This module exploits a stack buffer overflow in the Windows RSH service. The vulnerability is triggered when a long string is sent as the first argument to the rsh service. This module has been tested successfully on Windows 2000 SP4 and Windows XP SP2.
This exploit is for Axigen 5.0.x AXIMilter. It is a format string vulnerability which allows an attacker to execute arbitrary code on the vulnerable system. The exploit code contains a bindshell code which is used to connect to the vulnerable system and execute commands.
BloofoxCMS is a free open source content management system (CMS). There is no input validation here therefore its possible for a remote attacker to bypass login mechanism when magic quotes is disabled! POC : Username: admin' or 1=1 /* Password: something It is possible to download any file from server by using this script. POC : http://www.example.com/file.php?file=../../../../../../../../../etc/passwd
360 Web Manager CMS is prone to a remote SQL injection vulnerability. An attacker can exploit this issue to gain access to the application database, potentially resulting in the compromise of sensitive data. The issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. This issue affects versions prior to 360 Web Manager CMS 1.0.1.
Frimousse is a freeplayer interface web written in php language, works with apache & php & VLC (media player). It is used for managing the playlist and viewing it in interface web with VLC media player. Frimousse runs on Linux and Microsoft Windows. A directory traversal vulnerability was discovered in Frimousse v.0.0.2, which allows an attacker to access arbitrary files and directories outside of the web root directory.
TikiWiki is vulnerable to a directory traversal attack when the 'movie' parameter of the tiki-listmovies.php script is supplied with a maliciously crafted value. This can allow an attacker to read arbitrary files from the server.
Belkin Wireless G Plus MIMO Router F5D9230-4 is vulnerable to an authentication bypass vulnerability. When the router starts, it creates a file (without content) named user.conf, then when we go to SaveCfgFile.cgi, the configuration is saved to the file user.conf. But the problem is that we can access to the file SaveCfgFile.cgi without login.
The same language=LFI vulnerability is found in 1.2 is present in the latest version POST has to be used to exploit instead of GET. This POC is to be used as follows: perl mfh121.pl -f FILENAME.PHP -h HOSTNAME -e PATH TO MFH FILENAME.PHP is uploaded to the target script, and then executed through LFI with a POST request.
This exploit is for MS Visual Basic Enterprise Ed. 6 SP6. It is a buffer overflow exploit which creates a malicious .dsr file. Once the file is created, it should be opened with Visual Basic 6 and click on connection or command name.
Small Axe Weblog 0.3.1 is vulnerable to a remote file include vulnerability. This vulnerability exists due to insufficient sanitization of user-supplied input in the 'cfile' parameter of the 'linkbar.php' script. An attacker can exploit this vulnerability by sending a malicious URL in the 'cfile' parameter. This can allow the attacker to execute arbitrary code on the vulnerable system.
Services By CQR