header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

KingScada kxClientDownload.ocx ActiveX Remote Code Execution

This module abuses the kxClientDownload.ocx ActiveX control distributed with WellingTech KingScada. The ProjectURL property can be abused to download and load arbitrary DLLs from arbitrary locations, leading to arbitrary code execution, because of a dangerous usage of LoadLibrary. Due to the nature of the vulnerability, this module will work only when Protected Mode is not present or not enabled.

FTP LIST heap buffer overflow

This script demonstrates a heap buffer overflow vulnerability in the FTP LIST command. It sends a payload of 251 bytes followed by specific values to trigger the overflow. This vulnerability allows an attacker to potentially execute arbitrary code or crash the FTP server.

BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service

The exploit uses a malicious object to trigger a Denial of Service (DoS) in Internet Explorer. It sends a large string as an argument to the SelectedFolder property of the BrowseDialog class, causing the browser to crash or become unresponsive. This vulnerability was tested on Windows XP Professional SP2 with Internet Explorer 7.

Buffer Overflow Vulnerability in PECL Alternative PHP Cache (APC) Extension

PECL Alternative PHP Cache (APC) extension is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

WordPress: Webdorado Spider Event Calendar <= 1.4.9 [SQL Injection]

The Webdorado Spider Event Calendar plugin for WordPress version 1.4.9 is vulnerable to SQL Injection. This allows an attacker to execute arbitrary SQL queries, potentially gaining unauthorized access to the database.

Mozilla Firefox 2.0.0.3 and Gran Paradiso 3.0a3 Denial of Service

This script creates a .html file that, when opened in Mozilla Firefox 2.0.0.3 or Gran Paradiso 3.0a3, causes the browser to stop responding. The script is based on the <marquee> tag, but is a different exploit from the one described on milw0rm.com.

Achat v0.150 beta7 Buffer Overflow

This module exploits an unicode SEH based stack buffer overflow in Achat v0.150. By sending a crafted message to the default port 9256 it's possible to overwrites the SEH handler. Even when the exploit is reliable it depends of timing since there are two threads overflowing the stack in the same time. This module has been tested on Windows XP SP3 and Windows 7.

SoftSphere DefenseWall FW/IPS Arbitrary Write Privilege Escalation

The exploit allows arbitrary write privilege escalation in SoftSphere DefenseWall FW/IPS. It is discovered by Parvez Anwar. The vulnerability is found in version 3.24 of the software. The driver version is 3.2.3.0 - dwall.sys. The exploit is tested on 32-bit Windows XP SP3. The CVE ID for this vulnerability is CVE-2015-1515. There is no fix available for this vulnerability.

Recent Exploits: