This exploit allows an attacker to perform directory traversal and read the contents of sensitive files on the target system. By providing a specially crafted input, the attacker can bypass the intended file path and access files outside of the web server's root directory.
The vulnerable buffer exists in the .VBP files of Visual Basic projects. This exploit allows for execution of arbitrary code.
This module exploits the YoungZSoft CCProxy <= v6.2 suite Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command.
This is a demonstration exploit that showcases how an attacker can use an HTTP form to perform unauthorized actions on a website. The form targets the admin.php page of a website and allows the attacker to create a new admin user with elevated privileges. The form collects inputs for username, name, password, and email. It also includes hidden fields that set additional parameters, such as admin rights and the operation to add an author. Once the form is submitted, the attacker can create a new admin user by clicking the 'Create Admin' button.
The RCE vulnerability present in monitor service of PeopleSoft 8.54, 8.55, 8.56.
This vulnerability can be triggered by luring a target user into running a malicious SMIL file locally or via a webpage. In the later scenario, the OBJECT (IE) and/or EMBED (FireFox) tags can be used. The provided proof of concept code demonstrates the exploit by creating a malicious SMIL file that triggers an integer overflow in QuickTime.
Disk Pule Enterprise Server Unauthenticated Remote Buffer Overflow SEH
Sysgauge Server Unauthenticated Remote Buffer Overflow SEH
This exploit allows remote arbitrary registry key manipulation through the Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll. The exploit involves manipulating the registry keys to execute unauthorized commands on the target system.
This exploit allows an attacker to include remote files in the eNetman - The Enchanced Network Manager application. The vulnerability is caused by the improper input validation in the 'index.php' file. By manipulating the 'page' parameter, an attacker can include arbitrary remote files, which can lead to remote code execution.
Services By CQR