This is a remote exploit for x86/linux WU-IMAP 2000.287(1-2). The exploit takes advantage of a vulnerability in the software to execute arbitrary code on the target system. It uses a shellcode to gain control of the system. The exploit requires the target IP address, login, and password as input.
This exploit targets a vulnerability in the MSHTML!CMarkupPointer::UnEmbed function. It allows an attacker to access memory that has already been freed, potentially leading to arbitrary code execution or a denial of service. The vulnerability was tested on IE11 on Windows 10 x64 and Windows 7 x64. The exploit triggers an access violation exception with the code c0000005.
The PHPmongoDB v1.0.0 software is vulnerable to CSRF attacks, HTML Injection, and XSS vulnerabilities. The CSRF vulnerabilities allow an attacker to create a database, drop a database, and create a collection without proper authentication. The HTML Injection vulnerability allows an attacker to inject malicious HTML code into the application, potentially leading to further attacks. The XSS vulnerabilities allow an attacker to execute malicious scripts within the context of the application, potentially leading to session hijacking or other attacks.
This module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849 and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands under the context of the 'www' user. This module also abuses the 'KSudoClient::RunCommandWait' function to gain root privileges. This module has been tested successfully with Dell KACE K1000 version 5.3.
Novell Service Desk has several vulnerabilities including a file upload function that can be exploited to achieve authenticated remote code execution. The product appears to be a rebranded version of Absolute Service (another help desk system). The latter has not been tested but it is likely to contain the same vulnerabilities as Novell Service Desk.
CAM UnZip fails to check that the paths of the files in the archive do not engage in path traversal when uncompressing the archive files. Specially crafted files in the archive containing '..' in file name can overwrite files on the filesystem by backtracking or allow attackers to place malicious files on system outside of the target unzip directory which may lead to remote command execution exploits etc...
This is a proof of concept code for the KSignSWAT SWAT_Login() vulnerability. It was tested on WinXP SP2 KOREAN with IE 6.
WPN-XMs webinterface is prone to multiple CSRF entry points allowing remote attackers to compromise an authenticated user if they visit a malicious webpage or click an attacker supplied link. Attackers can modify the 'PHP.INI' file to change arbitrary PHPs settings like enable 'allow_url_include' or changing the default MySQL username & password settings etc...
This is a Proof-of-Concept exploit for the Apple Intel HD 3000 Graphics driver. The vulnerability allows for local privilege escalation, resulting in root access. The exploit takes advantage of a vulnerability in the AppleIntelHD3000Graphics driver 10.0.0, allowing control of a specific function call.
The Panda Security 2016 Home User products for Windows are vulnerable to privilege escalation, allowing a local attacker to execute code as SYSTEM from any account (Guest included), thus completely compromising the affected host.