The MySpeach script is affected by a code injection vulnerability in the 'up.php' file. An attacker can exploit this vulnerability by injecting malicious code through the 'my[root]' parameter in the URL. This can lead to arbitrary code execution on the target system.
This module exploits a stack-based buffer overflow vulnerability in Easy CD-DA Recorder 2007, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .PLS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
This vulnerability allows remote attackers to include arbitrary files via a specially crafted URL in the env[inc_path] parameter in the config.php script.
Bug in (lib/nl/nl.php) include($g_strRootDir.$g_strLibDir."nl/nlsite.php"); include($g_strRootDir.$g_strLibDir."nl/nltable.php");
The vulnerability allows an attacker to include a remote file in the 'includes.php' file of the Bradabra v2.0.5 script. By manipulating the 'include_path' parameter, an attacker can include a malicious file from a remote server, potentially leading to remote code execution.
The vulnerability exists in the include/config.inc.php file of PhpSherpa. The code includes a file called connect.inc.php using a variable called $racine. An attacker can exploit this vulnerability by manipulating the racine parameter in the URL to execute arbitrary code.
This exploit is a JavaScript code that creates an iframe with a source URL that starts with 'ftps://' followed by a string of 408 'A' characters and 'ABCD'. It appends the iframe to a hidden div element with the id 'testbox'. When the 'Test MOAB-19-01-2007' button is clicked, the payload size is displayed in an alert and the iframe is loaded.
This exploit demonstrates a code injection vulnerability that occurs during redirection. The attacker injects malicious code into the page using various scripts and then redirects the user to a different URL. The injected code loads a shell script from a remote server and executes it on the user's system.
This is a proof-of-concept exploit for a buffer overflow vulnerability in Microsoft Help Workshop v4.03.0002. The vulnerability allows an attacker to execute arbitrary code by creating a specially crafted .HPJ project file. The exploit code spawns a process of notepad.exe and contains hardcoded offsets and API pointers to perform the exploit.
This is a Proof of Concept stack based exploit that demonstrates remote code execution on the ipw2200 driver. It executes a beep user space shellcode. It only works on XP SP2 ITA and it was only tested with version 8.0.12.20000 of the IPW2200BG driver.