header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

CascadianFAQ <= 4.1 (index.php) Remote Blind SQL Injection Vulnerability

The vulnerability exists in the index.php file of CascadianFAQ version 4.1 and earlier. By manipulating the catid parameter, an attacker can execute arbitrary SQL queries and retrieve sensitive information from the database. An example of a working exploit is provided in the text.

Intel 2200BG 802.11 disassociation packet Kernel Memory Corruption

The intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD)

cvstrack-resurrect.pl — CVSTrac Post-Attack Database Resurrection

This script is used to fix certain data in a CVSTrac database after it has been attacked. It connects to the database using DBI and DBD::SQLite modules, and then iterates through various tables to fix any data that matches a specific pattern. The fixup function is used to check and modify the data if necessary. The script prints out the details of each adjustment it makes.

Bugzilla Directory Traversal Vulnerability

Bugzilla is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the server. Information harvested may aid in launching further attacks.

Heap-based Buffer Overflow in Vim

Vim is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.

Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow

This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKBCopyD.exe when handling specially crafted packets. This module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3.

Recent Exploits: