header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Remote Denial-of-Service in MySQL

MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries. An attacker can exploit this issue to crash the application, denying access to legitimate users. NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be done through legitimate means or by exploiting other latent SQL-injection vulnerabilities.

Apache Struts Developer Mode OGNL Execution

This module exploits a remote command execution vulnerability in Apache Struts 2. The problem exists on applications running in developer mode, where the DebuggingInterceptor allows evaluation and execution of OGNL expressions, which allows remote attackers to execute arbitrary Java code. This module has been tested successfully in Struts 2.3.16, Tomcat 7 and Ubuntu 10.04.

Woltlab Burning Board GetHashes Vulnerability

The vulnerability allows remote attackers to obtain sensitive information via a crafted searchstring parameter to search.php. The vulnerability is present in Woltlab Burning Board Lite version 1.0.2 and Woltlab Burning Board version 2.3.6.

CCRP Folder Treeview Control (ccrpftv6.ocx) Internet Explorer Denial of Service

The CCRP Folder Treeview Control (ccrpftv6.ocx) in Internet Explorer is vulnerable to a Denial of Service attack. By sending a specially crafted argument to the RootFolder parameter, an attacker can cause Internet Explorer to crash and become unresponsive. This vulnerability has been tested on Windows XP Professional SP2 with Internet Explorer 7.

Exploit for SAMI FTP version 2.0.2

You can put your own shellcode to spawn a shell. After executing the exploit, you will get 'Cannot login User or password not correct.' That doesn't mean the exploit failed. Whenever you click on Sami FTP server, it will crash resulting in the execution of calc.exe and will execute whenever the SAMI FTP server restarts until it is reinstalled.

Colloquy INVITE format string vulnerability exploit

This script makes use of the Colloquy INVITE format string vulnerability. It connects to an IRC server and joins a specified channel. It then sends a WHO command to the server to gather information about the users in the channel. This vulnerability can be exploited to execute arbitrary code.

Recent Exploits: