header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

pragmaMX Landkartenmodule 2.1 Local File Inclusion Exploit

This exploit takes advantage of a vulnerability in pragmaMX Landkartenmodule 2.1, which allows an attacker to include files from the server's file system. The vulnerable code can be found in the 'require_once("modules/$module_name/inc/conf.php");' line. By manipulating the 'module_name' parameter, an attacker can specify a path to a file they want to include, potentially leading to unauthorized access or remote code execution.

Utility Manager exploit v1.666 modified by kralor

This exploit allows for local elevation of privileges on Windows 2000 systems using the Utility Manager. It gives the user a shell with system privileges. The exploit works by getting the system language and setting the windows names to work on any Windows 2000 system. It supports multiple languages and can be modified to add additional languages.

VLD Personal – Multiple Vulnerabilities

The XSS attack vulnerability is caused by copying the value of the id request parameter into an HTML tag attribute without proper sanitization. The SQL injection vulnerability is caused by the country/gender1/gender2 parameter being vulnerable to SQL injection attacks.

PHPBB Minerva Mod <= 2.0.21 build 238a (forum.php) Remote SQL Injection Exploit

This exploit allows an attacker to perform a remote SQL injection on PHPBB Minerva Mod version 2.0.21 build 238a through the 'forum.php' file. The vulnerability allows the attacker to extract the user password from the 'minerva_users' table by manipulating the 'user_id' parameter.

Modulo Splatt Forum v4.0 RC1(bbcode_ref.php name)Local File Include Exploit

This exploit allows an attacker to include local files on the server by manipulating the 'name' parameter in the 'bbcode_ref.php' script of Modulo Splatt Forum v4.0 RC1. The vulnerable code can be found on line 17 and 19 of the script. By including certain files, an attacker can potentially view sensitive information such as log files.

i.Mage Local Crash Poc

This exploit creates a vulnerable image.xml file that can cause a crash in i.Mage software. The vulnerability is caused by an access violation when reading a specific memory address. The exploit author has provided a proof of concept code that fills the image.xml file with a large number of 'A' characters, causing the crash. It is recommended to copy the image.xml file to the installation directory of i.Mage software and start the application to trigger the crash.

i-FTP Buffer Overflow SEH

This exploit takes advantage of a buffer overflow vulnerability in i-FTP v2.20, allowing an attacker to execute arbitrary code. The exploit uses a return address overwrite technique to redirect program execution flow to the attacker's shellcode. The shellcode payload used in this exploit spawns the Windows calculator. The exploit has been tested on various Windows platforms, including Win7 32bit, Win8.1 64bit, and Win XPsp3.

Recent Exploits: