header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Kaspersky Anti-Virus 2010 9.0.0.463 Local DoS

Kaspersky Anti-Virus 2010 9.0.0.463 is vulnerable to a local denial of service attack. The kl1.sys driver does not check the inputs address of an IOCTL, which can lead to an exception being thrown if one or two DWORDs are modified. The exploit can cause a Blue Screen of Death (BSOD).

Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability

Novell eDirectory 8.8 SP5 is vulnerable to a stack overflow vulnerability when sending a specially crafted HTTP request to the server. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system.

FTP MKD Directory Traversal Vulnerability

This exploit allows an attacker to traverse outside the FTP root directory by using the MKD command. The MKD command is used to create a directory on the FTP server. By using a relative path, the attacker can traverse outside the FTP root directory and access files and directories that are not intended to be accessible.

Administration panel bypass and Malicious File Upload Vulnerability

H4ckers may upload malicious files by using upload panel as they have administrator access. They are able to change settings and upload asp and exe files.

Avast 4.8.1351.0 antivirus aswMon2.sys Kernel Memory Corruption

This exploit is for Avast 4.8.1351.0 antivirus aswMon2.sys Kernel Memory Corruption. It uses a DeviceIoControl call to execute a malicious code. The exploit uses a VirtualAlloc call to allocate a buffer of 0x288 bytes and then fills it with 'A' characters. It then passes the buffer to the DeviceIoControl call.

cifshanghai.com script The news (chanpin_info.php) by pass

A SQL injection vulnerability exists in cifshanghai.com script The news (chanpin_info.php) which allows an attacker to bypass authentication and gain access to the admin panel. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This request contains a specially crafted SQL query which can be used to bypass authentication and gain access to the admin panel.

FTP APPE Command Injection Vulnerability

This exploit is a proof of concept for a command injection vulnerability in the FTP APPE command. The exploit connects to an FTP server, authenticates with a given username and password, and then sends a specially crafted APPE command containing a malicious payload. The malicious payload is then executed on the server, allowing the attacker to gain access to the system.

jar50.dll Remote Code Execution Vulnerability

A remote code execution vulnerability exists in jar50.dll, a library used by Mozilla Thunderbird and Mozilla Seamonkey. An attacker can exploit this vulnerability by sending a specially crafted email with a malicious jar file attachment. The vulnerability is caused by a buffer overflow in the jar50.dll library when processing a malicious jar file. This can allow an attacker to execute arbitrary code in the context of the application.

Recent Exploits: