header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

HP Network Node Manager I PMD Buffer Overflow

This module exploits a stack buffer overflow in HP Network Node Manager I (NNMi). The vulnerability exists in the pmd service, due to the insecure usage of functions like strcpy and strcat while handling stack_option packets with user controlled data. In order to bypass ASLR this module uses a proto_tbl packet to leak an libov pointer from the stack and finally build the rop chain to avoid NX.

Pure-FTPd External Authentication Bash Environment Variable Code Injection

This module exploits the code injection flaw known as shellshock which leverages specially crafted environment variables in Bash. This exploit specifically targets Pure-FTPd when configured to use an external program for authentication.

ALPHA 2 Player(.bmp) Local Crash PoC

ALPHA Player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

PowerDVD DLL Hijacking Exploit

This exploit allows attackers to execute arbitrary code by enticing a user to open a file from a network share location that contains a specially crafted DLL file. The vulnerability affects PowerDVD version 5.00.1107 and potentially other versions as well.

Cross-Site Scripting in eXV2 CMS

eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

AdvertisementManager local and remote file-include vulnerabilities

The AdvertisementManager application fails to sufficiently sanitize user-supplied input, leading to local and remote file-include vulnerabilities. Exploiting these vulnerabilities may allow a remote attacker to obtain sensitive information or compromise the application and the underlying computer.

Recent Exploits: