The ManageEngine Applications Manager version 13 is vulnerable to multiple post-authentication SQL injection vulnerabilities. The first vulnerability is in the 'name' parameter of the 'manageApplications.do' endpoint. An attacker can exploit this vulnerability by sending a specially crafted POST request to execute malicious SQL queries. The second vulnerability is in the 'viewProps' parameter of the 'GraphicalView.do' endpoint. By manipulating the 'yCanvas' field, an attacker can inject malicious SQL queries.
This exploit can be used to break out of sandboxes such as that in Google Chrome. It installs the seccomp filter from Chrome and a chroot, then breaks out of those and gets root. It bypasses smep and smap, but is somewhat unreliable and may crash the kernel instead.
The ViewerCtrl.ocx ActiveX component used by Avaya IP Office (IPO) is vulnerable to a remote buffer overflow. This vulnerability can be exploited by remote attackers to potentially execute arbitrary code. The exploit can be triggered when a user visits a malicious webpage using Internet Explorer.
This is a remote root exploit targeting ProFTPd with mod_tls. It takes advantage of an unpatched version of mod_tls and is a preauthentication bug. It also has a bruteforcing option. The exploit has the disadvantage of depending on the library mapped address, so there are no strict categories. It is unknown how many ProFTPd+mod_tls boxes are out there.
This PHP script exploits a vulnerability in the PHP FFI extension to bypass the safe_mode restriction. It allows an attacker to execute arbitrary commands on the target system by passing the command as a parameter in the URL. The script checks if the FFI extension is loaded and then proceeds to execute the command using the WinExec function from the kernel32.dll library. The output of the command is stored in a temporary file, which is read and displayed on the web page. The temporary file is then deleted.
This vulnerability allows an attacker to inject SQL commands (without authentication) in 'friend_index' GET parameter.
The Joomla Component BibTeX version 1.3 and below is vulnerable to remote blind SQL injection. An attacker can execute arbitrary SQL queries by manipulating the 'afilter' parameter in the 'adminForm' form action. This can lead to unauthorized access, data leakage, and potential compromise of the Joomla website.
This exploit takes advantage of a buffer overflow vulnerability in the AIM (AOL Instant Messenger) software. By sending a specially crafted away message, an attacker can overflow a buffer and execute arbitrary code on the target system. The exploit has been modified from metasploit shellcode to operate in stealth mode and can be used on any NT type OS, like Windows 2000, Windows NT, and Windows XP.
The Joomla Component EventList version 0.8 and below is vulnerable to a remote blind SQL injection. The vulnerability allows an attacker to inject malicious SQL code through the 'did' parameter in the 'details' function of the 'com_eventlist' module. An example exploit is provided in the text.
This exploit allows an attacker to perform a blind SQL injection attack in the Joomla Component Nice Talk version 0.9.3 or earlier. By injecting malicious SQL code into the 'tagid' parameter of the component, an attacker can retrieve sensitive information from the database.