This module exploits a stack based buffer overflow found in SMPlayer 0.6.9 (Permanent DEP /AlwaysON). The overflow is triggered during the parsing of an overly long string found in a malicious SAMI subtitle file.
This is a vulnerability in the fishcart_v3 script where an attacker can include a remote file by manipulating the 'docroot' parameter in the fc_example.php file. This can lead to remote code execution.
The Carel PlantVisor software version <= 2.4.4 is affected by a directory traversal vulnerability that allows an attacker to download files located on the disk where the software is installed. The vulnerability supports both slash and backslash and their HTTP encoded values.
This module exploits a stack based buffer overflow vulnerability found in Dameware Mini Remote Control v4.0. The overflow is caused when sending an overly long username to the DWRCS executable listening on port 6129. The username is read into a strcpy() function causing an overwrite of the return pointer leading to arbitrary code execution.
This exploit allows an attacker to execute arbitrary commands on a Windows XP system by exploiting a vulnerability in the mSQL extension. The attacker can bind a TCP shell to a specific port and gain remote access to the target system.
This exploit targets the WFTPD Pro Server 3.21 and causes a Denial of Service (DoS) by sending a specially crafted MLST command. It fills the buffer with 'A's and sends the command repeatedly, increasing the size of the buffer each time. This exploit can crash the server and render it unavailable.
Input passed to the "svr_rootscript" parameter in order/login.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled.
This is a Python script that performs DNS cache poisoning. It is based on the Amit Klein paper: http://www.trusteer.com/docs/bind9dns.html. The script predicts the next transaction ID for DNS queries and attempts to poison the cache with malicious responses. The output of the script includes the time, IP, port, ID, query, number of good predicted IDs, and number of errors.
The vulnerability allows an attacker to extract users and admins login information. The exploit involves using a UNION SELECT statement to retrieve the username and password.
The CartWeaver application is vulnerable to SQL injection attacks in the Details.cfm page, specifically in the ProdID parameter. An attacker can manipulate the ProdID parameter to execute arbitrary SQL queries. This can lead to unauthorized access, disclosure of sensitive information, and potential compromise of the application and its data.