This exploit is for IrfanView 3.99 .ANI file buffer overflow vulnerability. It allows an attacker to execute arbitrary code by crafting a malicious .ANI file. The exploit also includes a bind shell payload that opens a TCP port 4444.
The Battle.net Clan Script 1.5 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by manipulating the 'user' and 'pass' parameters in the login.php file.
My 7 line python fuzzer found several file format bugs in 3 hours. No deep analysis was done. These bugs include an Unspecified Overflow in word 2007 which can lead to a crash in wwlib.dll. Another bug causes CPU exhaustion DOS, where the CPU shoots up to 100%. There is also a bug that causes CPU exhaustion DOS and triggers the Windows system sound .ding!.
This is a proof-of-concept exploit for the SoX stack overflow vulnerability. The exploit creates a malicious WAV file named britney.wav, which triggers the vulnerability when played using the 'play' command. The exploit payload consists of shellcode that opens a shell on the target system. The vulnerability was discovered by Ulf Harnhammar and the exploit was created by Serkan Akpolat. The exploit has been tested on Slackware 9.1. The vulnerability allows an attacker to execute arbitrary code on the target system.
The PcP-Book 3.0 portal is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by injecting a malicious file in the 'lang' parameter of the affected URLs. This allows the attacker to execute arbitrary code on the target system.
This exploit modifies the GdiTable of the current process to change an entry of the win32k's SSDT to 0x2. It allows an attacker to escalate their privileges. The exploit has been tested on Windows XP SP2 French with the latest updates.
This exploit allows an attacker to include local files on the server using the ScarNews sn_admin_dir parameter. The exploit takes advantage of a vulnerability in the ScarNews v1.2.1 script.
The Machine component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Input passed via the 'tcp_box_path' HTTP POST parameter passed to '/wp-admin/admin.php?page=checkout_editor_settings' URL is not properly verified before being used in PHP 'include()' function, and can be abused to include arbitrary local files via directory traversal sequences. An attacker with administrator privileges can exploit this vulnerability to execute arbitrary PHP code and disclose sensitive data. Additionally, the plugin is vulnerable to Cross-Site Scripting attacks via CSRF vectors.
The witshare 0.9 software is vulnerable to Local File Include. An attacker can exploit this vulnerability by providing a malicious file name in the 'menu' parameter of the index.php file. This can lead to arbitrary file inclusion and potentially execute arbitrary code.