The Windows driver used by projects derived from Truecrypt 7 (verified in Veracrypt and CipherShed) are vulnerable to a local elevation of privilege attack by abusing the drive letter symbolic link creation facilities to remap the main system drive. With the system drive remapped it’s trivial to get a new process running under the local system account.
This module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.
This vulnerability allows an attacker to perform a SQL injection attack on the Pre Classifieds Listings v1.0 website. By manipulating the 'category' parameter in the search.php page, the attacker can inject SQL code to retrieve sensitive information such as passwords or usernames from the 'users' table.
This exploit allows an attacker to execute arbitrary commands on the server by injecting them into the PHP code. In this case, the attacker is executing the command '/bin/ps aux' using the backtick operator (`) and piping the output to the 'nl2br' function to format it as HTML.
LanSpy.exe is prone to a buffer overflow vulnerability. This vulnerability occurs when a malicious 'addresses.txt' file is loaded by the application. The payload for the buffer overflow must be the very first entry in the text file. When the application is run and the scanning process is initiated, the program crashes, allowing an attacker to control the EIP at 684 bytes and overwrite both the NSEH & SEH exception handler pointers.
The exploit allows an attacker to perform a remote SQL injection attack on the PHP Coupon Script 3.0. By manipulating the 'bus' parameter in the 'index.php?page=viewbus' page, the attacker can inject SQL code to retrieve sensitive information from the database, such as usernames and passwords.
The fastreader application fails to sanitize user-supplied input, allowing an attacker to execute arbitrary commands in the context of the affected application.
Multiple CSRF vectors exist within FTGate v7 allowing various attacks like adding arbitrary domains, enabling arbitrary remote archiving of logs, whitelisting arbitrary email addresses, adding arbitrary mailbox & disabling antivirus, and removing email attachment blocking for files.
The vulnerability allows an attacker to include a remote file in the header.php file of the Open Translation Engine (OTE) version 0.7.8. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.
Multiple CSRF vectors exist within FTGate 2009 that allow us to add arbitrary remote domains, disable antivirus scanning for various Email file attachment types, and finally change settings to have archived server logs sent to our remote attacker controlled server for safe keeping.