This exploit is a buffer overflow vulnerability in Soulseek 157 NS. It allows an attacker to execute arbitrary code on the vulnerable system by sending a specially crafted packet to the Soulseek server. The exploit uses a SEH overwrite technique to gain control of the execution flow.
MyForum 1.3 is vulnerable to an authentication bypass vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted username and password to bypass authentication and gain access to the application.
Kensei Board version 2.0.0b is vulnerable to multiple remote SQL injection vulnerabilities. The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'f' and 't' parameters to '/index.php' and '/functions/showforum.php' scripts. A remote attacker can execute arbitrary SQL commands in application's database, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, etc. Proof of Concept code is available.
RSGallery2 is a Gallery Extension for Joomla! which contains a low threat security vulnerability that allows remote code execution. The vulnerability is present in the RSGallery2 1.14.3 and 2.0.0b1 releases. An attacker can exploit this vulnerability by downloading the vulnerable version of the software from JoomlaCode and unzipping it. Then, the attacker can use the egrep command to search for the eval() function in the unzipped files.
This exploit is a Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529. It is a buffer overflow vulnerability in Safari RSS feed:// via libxml2. The exploit uses a meta http-equiv refresh tag to redirect the user to a malicious feed:// URL containing a crafted XML payload. This payload contains a longentity element with a large number of 'A' characters, which causes a buffer overflow when parsed by libxml2.
The RoomPHPlanning v1.6 application is vulnerable to multiple remote exploits. Authentication Bypass can be achieved by providing username as 'real_user' or '1=1' and password as 'ThE g0bL!N'. Cookies Insecure can be exploited by setting a cookie with the name 'room_phplanning' and value as admin_id. SQL Injection can be exploited by sending a crafted request to the application. Delete Rooms can be exploited by sending a crafted request to the application.
Gallarific is a PHP image gallery software. A vulnerability in the 'users.php' script allows an attacker to change the password of any user. This can be exploited to gain administrative access to the application.
A vulnerability in Ultimate Media Script 2.0 allows remote attackers to change passwords, add admins, and delete admins. This is done by sending a POST request to the 'mod=admins' page with the appropriate parameters. The 'username' and 'pass' parameters are used to add an admin, while the 'username_edit[1]' and 'pass_edit[1]' parameters are used to modify an existing admin.
A vulnerability exists in Hotornot2 Script which allows an attacker to bypass the admin authentication and upload a malicious file. An attacker can exploit this vulnerability by going to http://localhost/[path]/admin/sitebanners/upload_banners.php and uploading a malicious file. The attacker can then view the uploaded file by going to http://localhost/[path]/banners/Shell.php. To bypass the admin backup, the attacker can go to http://localhost/[path]/admin/backup.
Webradev Download Protect v1.0 is vulnerable to a remote file inclusion vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the vulnerable server.
Services By CQR