MemHT Portal is vulnerable to a remote code execution vulnerability due to improper validation of user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP POST request to the vulnerable application. This can allow the attacker to execute arbitrary code on the vulnerable system.
This exploit allows remote access to the router over the internet by bruteforcing the random security number. It uses the default login credentials (Admin:Admin) and could use a dictionary instead. The PoC only, there are much more effective ways of doing this.
Merak Media Player V3.2 is vulnerable to a local buffer overflow vulnerability when processing specially crafted m3u files. By supplying a specially crafted m3u file, an attacker can overwrite the SEH handler and gain control of the execution flow.
This exploit allows attackers to execute arbitrary commands on a vulnerable MySQL server. The exploit is based on a UDF (User Defined Function) library called lib_mysqludf_sys. This library contains a function called sys_exec, which allows attackers to execute arbitrary commands on the vulnerable server. The exploit was released in 2009 and affects MySQL versions 5.0.x and 5.1.x.
This exploit allows attackers to execute arbitrary commands on a vulnerable PostgreSQL server. It is done by creating a user-defined function (UDF) and then calling it. The UDF is written in C and is compiled into a shared library. The shared library is then loaded into the PostgreSQL server using the CREATE FUNCTION command. Once the UDF is loaded, it can be called like any other PostgreSQL function. The UDF takes a single argument, which is the command to be executed. The output of the command is then returned to the caller.
A buffer overflow vulnerability exists in MediaMonkey Standard 3.0.3.1160. A specially crafted .m3u file can cause a buffer overflow when opened in MediaMonkey, resulting in arbitrary code execution. This vulnerability is due to a boundary error when handling overly long strings in the .m3u file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application.
EleCard MPEG PLAYER is prone to a local stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
FTPShell Server 4.3 suffers from buffer overflow vulnerability that can be exploited remotely or localy. It fails to perform adequate boundry condition of the input .key file, allowing us to overwrite the EAX and EDX registers. When trying to install licence with less than 8000 bytes we get a message: 'It appears that your key file is corrupt or invalid.', but when installing a licence with 8000 bytes we get a message: 'Your licence key has been succesfully loaded. Please restart the program.'
This exploit is used to gain access to the Pardal CMS version 0.2.0 by exploiting a Blind SQL Injection vulnerability. The exploit is written in PHP and uses the fsockopen() function to send a malicious HTTP request to the vulnerable server. The exploit then uses the preg_match() function to check for a specific string in the response. If the string is found, the exploit will print out the password of the user.
A vulnerability in Asp-project allows an attacker to set a cookie with the name 'crypt' and value '1' to gain access to the application.
Services By CQR