This exploit takes advantage of a buffer overflow vulnerability in Zinf Audio Player v2.2.1. It allows an attacker to bypass Data Execution Prevention (DEP) and execute arbitrary code.
This is an exploit for the Microsoft SSL Remote Denial of Service vulnerability, also known as MS04-011. It has been tested successfully against IIS 5.0 with SSL. The exploit was developed by David Barroso Berrueta and Alfredo Andres Omella from S21sec. The vulnerability allows remote attackers to cause a denial of service by sending specially crafted SSL packets.
This module exploits a stack-based buffer overflow in actfax ftp Server version 4.27 and earlier. Actfax fails to check input size when parsing 'USER' command. This vulnerability results in arbitrary code execution. This module has been designed to bypass DEP under Windows Server 2003 SP2/R2.
This vulnerability allows an attacker to upload arbitrary files to the server.
This exploit allows a remote user with access to the web server to send a POST request to disclose the username and password of the target application. The disclosed credentials are Windows credentials with Administrator privileges. This vulnerability can be exploited after the Administrator user has logged in at least once in each Tomcat session.
This exploit is for MPlayer Lite version r33064. It allows an attacker to bypass DEP (Data Execution Prevention) and execute arbitrary code by exploiting a buffer overflow vulnerability in the m3u file parsing functionality. The exploit includes a payload that spawns a shell with elevated privileges.
This exploit allows an attacker to bypass authentication and inject SQL commands through the cookie. It targets the ExtCalendar2 application.
In KisKrnl.sys's hook function of "NtQueryValueKey", it directly writes to the buffer of "ResultLength" without any check.
The component allows directory traversal by not properly sanitizing user input in the 'view' parameter of the 'index.php' file. This allows an attacker to read arbitrary files from the system, such as the '/etc/passwd' file.
This exploit allows an attacker to execute arbitrary code by sending a specially crafted ACCL command to the FreeFloat FTP Server. The vulnerability occurs due to a buffer overflow in the server's handling of ACCL commands. By sending a long string of characters as the argument to the ACCL command, an attacker can overwrite the stack and gain control of the server's execution flow. This exploit opens a listener shell on port 4444.