This module exploits a stack-based buffer overflow vulnerability in HTTPDX HTTP server 1.4. The vulnerability is caused due to a boundary error within the "h_handlepeer()" function in http.cpp. By sending an overly long HTTP request, an attacker can overrun a buffer and execute arbitrary code.
httpdx Web Server <= 1.4.6b is a Windows based HTTP server. This is the latest version of the application available. httpdx is vulnerable to remote arbitrary source code disclosure by the following means. http://[ webserver IP]/[ file ][.%20] http://172.16.2.101/index.html.%20 http://172.16.2.101/test.py.%20 http://172.16.2.101/test.php.%20
This PoC exploits a vulnerability in GPG2/Kleopatra 2.0.11, where a malformed certificate can be imported into Kleopatra, causing GPG2.exe to crash. The exploit seems to only check for the presence of a specific signature.
Eureka Mail Client is vulnerable to a remote buffer overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted request to the POP3 service, resulting in arbitrary code execution. This vulnerability affects Eureka Mail Client version 2.2q on Windows XP Professional SP2.
Endonesia 8.4 CMS is vulnerable to Local File Inclusion due to a lack of proper sanitization of user-supplied input in the mod.php file. An attacker can exploit this vulnerability by sending a crafted HTTP request with a maliciously crafted mod parameter. This can allow an attacker to read arbitrary files on the server, such as /etc/passwd, or execute arbitrary code.
This exploit is a proof of concept for a remote denial of service vulnerability in EMC RepliStor Server (rep_serv.exe) 6.3.1.3. The exploit sends a crafted packet to the server on port 7144, which causes the server to crash.
The last version of DWebPro allows an invader to execute any program by entering a URL in the browser. The URL contains the file path of the program to be executed and the parameters to be passed to the program. An attacker can also use the URL to download a file from a remote server.
A SQL injection vulnerability exists in DEDECMS 5.1 due to improper sanitization of user-supplied input in the 'arcurl' parameter of the 'feedback_js.php' script. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the application's database, allowing them to access or modify sensitive data.
While auditing the source code of CubeCart version v4.3.4, I've found a critical vulnerability in this application. Basically, session managament for administrative users is flawed. It's easy to bypass it without providing any credentials. An attacker can later perform any actions the administrator can, such as dumping the database, install modules (PHP code execution) and so on.
When handling HTTP requests, Boxalino does not properly check for directory traversal specifiers. Therefore, by including a sequence such as "../../../", an attacker is able to read files outside of the intended location. The vulnerability exists for both, Windows and UNIX based systems.
Services By CQR