A remote file inclusion vulnerability exists in SMF Forum 1.3.1.3 Bridge Component For Joomla And Mambo. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing an arbitrary file path to the vulnerable application. This can allow the attacker to execute arbitrary code on the vulnerable system.
A remote include vulnerability was found in the com_videodb Mambo Component version 0.3en. The bug was found in the file core/videodb.class.xml.php, which contains a global variable $mosConfig_absolute_path. An attacker can exploit this vulnerability by sending a malicious request to the server, such as http://[site]/[mambo]/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=[shell], which can allow the attacker to execute arbitrary code on the server.
mail2forum is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary remote PHP code in the context of the webserver process.
flushcms (tpath) is prone to a remote file-inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the vulnerable application.
This exploit allows an attacker to gain access to a remote file on a vulnerable WEBMIN and USERMIN server. It works for both HTTP and HTTPS protocols.
Rocks Clusters <=4.1 mount-loop local root exploit by xavier@tigerteam.se. The exploit uses the mount-loop command to execute a python script that sets the UID and GID to 0, allowing the attacker to gain root privileges.
This exploit is a quick and nasty version of the exploit. It makes sure the . is writable and cleans up afterwards. It imports the os module, gets the current working directory, creates a file called x, writes a shell script to it, prints a message, and then runs the umount-loop command with the shell script. Finally, it runs the shell script.
h00lyshit is a local race vulnerability that affects Linux 2.6 and various distros. It allows an attacker to execute arbitrary code with root privileges. The exploit involves creating a very large file on the disk, then junking the cache and running the h00lyshit program. The program then creates a race condition between the kernel and the user, allowing the user to execute arbitrary code with root privileges.
This exploit is a local privilege escalation vulnerability in the Linux kernel. It affects systems with kernel versions 2.6.13 to 2.6.17.4 and 2.6.9-22.ELsmp. The exploit uses the prctl() system call to set the dumpable flag to 2, which allows the attacker to create a core dump file of the process. The attacker then kills the process with a SIGSEGV signal, which causes the kernel to create a core dump file in the /etc/cron.d directory. The attacker then creates a cron job to execute a setuid shell in the /tmp directory. This allows the attacker to gain root privileges.
This exploit is based on the LOCAL_IP bug, which allows an attacker to inject malicious SQL code into the vulnerable application. This exploit was tested on Invision Power Board versions 2.1.3 and 2.1.6.
Services By CQR