This exploit is a bit out-dated but works very well. It is used to execute a malicious code on the vulnerable system. It uses an XML AJAX request to download a file from a URL and then executes it using the ShellExecute function.
SiteDepth CMS version 3.0.1 and prior are prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'SD_DIR' parameter in the 'constants.php' script. An attacker can exploit this issue to execute arbitrary remote PHP code on the affected computer with the privileges of the webserver process.
Cisco/Protego CS-MARS is an event correlation product orginally written by Protego, which is now owned by Cisco. It is built on top of JBoss. Unfortunately, little or no effort was put in to securing the JBoss installation as per the JBoss community's recommended best practices. A such, the usual set of JBoss interfaces are wide open and it is up to the attacker how creative they want to be in compromising the box. This particular exploit vector abuses the JBoss jmx-console for all sorts of fun. It should also be noted that, because of the very old kernel running on most CS-MARS boxes (2.4.9), once JBoss is compromised, root is almost trivial.
This exploit is a buffer overflow vulnerability in the Net::FTP module. It allows an attacker to execute arbitrary code on the target system by sending a maliciously crafted FTP request. The vulnerability is caused by a lack of bounds checking when handling FTP requests, which allows an attacker to overflow the buffer and execute arbitrary code.
A vulnerability exists in iManage CMS from Imaginex-Resource, where input passed to the 'absolute_path' parameter in component.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
A stack overflow vulnerability exists in wininet.dll while parsing huge( > ~1M) Content-Type response. An attacker can exploit this vulnerability by running a malicious code on the target system. This will cause an unhandled exception at 0x771c00ee in IEXPLORE.EXE: 0xC00000FD: Stack overflow.
PHP-Post contains a flaw that may allow a remote attacker to gain administrative privileges. PHP-Post doesn't properly authenticate remote users if auto login is on! By editing the values of the cookie, an attacker can change their privilege from a regular user to administrator and submit it back to the site.
This exploit allows an attacker to execute arbitrary commands on the vulnerable server. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'cmd' parameter of the 'test.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server.
BT Voyager 2091 (Wireless ADSL) is vulnerable to multiple vulnerabilities. The first vulnerability is a buffer overflow in the web server, which can be exploited by sending a specially crafted HTTP request with an overly long string. The second vulnerability is a cross-site scripting vulnerability, which can be exploited by sending a specially crafted HTTP request with malicious HTML code. The third vulnerability is a directory traversal vulnerability, which can be exploited by sending a specially crafted HTTP request with directory traversal sequences.
This exploit allows an attacker to inject malicious SQL queries into a vulnerable Invision Power Board 2.1.* application. The exploit is written in Perl and uses the LWP::UserAgent module to detect the vulnerability and search for the prefix. It then performs a query to extract the converge_id, converge_pass_hash, converge_pass_salt, and converge_email from the vulnerable database. The results are stored in a txt file.
Services By CQR