header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Windows: CreateObjectTask SettingsSyncDiagnostics Elevation of Privilege

The CreateObjectTask scheduled task initializes a user accessible system COM service which allows you to instantiate the SettingsSyncDiagnostics COM object. This object doesn’t take into account the caller when copying logs files leading to EoP.

Windows: CreateObjectTask TileUserBroker Elevation of Privilege

The CreateObjectTask scheduled task initializes a user accessible system COM service which allows you to instantiate the TileUserBroker COM object. This object doesn’t take into account the caller when writing and deleting files leading to EoP.

Melange Chat Server 1.10 Remote Buffer Overflow Exploit

This is a proof of concept exploit for Melange Chat Server 1.10. The exploit allows an attacker to control the EIP (Extended Instruction Pointer) and execute arbitrary code. The exploit code has been tested on Suse 8.0 and RH 7.3. The exploit uses a shellcode provided by Irian. The exploit requires the target host, ret address in hex, and port as input parameters.

Openfire Persistent & Reflected XSS Vulnerability

This vulnerability allows an attacker to execute arbitrary code by injecting malicious scripts into certain parameters of the Openfire application. The persistent XSS occurs when creating a Group Chat Bookmark or URL Bookmark, while the reflected XSS occurs in the search parameter. The exploit codes provided demonstrate how to inject the payloads and execute the code.

Real player 10 Gold .Ra file remote Dos

A memory leak vulnerability exists in Real Player 10 Gold. This vulnerability can be exploited to cause a denial of service (DoS) condition on the target system. It is important to note that testing this exploit may result in the loss of data, and other applications may fail upon execution.

WordPress: cp-reservation-calendar 1.1.6 SQLi injection

A vulnerability has been detected in the WordPress cp reservation calendar Plugin v1.6. The vulnerability allows remote attackers to inject SQL commands. The sql injection vulnerability is located in the dex_reservations.php file. Remote attackers are able to execute own sql commands by manipulation of requested parameters. The security risk of the sql injection vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.6. Exploitation of the remote sql injection web vulnerability requires no user interaction or privilege web-application user account. Successful exploitation of the remote sql injection results in database management system, web-server and web-application compromise.

IKEView.exe is vulnerable to local stack based buffer overflow when parsing an malicious (internet key exchange) ".elg" file. Vulnerability causes nSEH & SEH pointer overwrites at 4432 bytes after IKEView parses our malicious file, which may result then result in arbitrary attacker supplied code execution.

EZ SQL Reports < 4.11.37: Arbitrary File Download (admin/colaborator required)

The plugin allows a wordpress site administrator or collaborator to download arbitrary files from the host file system though the plugin functionality of downloading .sql, .sql.zip or .sql.gz files created by the wordpress administrator. The file name to download is not sanitized and path traversal can be injected in the request.

Recent Exploits: