This module exploits a PREG_REPLACE_EVAL vulnerability in phpMyAdmin's replace_prefix_tbl within libraries/mult_submits.inc.php via db_settings.php. This affects versions 3.5.x < 3.5.8.1 and 4.0.0 < 4.0.0-rc3. PHP versions > 5.4.6 are not vulnerable.
Syslog Watcher Pro is a Windows-based syslog server for corporate networks. Syslog Watcher Pro collects, stores, parses, displays and explains syslog information to both new and professional network administrators. Syslog Watcher Pro(v2.8.0.812) is vulnerable to XSS by 'Date' Parameter of syslog protocol. Attackers can send a syslog packet which contained XSS code into 'Date' Parameter to Syslog Watcher Pro, which will be executed after victim generate and view report by Syslog Watcher Pro.
This PoC exploits CVE-2012-0864 - FORTIFY_SOURCE format string protection bypass via 'nargs' integer overflow and CVE-2012-0809 - sudo v1.8.0-1.8.3p1 'sudo_debug' format string. It is tested on Fedora core 16 verne, glibc 2.14.90.14 release and sudo 1.8.1p2.
Winarchiver V 3.2 is vulnerable to a SEH Overflow vulnerability. By sending a specially crafted zip file, an attacker can overwrite the SEH handler and execute arbitrary code. The vulnerability is caused due to a boundary error when handling zip files. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted zip file with an overly long filename.
A buffer overflow vulnerability exists in FuzeZip v.1.0.0.131625, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to a SEH (Structured Exception Handler) overwrite when a specially crafted ZIP file is processed. An attacker can exploit this vulnerability by enticing a user to open a malicious ZIP file. Successful exploitation could result in arbitrary code execution with the privileges of the user.
Easy icon maker is suffering from a crash poc vulnerability which can be exploited by creating a malicious .ico file with 1000 'A' characters and opening it with Easy Icon Maker version 5.01 or older versions.
An arbitrary file upload vulnerability exists in eggBlog, which allows an attacker to upload a malicious file to the server. By using the Google Dork “powered by eggBlog.net”, an attacker can find vulnerable websites. The attacker can then access the vulnerable URL http://server/[path]/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg= and upload a malicious file, such as a PHP shell, as a .jpg file. The malicious file can then be accessed at http://server/[path]/photos/uploads/shell.php.jpg.
SQL Injection vulnerability exists in Foe CMS 1.6.5 which allows an attacker to inject malicious SQL queries via the 'ei' parameter. Cross Site Scripting vulnerability exists in Foe CMS 1.6.5 which allows an attacker to inject malicious JavaScript code via the 'ei' parameter.
User input passed through cookies is not properly sanitized before being used in an unserialize() call at line 45. This could be exploited to inject arbitrary PHP objects into the application scope. Successful exploitation of this vulnerability requires authentication because the attacker needs to know the 'hash string' used to read the cookie parameter at line 36.
This exploit uses a malicious script to send an email to a victim with an XSS payload. The payload is executed when the victim opens the email, allowing the attacker to access the victim's cookies.
Services By CQR