This is an exploit for the MOAB-22-01-2007 vulnerability which allows remote attackers to execute arbitrary code on the target system. The exploit downloads a malicious file from a specified URL and executes it on the system.
Buffer overflow is triggered upon sending long string to PCMAN FTP 2.07 in place of command
This exploit allows an attacker to execute remote code by spoofing the DNS Record for www.videocharge.com. It bypasses SafeSEH, ASLR, and DEP.
This exploit targets Oracle10g R1 and R2 versions prior to CPU Oct 2006. It allows an attacker to escalate their privileges by creating a session and a procedure. The exploit uses a function called F1, which is granted DBA privileges to the user 'TEST'. The exploit then executes the function and commits the changes. Finally, it retrieves user role privileges using the user_role_privs table. The exploit was developed by Joxean Koret.
This exploit allows an attacker with CREATE SESSION privileges to insert malicious code into the sys.sysauth$ table in Oracle10g R1 and R2 prior to CPU Oct 2006. This can lead to unauthorized access and potential compromise of the system.
The 'Display name' and 'Description' fields in BP Group Documents 1.2.1 are not escaped, allowing for the storage of script tags and potential XSS attacks.
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.
This modem's web application suffers from Cross-site request forgery through which attacker can manipulate user data via sending him malicious craft url. The modem's application does not use any security token to prevent it against CSRF. The proof of concept (PoC) and exploit can be used to change the user password.
This is a buffer overflow vulnerability in the Microsoft Visual C++ 6.0 SP6 resource compiler. The exploit is built using .rc resource files and allows for arbitrary code execution.
Services By CQR