The Joomla Component RSfiles version 1.0.2 and below is vulnerable to remote file download. An attacker can exploit this vulnerability by sending a specially crafted request to the target server. This allows the attacker to download files from the server.
This code has been created for educational purposes only, to raise awareness on software security, and it's harmless by intention (the PoC runs calc.exe). Please do not change the code behaviour to malicious
The Mambo Component RemoSitory (cat) is vulnerable to a remote SQL injection attack. The vulnerability allows an attacker to execute arbitrary SQL commands on the target system.
A null pointer dereference vulnerability is triggered when sending an operation to ioctls 0x80002010 or 0x80002054. This is due to input buffer being NULL or the input buffer size being 0 as they are not validated.
SQL injection on [sitterService] parameter. The vulnerability allows an attacker to inject SQL queries into the parameter and manipulate the database.
The Joomla Component NeoRecruit version 1.4 and below is vulnerable to a remote blind SQL injection vulnerability. An attacker can exploit this vulnerability by injecting SQL code into the 'id' parameter of the 'offer_view' task in the 'com_neorecruit' component. This can lead to unauthorized access to the database, potentially exposing sensitive information.
SQL injection on [catg_id] parameter
The exploit takes advantage of a buffer overflow vulnerability in the php_ntuser ntuser_getuserlist() function in PHP 5.2.3. By providing a specially crafted input, an attacker can overwrite the EIP register with arbitrary data, potentially allowing for remote code execution.
The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prompt without authentication. Versions prior to 3.0.4 contain OS command injection in the ping command which can be used to execute arbitrary commands as root.
It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system.
Services By CQR