This exploit allows an attacker to execute arbitrary code on the vulnerable system. It is triggered when the vulnerable application receives a specially crafted HTTP request containing malicious code. This code is then executed on the vulnerable system.
This vulnerability allows an attacker to inject arbitrary SQL commands into the vulnerable application. This is possible due to the lack of proper sanitization of user-supplied input when used in an SQL query. The vulnerability is present in the recordVote() function of the content.php file, where the $user_rating variable is not properly sanitized before being used in an UPDATE statement. An attacker can exploit this vulnerability by passing a malicious value to the $user_rating variable, which will be executed as part of the SQL query.
Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials and launch other attacks. The Search function and the AnswerBook2 admin interface are affected.
This exploit is used to gain access to a file on Mac OS X 10.4 by exploiting a race condition vulnerability in the launchd service. The exploit uses a .sh script to help with the offsets and a C program to create a symlink to the target file. The exploit then checks if the symlink was successful by checking the UID of the target file.
The BGP4 Update vulnerability is a buffer overflow vulnerability in the BGP4 protocol. It allows an attacker to send a specially crafted BGP4 update message with a payload of arbitrary length, which can cause a denial of service or potentially allow for remote code execution. The vulnerability was discovered in 2005 by Frédéric Raynal and was patched in 2006.
WinZip Command Line Local Buffer Overflow is a vulnerability in WinZip 8.1 on Windows XP SP2. It is caused by a crafted command line which is used to launch a local cmd.exe. The exploit is coded by ATmaCA and was tested with WinZip 8.1 on Win XP Sp2 En. The bug was fixed on WinZip 9.0 Service Release 1 (SR-1).
This exploit is a buffer overflow vulnerability in the Kernel32.dll library. It allows an attacker to execute arbitrary code in the kernel memory by overwriting the return address of a function with the address of the malicious code. The malicious code is then loaded into the kernel memory and executed. The exploit also includes a message box that displays a message when the exploit is successful.
This exploit show the username of the administrator of the portal and his password crypted in MD5
This exploit is for FutureSoft TFTP Server 2000 Evaluation Version 1.0.0.1. It is a buffer overflow exploit which sends a maliciously crafted packet to the server, causing it to crash. The exploit code is written in C and uses the ws2_32 library.
This exploit allows a local user to gain SYSTEM privileges on Windows XP SP2 systems. It exploits a race condition in the Windows kernel, which can be triggered by calling the NtSetTimerResolution() function with a small interval value. The exploit code creates a new process with SYSTEM privileges.
Services By CQR