This module abuses the kxClientDownload.ocx ActiveX control distributed with WellingTech KingScada. The ProjectURL property can be abused to download and load arbitrary DLLs from arbitrary locations, leading to arbitrary code execution, because of a dangerous usage of LoadLibrary. Due to the nature of the vulnerability, this module will work only when Protected Mode is not present or not enabled.
This is a local root exploit for Android 4.2.2 and 4.4, targeting unpatched kernels up to version 3.4.5. The exploit requires manual customization of addresses for the target board. It was created by Piotr Szerman in 2013.
This script demonstrates a heap buffer overflow vulnerability in the FTP LIST command. It sends a payload of 251 bytes followed by specific values to trigger the overflow. This vulnerability allows an attacker to potentially execute arbitrary code or crash the FTP server.
An attacker can exploit this issue through other applications such as PHP to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
The exploit uses a malicious object to trigger a Denial of Service (DoS) in Internet Explorer. It sends a large string as an argument to the SelectedFolder property of the BrowseDialog class, causing the browser to crash or become unresponsive. This vulnerability was tested on Windows XP Professional SP2 with Internet Explorer 7.
PECL Alternative PHP Cache (APC) extension is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
The Webdorado Spider Event Calendar plugin for WordPress version 1.4.9 is vulnerable to SQL Injection. This allows an attacker to execute arbitrary SQL queries, potentially gaining unauthorized access to the database.
This script creates a .html file that, when opened in Mozilla Firefox 2.0.0.3 or Gran Paradiso 3.0a3, causes the browser to stop responding. The script is based on the <marquee> tag, but is a different exploit from the one described on milw0rm.com.
This module exploits an unicode SEH based stack buffer overflow in Achat v0.150. By sending a crafted message to the default port 9256 it's possible to overwrites the SEH handler. Even when the exploit is reliable it depends of timing since there are two threads overflowing the stack in the same time. This module has been tested on Windows XP SP3 and Windows 7.
The exploit allows arbitrary write privilege escalation in SoftSphere DefenseWall FW/IPS. It is discovered by Parvez Anwar. The vulnerability is found in version 3.24 of the software. The driver version is 3.2.3.0 - dwall.sys. The exploit is tested on 32-bit Windows XP SP3. The CVE ID for this vulnerability is CVE-2015-1515. There is no fix available for this vulnerability.