This is a proof of concept exploit for the Citadel/UX remote Denial of Service vulnerability. It allows an attacker to send a specially crafted request to a vulnerable Citadel/UX server, causing it to crash or become unresponsive.
The exploit takes advantage of a flaw in URLMON.DLL when converting backslashes to wide char. This can be seen on the stack dump near '&CLSID=AAA...2F__2F__...'. The exploit involves starting a server perl script and connecting to the http-service using IE/5.x. The shellcode size is limited up to 56 bytes. The '$ret' and image base of KERNEL32.DLL may differ. The shellcode is given 'as is' with the help of JScript.
Remotely exploitable buffer overflow vulnerability in Kerberos kadmind service. The vulnerability can be triggered during the administration of principals via kadmin or kadmin.local, allowing the attacker to gain root access or perform a denial of service attack against kadmind.
The vulnerability allows an attacker to execute remote code on the target system. The exploit involves opening the target by browser, inserting bad code in an email, and accessing the bad code through a specific URL. The vulnerability allows an attacker to execute arbitrary commands on the target system.
This Product is vulnerable to a combination of CSRF/XSS attack meaning that if an admin user can be tricked to visit a crafted URL created by attacker (via spear phishing/social engineering), the attacker can execute arbitrary code into Asset list(AssetListView.do). Once exploited, adminβs browser can be made to do almost anything the admin user could typically do by hijacking admin's cookies etc.
The Pathos Content Management System is vulnerable to a remote file inclusion (RFI) vulnerability in the 'warn.php' file. The vulnerability allows an attacker to include arbitrary remote files by manipulating the 'file' parameter in the URL.
This module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets to update the domainMemory pointer, leading to a use-after-free situation when the main worker references the domainMemory again. This module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 17.0.0.134.
A vulnerability has been discovered in MacKeeper's URL handler implementation that allows arbitrary remote code execution when a user visits a specially crafted webpage. Security researcher Braden Thomas discovered a flaw that allows arbitrary commands to be run as root with little to no user interaction required. A proof-of-concept (POC) has been released demonstrating how visiting a specially crafted webpage in Safari causes the affected system to execute arbitrary commands.
Yet Another Related Posts Plugin' options can be updated with no token/nonce protection which an attacker may exploit via tricking website's administrator to enter a malformed page which will change YARPP options, and since some options allow html the attacker is able to inject malformed javascript code which can lead to code execution/administrator actions when the injected code is triggered by an admin user. Injected javascript code is triggered on any post page.
The exploit is a buffer overflow vulnerability in the ANI header parsing code in Microsoft Windows. It allows an attacker to execute arbitrary code on a target system by sending a specially crafted ANI file. The exploit includes a shellcode that creates a port bind shell on port 13579. The exploit has been tested on Windows XP SP2 - Portuguese.
Services By CQR