The FTP library in Python allows an attacker to inject malicious code through specially crafted input, leading to remote code execution. This vulnerability can be exploited by an attacker with network access to the vulnerable system.
The exploit overwrites the system.ini file, potentially causing the system to not restart. It affects the TEC-IT TBarCode OCX ActiveX Control (TBarCode7.ocx v. 7.0.2.3524) and can be triggered by calling the "SaveImage()" function.
Anonymous attacker can send a special request to the SAP Adaptive Server Enterprise and crash the server.
The DFS Client driver and running by default insecurely creates and deletes drive letter symbolic links in the current user context leading to EoP.
The exploit allows an attacker to bypass authentication in the Learning Management System. By manipulating the login form, an attacker can log in as any user without providing valid credentials. This can lead to unauthorized access to sensitive information or actions within the system.
Macro Expert installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. Additionally, the default installation path suffers from weak folder permission which an unauthorized user in the BUILTINUsers group could take advantage of.
This exploit takes advantage of a vulnerability in clsid:DCE2F8B1-A520-11D4-8FD0-00D0B7730277 to execute arbitrary code. It has been tested successfully to run calc.exe, but can be modified to use any shellcode.
Zortam Mp3 Media Studio installs with weak file permissions, allowing any user full permission to the exe. This allows for code execution against any other user running the application.
This vulnerability allows attackers to escalate their privilege to system administrator or SYSTEM on vulnerable installations of Win-911. An attacker must have a valid user-account on the system.
This module exploits a Remote Code Execution in the web panel of Phoenix Exploit Kit via the geoip.php. The Phoenix Exploit Kit is a popular commercial crimeware tool that probes the browser of the visitor for the presence of outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader which then silently installs malware.
Services By CQR