This exploit allows an attacker to inject malicious code into a PHP-Fusion website using the [img] [/img] codes. This code can be used to delete a shout box post, delete a user, or ban a user. The code is written to a file called exploit.txt and can be used to execute the malicious code when an admin views the page.
This exploit is a proof-of-concept for a SQL injection vulnerability in MySQL Eventum version 1.5.5 and earlier. The vulnerability is caused due to the improper sanitization of user-supplied input to the 'cat' parameter in the 'login.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows an attacker to gain access to the application with administrative privileges.
This module exploits a code execution flaw in vBulletin <= 3.0.6. It uses a vulnerability in the 'misc.php' script, which allows an attacker to execute arbitrary commands on the server.
This proof-of-concept code exploits a buffer overflow vulnerability in Computer Associates BrightStor ARCserve Backup Agent for SQL and Discovery Service. It includes a vulnerability scanner that scans for the bugs mentioned above and logs to 'scan.log' in working directory. It also includes a shellcode that can be used to bind or reverse shell.
This exploit is based on matiteman's code in perl and allows a remote attacker to cause a denial of service (DoS) condition on the vulnerable server. The exploit sends a large buffer of 'A' characters to the server, which causes it to crash.
This exploit is a patch for LegitCheckControl.dll (1.3.254.0) which allows users to bypass the Windows Genuine Advantage Validation. It was released by NeoSecurityTeam in 2005 and was authored by HaCkZaTaN.
This exploit is a remote r00t exploit for Ipswitch IMAIL Server IMAPD. It is a 316 bytes shellcode which is used to exploit the vulnerability. It is tested on 12 different versions of Ipswitch IMAIL Server IMAPD.
This exploit is a denial of service attack that uses the libwww-perl library to delete a file on a remote Windows 2000 SP4 system. It connects to the target system, creates malicious pages, opens the CDRom drive of the victim, and then deletes the specified file. The exploit was tested on Windows 2000 SP4 (Win NT).
OpenBB sql injection is a vulnerability that allows an attacker to inject malicious SQL code into a vulnerable web application. This exploit was tested on Open Bulletin Board 1.0.5 with MySQL.
This exploit allows an attacker to execute arbitrary data on a vulnerable sHTTP FTPServer. The exploit works by connecting to the server, sending user and pass credentials, and then backing up the target file and setting a homepage defacement. The exploit was tested on Windows 2000 SP4 (Win NT).
Services By CQR