This exploit allows an attacker to include a remote file in the vulnerable script_path parameter of CyBoards PHP Lite 1.21, leading to remote code execution.
This is a proof of concept and test code for a SMS DOS vulnerability. It creates a socket connection to a specified host or IP and sends a specific hex message. The code then waits for a response from the host and verifies its status. If the host is still alive and responding, the attempt was not successful. If the host is down, the DOS attack was successful. This code was published on milw0rm.com in 2004.
This exploit allows an attacker to include remote files on the vulnerable server, leading to potential code execution.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
An attacker can send a SOAP request with JavaScript embedded inside it, which gets stored in the database. When an administrator monitors the Traps’ admin screen and opens details about the vulnerability, the JavaScript is executed on the admin browser.
The vulnerability allows an attacker to include arbitrary files from the server or from a remote location, potentially leading to remote code execution or information disclosure. The exploit can be triggered by manipulating the 'l' parameter in the customize.php script. The attacker can provide a remote file containing malicious code or specify a relative path to view sensitive files on the server.
This module exploits an use after free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, who can fill the memory and notify the main thread to corrupt the new contents. This module has been tested successfully on Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.296.
This exploit allows an attacker to gain a reverse root shell on the AIRTIES Air5650v3TT device.
MySpeach is a shoutbox coded in PHP which works without any database. Indeed, it uses only text files to save the messages. To my mind, it's a good script, but let's see the security, although there was a lot of different versions to correct vulnerabilities. So, the show must g0 on ...
Beehive Forum 101 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Services By CQR