The username field on the login page is susceptible to SQL injection. The exploit involves manipulating the 'username' parameter in the login URL to inject SQL code that bypasses the login authentication and grants unauthorized access to the system.
The main.cpp file contains a buffer overflow vulnerability that can be exploited by sending a crafted packet to the server. The vulnerability is present in the craft_pkt[] array where the packet is constructed. An attacker can exploit this vulnerability by sending a packet with a payload that is longer than the buffer size, causing a buffer overflow and potentially allowing the attacker to execute arbitrary code on the server.
Pulls user details from the database, returns multiple data
Racer v0.5.3 beta 5 is prone to a buffer overflow vulnerability in the server and client. By sending an overly long buffer, an attacker can control the eip register and execute arbitrary code. The exploit has been tested on Windows XP SP2 English.
The vulnerability allows an attacker to disclose arbitrary files on the remote system. By manipulating the 'file' parameter in the '/go/_files/' directory, an attacker can access files outside of the intended directory. This can lead to the disclosure of sensitive information and potentially compromise the system.
The code in main.cpp contains a vulnerability related to the use of an uninitialized variable. The variable `sockfd` is not initialized before being used in the `bind` function, which can lead to undefined behavior and potential security vulnerabilities. This vulnerability can be exploited by an attacker to cause a denial of service or execute arbitrary code.
This exploit tests the target Oracle WebLogic Server for Java Deserialization RCE vulnerability. The ysoserial payload causes the target to send Ping requests to attacking machine. You can monitor ICMP ECHO requests on your attacking machine using TCPDump to know if the exploit was successful. Feel free to modify the payload(chunk2) with that of your choice. Don't worry about modiyfing the payload length each time you change the payload as this script will do it for you on the fly.
This exploit targets the Savant webserver 3.1 and allows for remote buffer overflow. It uses shellcode to bind port 4444 on the target host.
The vulnerability exists in the 'timeline' and 'id' GET parameters which are not sanitized and used in dynamically generating SQL syntax.
This exploit takes advantage of a vulnerability in Microsoft DXMedia SDK 6's ActiveX control called "SourceUrl". By setting the SourceUrl property to a specially crafted value, an attacker can execute arbitrary code on a vulnerable system. This exploit has been tested on Microsoft DirectX Media 6.0 SDK, Microsoft Internet Explorer 6 with all patches, and Microsoft Windows XP SP2 (Polish) with all patches.