This exploit allows an attacker to execute arbitrary commands on a vulnerable Magento CE version < 1.9.0.1 post-authentication. The exploit works by leveraging a vulnerability in the Zend_Log class to pivot into the call_user_exec function and execute a specified command. The payload is constructed as an object of the Zend_Log class with a malicious YAML encoder that allows the execution of the command passed as an argument. The exploit requires authentication and the exact installation date from the local.xml file. It has been tested on Ubuntu 15.
There is a remote file inclusion vulnerability in Joomla 1.5.0 Beta. The vulnerability exists in the file /libraries/pcl/pcltar.php, specifically on line 74. An attacker can exploit this vulnerability by including a remote file using the 'g_pcltar_lib_dir' parameter. The proof of concept (POC) URL provided demonstrates the vulnerability.
This exploit allows an attacker to remotely overflow the USERID parameter in Easy File Management Web Server v5.6, leading to arbitrary code execution. The vulnerability was discovered by Tracy Turben and the exploit code is based on the work of superkojiman. The exploit takes advantage of a buffer overflow in the USERID parameter to execute a crafted payload. It uses a pivot technique to redirect execution flow to the crafted payload and then executes a stack-based shellcode to spawn a calculator (calc.exe).
This is a remote SQL injection exploit for MyBulletinBoard version 1.2.5. The exploit allows an attacker to execute arbitrary SQL queries on the target system.
This is an exploit code written in Perl by Tal zeltzer.
By opening a specially crafted file, SEH can be overwritten which makes code execution possible. This sploit runs calc.exe or binds to port 4444.
This is a basic file manager written by WebInsta.com. The vulnerability exists in the login.php file, where the adminname and adminpass cookies are not properly sanitized before being included in the $absolute_path variable. This allows an attacker to include arbitrary files from remote servers.
Normal user can inject SQL query in the URL which leads to read data from the database.
This exploit allows an attacker to read and copy information on a victim's computer when they view a website crafted with this exploit. The exploit works on Firefox versions before 39.0.3.
XnView is vulnerable to a buffer overflow while processing a crafted XPM File. It fails to check the length of the arguments passed to the defined array which leads to code execution. This exploit runs calc.exe or binds shell to port 4444.
Services By CQR