The exploit creates a lock file for each user in the /var/mail directory and sets its permissions to 0. This prevents mailx from working for all users except those who can erase the lockfile. However, even for those users, mailx will hang for a long time.
This exploit is to prove that the bug in sendmail 8.12.8 and below is vulnerable. On successful POC exploitation, the program should crash with a segmentation fault.
The Neon client library is prone to multiple remote format string vulnerabilities. This is due to a failure of the application to properly implement format string functions. An attacker can exploit these vulnerabilities to execute arbitrary code on the affected system, in the security context of the server process.
The PHP-Nuke application is vulnerable to multiple SQL injection vulnerabilities. These vulnerabilities occur due to a lack of proper sanitization of user input. An attacker can exploit these vulnerabilities to modify database queries and potentially gain unauthorized access to sensitive information. Two specific examples of the exploits are provided in the report.
This exploit targets a vulnerability in Inmatrix Ltd. Zoom Player v8.5. By crafting a malicious JPEG file, an attacker can trigger a memory corruption issue and execute arbitrary code on the targeted system.
PHP-NuKe is vulnerable to a remote cross-site scripting (XSS) vulnerability. The vulnerability is caused by the 'cookiedecode()' function failing to properly sanitize user-supplied cookie parameters. This allows a remote attacker to create a malicious link that includes hostile HTML and script code. If a victim user follows this link, the hostile code may be rendered in their web browser, potentially leading to the theft of cookie-based authentication credentials or other attacks.
The Nuked-Klan application is prone to multiple vulnerabilities that include information disclosure via inclusion of local files, an issue that may permit remote attackers to corrupt configuration files, and an SQL injection vulnerability. The vulnerability allows attackers to include local files by manipulating the 'user_langue' parameter in the 'index.php' file. An attacker can also create an admin account by overwriting the 'GLOBALS' variable. The provided exploit code demonstrates how an attacker can create an admin account. This vulnerability can lead to unauthorized access and control of the application. The exploit code is written in PHP.
SurgeLDAP is prone to a directory traversal vulnerability in one of the scripts included with the built-in web administrative server, potentially resulting in disclosure of files. A remote attacker could exploit this issue to gain access to system files outside of the web root directory of the built-in web server. Files that are readable by the web server could be disclosed via this issue.
The Blackboard Learning System is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities occur due to a failure of the application to properly validate user-supplied URI input. The first issue affects the 'addressbook.pl' script, the second issue affects the 'tasks.pl' script, and the third issue affects three URI parameters of the 'calendar.pl' script. Remote attackers can exploit these vulnerabilities by creating a malicious link that includes hostile HTML and script code. If a victim user follows the link, the hostile code may be rendered in their web browser, potentially allowing for theft of authentication credentials or other attacks.
The application is affected by multiple vulnerabilities in various modules. These vulnerabilities can be exploited by a remote attacker to carry out attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload. The vulnerabilities are present in the following URLs: - messu-read.php?offset=[INT]&flag=&priority=&flagval=&sort_mode=date_desc&find=[XSS] - messu-read.php?offset=[INT]&flag=&priority=&flagval=&sort_mode=[XSS] - messu-read.php?offset=[INT]&flag=&priority=&flagval=[XSS] - messu-read.php?offset=[INT]&flag=&priority=[XSS] - messu-read.php?offset=[INT]&flag=[XSS] - messu-read.php?offset=[XSS]
Services By CQR