The [ADD URL] feature in VeryPDF HTML Converter v2.0 is vulnerable to an SEH based buffer overflow. This can be exploited by constructing a payload of ASCII characters that contain the payload and pasting it into the textbox. The program's textbox converts ALL pasted data to lowercase, so the Alpha3 tool is used to encode the shellcode into a numerical format to bypass the filter. The exploit also utilizes a null terminated SEH address to gain universal exploitation across all current Windows OSes. The shellcode is placed in the buffer itself since it cannot execute after the buffer (after SEH) due to the null byte cutting off the remaining pieces of the string.
The burnCMS version 0.2 is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by injecting malicious code into the 'root' parameter in various files like 'authuser.php', 'misc.php', 'connect.php', 'mysql.class.php', and 'postgres.class.php'. This allows the attacker to include and execute arbitrary files from remote servers, potentially leading to remote code execution.
A Denial of Service can be achieved by concatenating several large strings together and attempting to write to file.
This is a remote stack overflow vulnerability in IE NCTAudioFile2.AudioFile ActiveX control. The exploit allows an attacker to execute arbitrary code on a target system. The vulnerability was originally reported by Secunia and the PoC was developed by shinnai. The exploit works on Windows XP Pro SP2 with IE7 fully patched.
This is a proof of concept exploit for a buffer overflow vulnerability in the mydns software. It allows an attacker to send a malicious DNS packet to the target server, causing it to crash or potentially execute arbitrary code. This exploit has been tested on mydns-1.1.0.
The vulnerability allows an attacker to inject arbitrary SQL code into the 'idsalon' parameter of the 'forum.php' page, leading to unauthorized access to the database and potentially compromising user information. The exploit retrieves the hashed passwords of all users from the 'esforum_users' table where the 'user_id' is 1.
A vulnerability within the xrvkp module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege.
Bedita 3.5.1 contains multiples flaws that allows a persistent remote cross site scripting attack in the 'cfg[projectName]', 'data[stats_provider_url]' and 'data[description]' parameters. This could allow malicious users to create a specially crafted POST request that would execute arbitrary code in a user's browser in order to gather data from them or to modify the content of the page presented to the user.
The vulnerability allows an attacker to include a remote file in the application, which can lead to remote code execution.
This exploit targets a vulnerability in the GDI component of MS Windows, specifically related to .ANI files. By exploiting this vulnerability, an attacker can elevate their privileges on the targeted system. The exploit takes advantage of the MS07-017 security update.
Services By CQR