This is a Proof of Concept (PoC) exploit for the Full Player 8.2.1 software. It demonstrates a memory corruption vulnerability in the software.
Aradown is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This exploit targets the Joomla Template Be2004-2 (index.php) script. It allows an attacker to remotely include files by manipulating the 'mosConfig_absolute_path' parameter in the URL.
The PBBoard web-based messaging board application allows attackers to gain unauthorized access to user accounts or bypass intended security restrictions. This can be achieved by exploiting a vulnerability in the application's login system, specifically the way cookies are handled for login confirmation. By manipulating the cookies, an attacker can bypass the login rules and gain administrative privileges. This vulnerability was discovered in PBBoard versions prior to 2.1.4.
ShoutPro 1.5.2 fails to fully sanitize user input ($shout) that it writes to the shouts.php file when adding a new message, this can result in the injection and execution of arbitrary PHP code.
This exploit takes advantage of a local format string vulnerability in OllyDbg v110. It allows an attacker to execute arbitrary code by invoking calc.exe. The shellcode is XORed with 0x02 and is limited to a maximum size of 256 bytes. The exploit was discovered by Ned from felinemenace.org.
The Cabron Connector v1.1.0 is vulnerable to remote file inclusion. The vulnerability can be exploited by providing a malicious input in the 'CabronServiceFolder' parameter in the 'inclusionService.php' file. This allows an attacker to include arbitrary files from remote servers.
This exploit allows an attacker to elevate their privileges on a local system. The exploit takes advantage of a vulnerability in the GDI (Graphics Device Interface) component of Windows. By executing code with kernel privilege, the attacker can gain control over the system. The exploit was developed using Dev-C++ 4.9.9.2 and linked with /lib/libgdi32.a. For more information, refer to the references provided.
This exploit allows an attacker to execute arbitrary code on a target system running MiniGal b13. The exploit creates a backdoor on the target system, which can be accessed through a specific URL.
The ISC DHCP software is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause the affected application to crash, resulting in a denial-of-service condition.