This exploit is used to cause a Denial of Service (DoS) attack on a vulnerable DzSoft PHP Server. It sends a large number of requests to the server, causing it to run out of memory and crash. It was tested on Windows 2000 SP4 (Win NT).
This exploit allows an attacker to inject malicious JavaScript code into a web page. The code is executed when a user visits the page. The malicious code can be used to steal cookies, hijack user sessions, redirect users to malicious sites, or perform other malicious activities.
A vulnerability in BlogTorrent 0.92 allows an attacker to remotely or locally disclose the username and password of a user. This is done by accessing the 'data/newusers' file which contains the username and password in MD5 format.
This exploit is used to cause a Denial of Service (DoS) attack on the TCP Chat (TCPX) application. The exploit sends a large amount of data to the server, causing it to crash.
A vulnerability in Drupal allows an attacker to inject arbitrary PHP code into comments. This vulnerability is due to insufficient sanitization of user-supplied input in the comment module. By sending a specially crafted request, an attacker can exploit this vulnerability to inject arbitrary PHP code into comments, which will be executed in the context of the web server process.
This exploit allows an attacker to execute arbitrary commands on a vulnerable server running a vulnerable version of XML-RPC. The exploit works on da phpxmlrpc, and da PEAR XML_RPC too. All the attacker needs to do is to put the URL to the server and they will get a shell.
This exploit gives the user all the details about the database connection such as database host, username, password and database name.
This exploit allows an attacker to gain remote access to a vulnerable system by exploiting a vulnerability in the javaprxy.dll COM object. The vulnerability is present in multiple versions of Internet Explorer, including IE 5.01 SP3 and SP4 on Windows 2000 SP3 and SP4, IE 6 SP1 on Windows 2000 SP3 and SP4, IE 6 SP1 on Windows XP SP1, IE 6 on Windows XP SP2, IE 6 SP1 on Windows XP 64-Bit SP1 (Itanium), IE 6 on Windows Server 2003, IE 6 on Windows Server 2003 SP1, IE 6 on Windows Server 2003 for Itanium-based Systems, IE 6 on Windows XP 64-Bit Edition Version 2003 (Itanium), IE 6 on Windows Server 2003 x64 Edition, and IE 6 on Windows Server 2003 with SP1 for 64-Bit Itanium-based Systems.
A vulnerability in Solaris 9 on SPARC allows local users to gain root privileges by exploiting a setuid() and execve() vulnerability. The exploit involves creating a shared library with the malicious code and setting the LD_AUDIT environment variable to point to the shared library. When the ping command is executed, the malicious code is executed with root privileges.
This exploit is a local privilege escalation vulnerability in Solaris 10. It allows a local user to gain root privileges. The exploit uses a shared library to execute a shellcode which spawns a root shell. The exploit was tested on SunOS 5.10 Generic i86pc i386 i86pc and SunOS 5.9 Generic_112233-12 sun4u. It does not work on SunOS 5.8 Generic_117350-02 sun4u sparc. The exploit code is written in C and compiled into a shared library. The shared library is then loaded using the LD_AUDIT environment variable. This allows the shellcode to be executed with root privileges.
Services By CQR