header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

la-nai cms_v1.2.14 – Remote SQL Injection

The la-nai cms_v1.2.14 module is vulnerable to remote SQL injection. The authentication login on the site's front page can be bypassed by using a username from the la-nai tbl_ln_user database. This can be achieved by providing '/* contoh admin'/* <-- magic_quotes_gpc = off

Panda Antivirus 2008 Local Privilege Escalation

During installation of Panda Antivirus 2008, the permissions for the installation folder are set to Everyone:Full Control, allowing an unprivileged user to replace the service executable with a file of their choice and gain full access with LocalSystem privileges. This can be exploited by renaming the service executable, copying a trojaned application, and rebooting the system.

Easy RM RMVB to DVD Burner 1.8.11 – ‘Enter User Name’ Field Buffer Overflow (SEH)

Buffer overflow vulnerability in Easy RM RMVB to DVD Burner 1.8.11 allows remote attackers to execute arbitrary code via a long string in the 'Enter User Name' field. This can be exploited to execute arbitrary code with the privileges of the user running the application.

Easy WMV/ASF/ASX to DVD Burner 2.3.11 – ‘Enter User Name’ Field Buffer Overflow (SEH)

This exploit takes advantage of a buffer overflow vulnerability in the 'Enter User Name' field of Easy WMV/ASF/ASX to DVD Burner version 2.3.11. By pasting specific content into this field, an attacker can trigger the overflow and potentially execute arbitrary code.

Envolution <= v1.1.0 Remote SQL Injection

This perl script exploits a remote SQL injection vulnerability in Envolution <= v1.1.0. It allows an attacker to retrieve the username and password (md5) of a specific member using their member id. The vulnerability is due to improper input validation in the 'modules.php' file. By crafting a malicious request, an attacker can inject SQL code and retrieve sensitive information from the database.

Disk Savvy Enterprise 9.9.14 Remote SEH Buffer Overflow

This exploit takes advantage of a buffer overflow vulnerability in Disk Savvy Enterprise version 9.9.14. By sending a specially crafted request to the server, an attacker can trigger a stack-based buffer overflow, overwriting the Structured Exception Handler (SEH) and gaining control of the program execution flow. This allows the attacker to execute arbitrary code on the target system.

MP3 WAV to CD Burner 1.4.24 – ‘Enter User Name’ Field Buffer Overflow (SEH)

The 'Enter User Name' field in MP3 WAV to CD Burner version 1.4.24 is vulnerable to a buffer overflow attack. This can be exploited by pasting a large amount of data into the field, causing the program to crash or potentially execute arbitrary code.

Recent Exploits: