This exploit allows an attacker to bypass authentication and gain access to the admin panel of XP Book v3.0. The exploit is achieved by accessing the template/admin_bady.html?action=setting page.
This exploit is a buffer overflow vulnerability in Easy RM to MP3 2.7.3.700. It allows an attacker to execute arbitrary code by overflowing a buffer in the application. The exploit code creates a malicious .m3u file which contains a malicious payload that is executed when the file is opened.
This exploit is a local buffer overflow exploit for Easy RM to MP3 27.3.700 on Windows XP SP2. It uses a PexAlphaNum encoder to generate a payload of 343 bytes which executes the calc command. It was tested on Windows XP SP2.
This program generates a PDF file that exploits a vulnerability (CVE-2009-4324) in Adobe Reader and Acrobat. The generated PDF file was tested using Adobe Reader 9.2.0 on Windows XP SP3. The exploit's payload spawns the calculator.
Printoxx does not check the length of input filename/directory thus overwriting the buffer [1000 in size] with a call to strcpy. The affected code segment is shown below. Proof Of Concept: Image filename overflow: $ ./printoxx -i $(python -c 'print "A"*1000') Directory filename overflow: $ ./printoxx -f $(python -c 'print "A"*1000')
A SQL injection vulnerability exists in the Emporium 2.3.0 module for PHP-Nuke. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
A directory traversal vulnerability exists in 35mm Slide Gallery, which allows an attacker to read arbitrary files on the server. This vulnerability is due to insufficient sanitization of user-supplied input to the 'imgdir' parameter in 'index.php'. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../') to the vulnerable server. Successful exploitation of this vulnerability could result in the disclosure of sensitive information, such as system and application files.
This exploit is a local privilege escalation vulnerability in the Linux kernel version 2.6.18-20. It allows an attacker to gain root privileges on the system by exploiting a race condition in the vmsplice system call. The exploit works by creating a pipe with a large number of buffers, then using the vmsplice system call to write a malicious payload to the pipe. The malicious payload is then executed in kernel mode, allowing the attacker to gain root privileges.
The vulnerability allows an attacker to upload a malicious file to the vulnerable server. The attacker can then access the uploaded file and execute arbitrary code on the server. The vulnerability exists in the uploadfile.php script, which is used to upload files to the server. The script does not properly validate the uploaded file, allowing an attacker to upload a malicious file.
The 35mm Slide Gallery is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the 'img' parameter of the 'popup.php' script. This code will be executed in the browser of the victim when they view the page.