header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

ZoIPer v2.22 Call-Info Remote Denial Of Service

This is a proof of concept for a remote denial of service vulnerability in ZoIPer v2.22. The vulnerability allows an attacker to send a malicious packet to the target that will cause the ZoIPer application to crash. The exploit code is provided in the script.

MSIE Content-Encoding: deflate memory corruption vulnerability

Microsoft fixed a bug in Internet Explorer’s “Content-Encoding:deflate” implementation. The bug allows memory corruption, which can be exploited to execute arbitrary code. The big surprise (to me at least) is that nobody seems to have found this before even though it’s fairly easy to trigger.

PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)

This module exploits an integer overflow vulnerability in the unserialize() function of the PHP web server extension. This vulnerability was patched by Stefan in version 4.5.0 and applies to all previous versions supporting this function. This particular module targets numerous web applications and is based on the proof of concept provided by Stefan Esser. This vulnerability requires approximately 900k of data to trigger due to the multiple Cookie headers requirement. Since we are already assuming a fast network connection, we use a 2Mb block of shellcode for the brute force, allowing quick exploitation for those with fast networks. One of the neat things about this vulnerability is that on x86 systems, the EDI register points into the beginning of the hashtable string. This can be used with an egghunter to quickly exploit systems where the location of a valid 'jmp EDI' or 'call EDI' instruction is known. The EDI method is faster, but the bandwidth-intensive brute force used by this module is more reliable across a wider range of systems.

Simple CMS FrameWork 1.0 Remote SQL Injection Vulnerability

The Simple CMS Framework version 1.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by injecting SQL code into the 'id' parameter in the 'index.php' file. This can lead to unauthorized access to the database and potential data leakage. An example of the exploit URL is provided in the text.

Streaming Audio Player 0.9 (txt) Local Stack Overflow PoC (Seh)

This is a proof of concept for a local stack overflow vulnerability in Streaming Audio Player 0.9. The exploit involves sending a specially crafted TXT file to the program, causing it to crash. The vulnerability is related to the Structured Exception Handler (Seh).

Recent Exploits: