This exploit is for NaviCopa Web Server 3.01. It is a remote buffer overflow exploit which allows an attacker to gain remote access to the system. It was tested on Windows XP SP2 Francais and Win2k SP4 English. The exploit code binds a shell to port 7777.
The vulnerability exists in the rating.php script, which allows an attacker to inject arbitrary SQL commands. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This can allow the attacker to gain access to the admin panel by exploiting the SQL injection vulnerability.
A vulnerability exists in the Netgear WNR2000 wireless router running firmware 1.2.0.8, which allows an unauthenticated attacker to disclose the WPA/WPA2 password and administrator password. By simply requesting http://netgear/router-info.htm and http://netgear/cgi-bin/router-info.htm, the router will respond with the WPA/WPA2 passphrase. Additionally, by requesting http://netgear/cgi-bin/NETGEAR_WNR2000.cfg, the attacker can skip the first 128 bytes and gain access to the stored system. Reverse engineering the weak admin password authentication scheme is left as an exercise to the reader.
This exploit is used to gain access to the ITechBids v8.0 database by exploiting a blind SQL injection vulnerability. The exploit uses a User Agent to send a malicious query to the server, which then returns a response indicating whether the query was successful or not. The exploit then uses this response to determine the value of the password stored in the database.
A remote denial of service vulnerability exists in WAR-FTPD 1.65 when a malicious user sends a MKD or CD request with a large number of characters. This causes the server to crash and become unresponsive.
Fat Player 0.6b is vulnerable to a local buffer overflow vulnerability. By sending a specially crafted WAV file, an attacker can overwrite the return address of the stack and execute arbitrary code. This exploit was tested on Windows XP SP3 (English).
A vulnerability in humanCMS allows an attacker to bypass authentication by using the username ' or' 1=1 and the password ' or' 1=1. This allows the attacker to gain access to the admin panel of the website.
Uebimiau Webmail v3.2.0-2.0 is vulnerable to an arbitrary admins database disclosure vulnerability. An attacker can exploit this vulnerability by sending a GET request to the target URL with the path '/inc/database/system_admin/admin.ucf' to retrieve the username and password in MD5 format. The attacker can then use the credentials to log in to the admin panel at '/admin/login.php'.
This vulnerability allows an attacker to bypass authentication and gain access to the admin panel of a website powered and designed by Dow Group. The attacker can use the Google dork 'intext:"powered and designed by Dow Group"' to find vulnerable websites. The attacker can then use the demo URL to bypass authentication and gain access to the admin panel. The default username and password are 'nabadmin' and 'nabadmin_123' respectively.
A vulnerability in Lanai Core v 0.6 allows an attacker to remotely disclose files on the server. This is done by sending a specially crafted HTTP request to the download.php script in the modules/backup directory, with the parameter ‘f’ set to ‘../config.inc.php’. This will cause the contents of the config.inc.php file to be sent to the attacker.
Services By CQR