This exploit is a local privilege escalation vulnerability in Linux 2.6. It was discovered by Sebastian Krahmer in 2009 and tested on Debian-Etch, Ubuntu, and Gentoo. The exploit uses the LD technique and requires the user to do a 'cat /proc/net/netlink' and set the first argument to the script to the PID of the netlink socket. The exploit is written in C and requires the user to compile it. It is possible that the exploit may need some fixup to work flawlessly.
A vulnerability in Hot Project Version 7 allows an attacker to bypass authentication and gain access to the system by entering a malicious SQL query in the Email Address and Password fields. This can be done by entering ' or '1=1 in the Email Address and Password fields.
A vulnerability in Online Email Manager allows an attacker to gain access to the admin page by setting the auth cookie to admin. This can be done by using the javascript command document.cookie = "auth=admin; path=/". The attacker can then access the emailList.php page and gain access to the admin page.
Online Guestbook Pro is prone to a blind SQL injection vulnerability. An attacker can exploit this issue to manipulate SQL queries and gain access to potentially sensitive information. This issue affects the 'display' parameter of the 'ogp_show.php' script. An attacker can exploit this issue to gain access to potentially sensitive information. This issue affects versions prior to Online Guestbook Pro 1.2.1.
e-cart Shopping Carts is prone to a remote arbitrary file-upload vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and execute it in the context of the webserver process.
Clan Tiger CMS is vulnerable to Blind SQL Injection. This vulnerability can be exploited by remote attackers to gain access to the database and execute arbitrary SQL commands. The vulnerability is caused due to the improper sanitization of user-supplied input in the 'custompage.php' script.
ClanTiger CMS is vulnerable to an authentication bypass vulnerability due to a failure to properly sanitize user-supplied input. An attacker can exploit this vulnerability to bypass the authentication process and gain access to the application.
ClanTiger CMS is prone to multiple cookies handling vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to gain access to sensitive information, manipulate data, and gain unauthorized access to the application. ClanTiger CMS 1.0.0 is vulnerable; other versions may also be affected.
The vulnerability is in the btFiles::BuildFromMI function inside the btfiles.cpp file. Exploit tested on cTorrent 1.3.4 using Debian Sarge using Linux kernel 2.4.27-3-386. Code is using python 2.5. dTorrent 3.3.2 is also vulnerable.
This is a PoC remote exploit for the XRDP vulnerability found by Hamid Ebadi. XRDP 0.4.1 is the latest version at the time of this writing. This exploit allows an attacker to overwrite the saved EIP on older distros like CentOS 4.7 (gcc 3.4.6) by sending valid rdp scancodes as input.
Services By CQR