header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

MS13-069 Microsoft Internet Explorer CCaret Use-After-Free

This module exploits a use-after-free vulnerability found in Internet Explorer, specifically in how the browser handles the caret (text cursor) object. In IE's standards mode, the caret handling's vulnerable state can be triggered by first setting up an editable page with an input field, and then we can force the caret to update in an onbeforeeditfocus event by setting the body's innerHTML property. In this event handler, mshtml!CCaret::`vftable' can be freed using a document.write() function, however, mshtml!CCaret::UpdateScreenCaret remains unaware of this change, and still uses the same reference to the CCaret object. When the function tries to use this invalid reference to call a virtual function at offset 0x2c, it finally results a crash. Precise control of the freed object allows arbitrary code execution under the context of the user.

Share KM 1.0.19 – Remote Denial Of Service

The attacker can make Share KM pc Server Crash or disconnect the connection while the Android client is connected to Share KM server on PC. The attacker can also make Share KM server Crash when the user is Showing RTT from the notification taskbar.

Directory Path Traversal FiberHome Modem Router HG-110 / Remote Change DNS Servers

This exploit allows an attacker to remotely change the DNS servers on a FiberHome Modem Router HG-110. By exploiting a path traversal vulnerability, the attacker can access sensitive files, such as the 'shadow' file, and modify the DNS configuration.

Woltlab Burning Board Lite 1.0.2 Zend_Hash_Del_Key_Or_Index Blind SQL Injection Exploit

The Woltlab Burning Board Lite 1.0.2 is vulnerable to a blind SQL injection exploit. This vulnerability allows an attacker to execute arbitrary SQL queries on the target server, potentially leading to unauthorized access or data manipulation.

Woltlab Burning Board Lite 1.0.2 decode_cookie() sql injection exploit

This exploit allows an attacker to perform SQL injection in Woltlab Burning Board Lite 1.0.2. It works regardless of php.ini settings. The attacker needs to provide the target server, path to wbblite, existing thread ID, and victim user ID. Additional options include specifying a different port or using a proxy. The exploit sends a packet to the target server to exploit the vulnerability.

imapd IMAP4rev1 v12.261, v12.264 and 2000.284 Remote Exploit

This exploit allows remote attackers to execute arbitrary code on a vulnerable imapd IMAP4rev1 server. The exploit takes advantage of a buffer overflow vulnerability in the server to overwrite the return address with a pointer to the attacker's shellcode. Once the exploit is successful, the attacker gains control of the server and can execute commands remotely.

TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability

TeraCopy is prone to an integer overflow vulnerability because it fails to perform adequate boundary checks when reading language files. Successfully exploiting this issue may allow local attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

Buffer Overflow in Festalon Application

A buffer-overflow vulnerability occurs in the Festalon application because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue may allow attackers to execute arbitrary machine code in the context of the affected application, which may facilitate the remote compromise of affected computers.

Recent Exploits: