This exploit allows an attacker to execute arbitrary commands on the vulnerable CMS MAXSITE Component Guestbook. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'name' parameter of the 'guestbook.php' script. An attacker can exploit this vulnerability by sending a malicious HTTP request containing shell metacharacters to the vulnerable script. Successful exploitation of this vulnerability will result in execution of arbitrary commands on the vulnerable system with the privileges of the web server.
The vulnerability exists in the Ocean12 Mailing List Manager Gold application. It is possible to inject malicious SQL and XSS payloads via the 'email' and 'Name' parameters in the 's_edit.asp' and 'default.asp' scripts. It is also possible to download the 'o12mail.mdb' file which contains sensitive information.
E.Z. Poll <= v.2 script is vulnerable to a Remote SQL injection attack. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable page http://www.site.com/admin/login.asp with the username and password set to 'or' '=' . This will allow the attacker to gain access to the admin panel and add or modify users via the /admin/admin-users.asp page.
Rumpus v6.0 contains two buffer overflow vulnerabilities in its HTTP and FTP modules. The first allows an unauthenticated user to crash Rumpus. The later may result in arbitrary code execution under superuser privilege. The overflow in HTTP component is caused by the lack of boundary check when parsing for HTTP action verb (GET, POST, PUT, etc.). If the verb is exactly 2908-byte long, the server runs into a segmentation fault and crashes. The overflow in FTP component is also caused by the lack of length check when parsing FTP commands that take argument such as MKD, XMKD, RMD and so on. The overflow occurs when the argument is strcpy to an internal buffer. This buffer is 1024-byte long. When the passed-in argument is longer than 1046 bytes, the instruction pointer will be overwritten.
This exploit is a proof of concept for a vulnerability in the Linux kernel. It allows an attacker to gain root access by exploiting a race condition in the kernel's handling of symbolic links. The exploit works by creating a symbolic link to a file that the attacker has write access to, and then repeatedly creating and deleting the link until the kernel assigns the same inode number to the link and the file. The attacker can then use the link to gain access to the file.
In saa.php page, you can submit an article and attachment file to wait for approval from admin. Immediately after you submit the article and attachment file, the file has already been on the server without checking file type. You can upload arbitary file through this form and the url to this file is in authors.php page.
Broadcast Machine version 0.1 is vulnerable to a remote file inclusion vulnerability due to insufficient sanitization of user-supplied input to the 'baseDir' parameter in multiple files. An attacker can exploit this vulnerability by sending a malicious URL to an unsuspecting user. The malicious URL contains a reference to a file located on a remote server that will be included in the application. This can allow an attacker to execute arbitrary code on the vulnerable system.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The malicious request contains a payload that when processed by the vulnerable application, it will execute the attacker's code on the server.
This exploit works on an updated Windows XP SP3. On Vista this exploit is way easier. To open the .RDP file in Cain & Abel, click the 'Remote Password Decoder Dialog' icon.
A buffer overflow vulnerability exists in Electronics Workbench, which is caused by improper bounds checking of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. This vulnerability is triggered when a specially crafted .EWB file is opened, which causes a stack-based buffer overflow. This can result in arbitrary code execution.
Services By CQR