This exploit allows an attacker to download the database of Winn ASP Guestbook 1.01 Beta. The exploit is written in Perl and uses LWP::Simple and LWP::UserAgent modules. The exploit takes two arguments, the URL/IP of the target and the path of the application. If the target doesn't have a path, the path argument should be set to '/'.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a malicious web site or open a malicious file.The specific flaw exists when processing malicious JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon() method of a Collab object, proper bounds checking is not performed resulting in a stack overflow. If successfully exploited full control of the affected machine running under the credentials of the currently logged in user can be achieved.
This exploit is a buffer overflow vulnerability in the RM Downloader (.smi File) Universal. It allows an attacker to execute arbitrary code by overflowing a buffer in the application. The exploit code creates a malicious .smi file which contains a malicious payload that is executed when the file is opened.
A vulnerability in pecio cms 1.1.5 allows an attacker to include a local file via the 'language' parameter in the 'index.php' script. An attacker can exploit this vulnerability to include arbitrary files from local resources which can lead to the disclosure of sensitive information.
Beatport Player 1.0.0.283 is vulnerable to a stack core overflow exploit. This exploit works only on Windows SP2 FR. The exploit is written in Perl and uses a win32_exec shellcode to execute a command. The exploit creates a malicious .m3u file which contains a junk payload, a next_seh, a seh, a nopsled, and a shellcode.
Beatport Player 1.0.0.283 is vulnerable to a local stack overflow vulnerability. By supplying a specially crafted .M3U file, an attacker can overwrite the stack and execute arbitrary code. This exploit was tested on Windows XP SP2.
Beatport Player 1.0.0.283 is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This exploit is for RM Downloader (.smi) Local Stack Overflow vulnerability. It is a buffer overflow vulnerability which allows an attacker to execute arbitrary code on the vulnerable system. The exploit code is written in Python and it creates a file named 'exploit.smi' which contains the malicious code. The malicious code contains a jump to the stack, some NOPs and a shellcode which executes the calculator application.
A stack-based buffer overflow vulnerability exists in Beatport Player 1.0.0.283. The vulnerability is caused due to a boundary error within the processing of .M3U files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .M3U file. Successful exploitation may allow execution of arbitrary code.
Insufficient input validation in ImageVer.php which copies user input into session variable. Malicious User can use this to Re-Install/Change Configurations of Installed Golabi by going to [GOLABI_PATH]/Common/ImageVer.php?svar=InstallStep and then going to Install page [GOLABI_PATH]/install.php and changing configurations. Hacker can also use this to include a malicious file into config.php by injecting php code into table_prefix field (in Installation Page - Step 1).
Services By CQR