This exploit allows an attacker to trigger a buffer overflow vulnerability in Acunetix Web Vulnerability Scanner. It provides the attacker with the option to choose between two payloads: a calculator or a bind shell.
Sendmail is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer. Successfully exploiting this issue may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
This script infects all pages on HP laserjets which include ews_functions.js by appending javascript to the ews_functions.js file by leveraging the PJL Directory Traversal.
This exploit targets the phpCC Beta version 4.2 and utilizes a SQL injection vulnerability in the 'nickpage.php' file. By manipulating the 'npid' parameter, an attacker can inject malicious SQL queries and retrieve sensitive information from the 'userdata' table.
This exploit allows an attacker to perform a remote SQL injection attack on Xaran Cms version 2.0. By exploiting this vulnerability, an attacker can retrieve the admin username and password from the database.
This exploit allows remote attackers to include arbitrary files on the target system.
This is a proof of concept remote exploit for uTorrent 1.6. It allows an attacker to execute arbitrary code on vulnerable systems. The exploit works on Windows XP SP1 and Windows 2000 SP1-4.
The Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Successfully exploiting this issue will cause the application to crash, denying service to legitimate users. Attackers may also be able to run arbitrary code, but this has not been confirmed.
The vulnerability exists in the 'philboard_forum.asp' file, where an attacker can inject SQL queries through the 'forumid' parameter. By manipulating the SQL query, an attacker can retrieve sensitive information such as usernames and passwords from the database.
Services By CQR