
This exploit is used to hijack the RBExplorer web browser. It uses a malicious payload to send a crash byte to the target machine, which causes the browser to be hijacked. The exploit requires three arguments: the target IP address, the local IP address, and the local URL.
This exploit is a buffer overflow vulnerability in the ca igateway debug remote service. It allows an attacker to execute arbitrary code on the vulnerable system by sending a specially crafted packet to the service. The exploit code is written in C and uses Winsock2 to connect to the service and send the malicious packet.
When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprintf() function as a format string. An attacker can set up a malicious CDDB server and trick the client into using this server instead of the pre-configured one. Alternatively, any user and therefore the attacker can modify entries in the official CDDB server. Using this format string vulnerability, attacker-chosen data can be written to an attacker-chosen memory location. This allows the attacker to alter the control flow and to execute malicious code with the permissions of the user running the application.
This exploit allows an attacker to execute arbitrary code on a vulnerable system by using the Net::FTP module to connect to the FTP server and then using the site command to execute a custom command. The exploit is written in Perl and requires the attacker to provide the host, port, username, password, and custom site command as arguments.
PhpMyFaq 1.5.1 (possibly prior versions) is vulnerable to a remote shell injection vulnerability. This vulnerability allows an attacker to inject arbitrary commands and execute them on the vulnerable system. To exploit this vulnerability, the attacker must have access to the vulnerable system and must have the ability to modify the php.ini file. The attacker must also have the ability to launch the script from Apache. Once the script is launched, the attacker can fill in the requested fields and if magic_quotes_gpc is off, the attacker can launch commands.
This exploit takes advantage of a heap buffer overrun in the IDN host name handling code of Mozilla browsers. It will create a malicious host name and then use a heap spray to overwrite the return address of a function with the address of the shellcode.
Services By CQR