This exploit takes advantage of a local file inclusion vulnerability in the PHP-Nuke Module eBoard 1.0.7. By manipulating the GLOBALS[name] parameter, an attacker can include arbitrary files from the target system.
This is a SEH (Structured Exception Handling) exploit that allows an attacker to gain control of the execution flow of a program by exploiting a vulnerability in the exception handling mechanism. The exploit uses a ROP (Return-Oriented Programming) chain to bypass DEP (Data Execution Prevention) and execute a shellcode that spawns the calculator (calc.exe) on a Windows 7 Ultimate x64 system. The exploit was originally published on Exploit-DB (ID: 36465) by TUNISIAN CYBER and modified by ThreatActor at CoreRed.com (ID: 36826).
ZYXEL Embedded Software does not check Cookies And Credentials on POST method so attackers could changes settings and view pages with post method. Sending empty Post to admin pages will crash internal web server and router needs to hard reset.
This exploit takes advantage of a file upload vulnerability found in Wolf CMS 0.8.2, and possibly prior versions. Attackers can abuse the upload feature to upload a malicious PHP file into the application with an authenticated user, resulting in arbitrary remote code execution. The vulnerability is found in the File Manager Function, which provides interfaces to manage files from the administration. There are no restrictions regarding the type of files allowed for uploading, allowing an attacker to upload a PHP shell file with malicious code and gain full control of the victim server. The uploaded file can also be moved to the root directory, making it accessible through the Internet.
The CFChart servlet of BlueDragon (component com.naryx.tagfusion.cfm.cfchartServlet) is vulnerable to arbitrary file retrieval due to a directory traversal vulnerability. In certain circumstances, the retrieved file is also deleted. An attacker can retrieve files from the server by using a specific URL and intercepting the server's response.
This module exploits an arbitrary PHP code upload in the WordPress Creative Contact Form version 0.9.7. The vulnerability allows for arbitrary file upload and remote code execution.
This exploit targets Scorp Book v1.0 and allows remote file inclusion.
The WordPress MiwoFTP Plugin 1.0.5 allows an attacker to download arbitrary files from the server by exploiting a vulnerability in the 'download' action of the 'com_miwoftp' component. By manipulating the 'item' parameter in the URL, an attacker can specify the file they want to download, such as the 'wp-config.php' file.
This exploit targets the Apache mod_rewrite vulnerability on Win32 systems. It allows an attacker to trigger a buffer overflow through the 'ldap://' parameter in the GET request. The vulnerability was discovered by Mark Dowd and assigned CVE-2006-3747. The exploit does not require any opcodes under Windows and directly runs the attacker's shellcode. The vulnerable Apache versions are 1.3 branch (>1.3.28 and <1.3.37), 2.0 branch (>2.0.46 and <2.0.59), and 2.2 branch (>2.2.0 and <2.2.3). Some compilers may add padding to the stack, making them non-exploitable.
This exploit targets the Microsoft Windows XP Task Scheduler (.job) vulnerability, allowing for remote code execution.
Services By CQR