This module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager versions 11.0, 12.0 and 12.1. When supplying a specially crafted XXE request an attacker can reach SQL injection affected components. As xp_cmdshell is enabled in the included database instance, it's possible to execute arbitrary system commands on the remote system with SYSTEM privileges.
GoAhead Web Server version prior to 3.1.3 is vulnerable to DoS. A fix exists for version 3.2. The Web Server crashes completely once this requests is received. The vulnerability doesn't seem to be exploitable on Linux versions.
GoldMP4Player 3.3 is vulnerable to a buffer overflow vulnerability when a specially crafted file is opened. This can be exploited to execute arbitrary code by corrupting the SEH chain. The vulnerability is caused due to a boundary error when processing a specially crafted file. This can be exploited to cause a stack-based buffer overflow by writing a long string of data to the file.
This PoC exploits a buffer overflow vulnerability in Music AlarmClock 2.1.0. The vulnerability is triggered when a specially crafted .m3u file is opened, causing a crash. The PoC creates a file with 10000 A's, which when opened in Music AlarmClock 2.1.0, causes a crash.
Memory corruption when VLC tries to load crafted .avs files.
This vulnerability allows an attacker to inject malicious SQL code into the application. The attacker can use the ‘union all select’ statement to retrieve data from the database. The attacker can also use the ‘@@version’ statement to retrieve the version of the database.
A local file include vulnerability has been discovered in the official WiFiles HD v1.4 iOS mobile web-application. The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests or system specific path commands to compromise the web-application/device.
A stack buffer overflow vulnerability exists in Notepad++ when the plugin CCompletion is installed. An attacker can exploit this vulnerability by inputting a large number of characters into the editor, selecting all the text, and then clicking Menu Plugins->CCompletion->Go to identifier (Open in firt view) F11, which will cause the Notepad++ to crash. This is due to the plugin copying the text using lstrcpyW in the module kernel32, resulting in a stack buffer overflow. An exploit for this vulnerability is available in the file attachment named shellcode.txt, which will show a message box with the caption “HA” and the text “Back Door Opend.”
Any user on the internal network can download a backup configuration file without authenticating first. The backup file contains the credentials to the administrative web interface.
socket.recvfrom_into() remote buffer overflow Proof of concept by @sha0coder. The exploit uses a buffer overflow to gain control of the ebx register, which is then used to gain control of the eax register. The eax register is then used to call an indirect function, which is used to execute the shellcode. The shellcode is used to connect to a reverse shell on a specified IP and port.
Services By CQR