When a database backup is made, it is saved in /administration/db_backups/ on 6.0 and on 5.0 it is saved in /fusion_admin/db_backups/. The backup file can be saved in 2 formats: .sql or .sql.gz and is hidden by a blank index.php file but can be downloaded client-side. An attacker can generate 0001 to 9999 and request the file and download it. If a db file is found, an attacker can get the admin hash and crack it or retrieve other sensitive information from the db.
This exploit is a buffer overflow vulnerability in the Windows operating system. It allows an attacker to execute arbitrary code on the target system by overflowing a buffer with malicious code. The exploit is triggered when a user visits a malicious website or opens a malicious file. The malicious code is then executed on the target system, allowing the attacker to gain access to the system.
NsT-phpBBDoS is a simple phpBB registration and search DoS flooder. It is written in Perl and was ported from HaCkZaTaN's original version. It sends a POST request to the target host with a crafted payload to flood the server with registration or search requests.
This exploit open a remote shell on the targets that uses Cacti. TARGET HOST MUST BE A GNU/LINUX SERVER, if not manual exploiting can be done by accessing http://www.example.com/cacti/graph_image.php?local_graph_id=[valid_value]&graph_start=%0a[command]%0a
This exploit allows an attacker to execute arbitrary commands on a vulnerable Forum Russian Board 4.2 Full (FRB) installation. The exploit works by sending a specially crafted HTTP request to the vulnerable server, which then allows the attacker to execute arbitrary commands on the server.
This exploit is used to cause a denial of service (DoS) on Apache HTTPd servers with versions 2 < 2.0.49. It sends a large number of HTTP headers to the server, causing it to crash.
This exploit is a remote format string exploit for PeerCast <= 0.1211. It is a public release by Darkeagle and uKt researcherz. It binds a port 4444 and uses a buffer overflow to execute arbitrary code. It uses a malicious string to overwrite the return address of the vulnerable function and execute the malicious code.
Claroline is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability exists due to insufficient sanitization of user-supplied input passed to the 'uInfo' parameter in 'userInfo.php' and 'exercises_details.php' scripts. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable scripts.
A SQL injection vulnerability exists in Claroline E-Learning Application. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords. The vulnerability is due to improper sanitization of user-supplied input in the 'userInfo.php' and 'exercises_details.php' files. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information.
This exploit is used to decrypt the passwords of UPB <= 1.9.6. It uses a perl script to decrypt the passwords from the users.dat file. The script takes the target URL and the username as input and decrypts the password of the given username.
Services By CQR