Mempodipper is a Linux Local Root Exploit which allows an attacker to gain root access on a vulnerable system. It was discovered by zx2c4 in 2012 and affects Linux systems running version 2.6.39 or higher. The exploit works by sending a malicious file descriptor to a vulnerable socket, which can then be used to gain root access.
On versions < 1.1.8, lack of checks in script actions.php allowed malicious user to upload any file to the vulnerable server. Create a file (For example, Wordpress_security.php , with this content <?php echo '6Scan to the rescue'; ?> ) Compress it with zip to awm.zip Use this form to upload the php file to the server Version 1.1.8 also checks the source referrer, so you have to use scripting language (or spoof it in another way) to set the HTTP_REFERER to 'wp-admin/options-general.php?page=allwebmenus-wordpress-menu-plugin/allwebmenus-wordpress-menu.php'
Blind SQL Injection Vulnerability: This vulnerability allows an attacker to inject malicious SQL queries into the application. This can be done by sending a crafted request with a malicious payload to the application. The application then processes the request and executes the malicious SQL query. File Upload Vulnerability: This vulnerability allows an attacker to upload malicious files to the application. This can be done by sending a crafted request with a malicious payload to the application. The application then processes the request and executes the malicious file.
iSupport v1.x is vulnerable to Html Code injection which allows an attacker to inject malicious HTML code into the vulnerable web application. This can be exploited to add an admin user to the application.
Nova CMS is vulnerable to a directory traversal attack. An attacker can register on the forum and click on the “New Topic” tab. In the editor, the attacker can click on the “Attach File” option and start the Live HTTP headers. The attacker can then add a new allowed file and find the dir=uploads%2Fforum%2Fdata-YourUsername2F&options=true&ajax=true and click on Reply on Live HTTP headers. The attacker can then change the directory to dir=uploads%2F and dir=uploads%2Fbackup%2F. The attacker can then view all the directories in the uploads directory, including other users’ files and uploads/backup/.
The vulnerability exists in the phpireport v1.0 application due to improper sanitization of user-supplied input in the 'message' parameter of the 'index.php' script. An attacker can inject malicious HTML and script code into the application, which will be executed in the browser of the victim in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
VLC (libtaglib_plugin.dll) is vulnerable to a divide by zero denial of service attack. This vulnerability affects Windows 7 and XP SP3, and VLC versions 1.2.0 and 1.1.11 (possibly lower). The exploit involves sending a specially crafted packet to the vulnerable system, which causes a divide by zero error in the libtaglib_plugin.dll library.
A boundary error in the Unite Host Router service (UniteHostRouter.exe) when processing certain requests can be exploited to cause a stack-based buffer overflow via an overly long string in the 'To:' field sent to UDP port 3217.
WhatsApp Status changer v0.2 stable is a slim exploit able to change the WhatsApp user status in a remote way. This exploit uses the wget command to send a POST request to the WhatsApp server with the user's country code, mobile number and the desired status text. This exploit is vulnerable to Remote Code Execution.
ICTtimeAttendance is vulnerable to authentication bypass. An attacker can exploit this vulnerability by logging in with the username 'admin' and the password '1'or'1'='1'
Services By CQR