This exploit targets a stack overflow vulnerability in Tomabo MP4 Player version 3.11.6 or below. By opening a specially crafted m3u file, an attacker can execute arbitrary code on the target system. The exploit payload is a bind TCP meterpreter shell on port 4444.
The vulnerability allows an attacker to disclose sensitive files on the target system. By manipulating the 'item' parameter in the 'download.php' script, an attacker can traverse directories and access files outside the intended directory.
This exploit allows an attacker to remotely include files from the target server by manipulating the wpPATH parameter in the myflash-button.php file of the myflash plugin for Wordpress. By sending a specially crafted request, an attacker can execute arbitrary code on the target server.
This module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing 'CWD' commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.
Input passed to the 'wpPATH' parameter in js/wptable-button.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that 'register_globals' is enabled.
The import function at PhoneBook Menu in ZTE PC UI USB MODEM SOFTWARE does not validate data and importing a malformed file leads to code execution.
This exploit takes advantage of a buffer overflow vulnerability in the Fenice OMS server. It allows remote attackers to gain root access on a Fedora Core 6 system with exec-shield enabled. The exploit uses the method used in the proftpd exploit to avoid random mapping libraries. The size of this exploit is 115Kb more than Kaveh Razavi's exploit.
This is a proof of concept exploit that crashes Microsoft Office 2007 when using the msxml5.dll 5.20.1072.0 DLL with the WINWORD.EXE version 12.0.6612.1000.
If the fpadInfo property of a NetConnection object is a SharedObject, a use-after-free occurs when the property is deleted.
The vulnerability allows an attacker to disclose local files on the server by manipulating the 'acc' parameter in the 'imgsrv.php' script. The attacker can access sensitive files such as the '/etc/passwd' file or the 'config.php' file.
Services By CQR