This exploit is a buffer overflow vulnerability in the Linux umount utility. It allows an attacker to execute arbitrary code with root privileges by providing a specially crafted argument to the umount command.
EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This vulnerability allows an attacker to inject and execute malicious code through the 'server_base_dir' parameter in the xt_counter.php script. By supplying a specially crafted value for 'server_base_dir', an attacker can execute arbitrary code on the server.
SWAT 4 is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle certain input. An attacker may exploit these issues to crash the affected application, denying service to legitimate users.
This module exploits a stack-based buffer overflow vulnerability in ALLPlayer 2.8.1, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .M3U file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows 7 SP1.
This exploit allows an attacker to remotely include a file in the Drunken:Golem Gaming Portal, version 1.2. By manipulating the 'root_path' parameter in the 'phpIRC.php' script, an attacker can execute arbitrary code on the target system. The exploit uses a shell located at 'http://pang0.by.ru/shall/pang057.zz' to execute commands.
The ACGVclick version 0.2.0 is vulnerable to a remote file inclusion vulnerability. This vulnerability allows an attacker to include arbitrary files from a remote server by manipulating the 'path' parameter in the 'function.inc.php' file. By exploiting this vulnerability, an attacker can execute malicious code on the target system.
The script nsGalPHP is affected by an unknown vulnerability. The specific details of the vulnerability are not provided in the text.
This application is still vulnerable to a buffer overflow, caused by improper bounds checking of an URL given via menu or placed inside an M3U file.
This is a proof of concept exploit for the ZDI - Citrix Metaframe spooler service vulnerability. The exploit targets the EnumPrinter() and EnumPrinterW() functions in the Microsoft Windows operating system. It is designed to fuzz local printer providers and potentially identify similar vulnerabilities. When executed on a vulnerable system, the exploit will kill the spooler service (spoolsv.exe) and overwrite the ret value with 0x00410041. This initial version of the exploit has been tested against Windows Server 2003 with Citrix Presentation Server. The 514 Tiger Team is credited with creating this exploit.
Services By CQR