This exploit allows an attacker to perform a remote SQL injection attack in Yvora CMS v1.0. By manipulating the 'ID' parameter in the 'error_view.php' page, an attacker can inject malicious SQL code and retrieve sensitive information, such as usernames and passwords, from the database.
This exploit demonstrates a stack buffer overflow vulnerability in ALLMediaServer version 0.95. By sending a specially crafted request, an attacker can trigger a buffer overflow and potentially execute arbitrary code on the target system.
Input passed to the "files_dir" parameter is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
This module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
This exploit targets the YVerInfo.dll ActiveX control in Yahoo! Messenger versions up to 2007.8.27.1. It allows for buffer overflow attacks through the 'fvcom' or 'info' functions. The exploit is scriptable and can be exploited using the HeapSpray technique. The control can only be called if it believes it is being run from the yahoo.com domain. The exploit was tested on Windows XP Professional SP2 with all patches and Internet Explorer 7.
This exploit allows an attacker to perform SQL injection on Joomla! versions 1.5 Beta1, Beta2, and RC1. The vulnerability exists in the components/com_content/models/archive.php, components/com_content/models/category.php, and components/com_content/models/section.php files. The exploit takes advantage of the lack of input validation on the 'filter' variable, which is turned into lowercase without any proper sanitization. By manipulating the 'filter' parameter, an attacker can inject malicious SQL queries into the application's database queries. This can lead to unauthorized access, data manipulation, and other potential security risks.
This exploit allows for a buffer overflow in the MSN module of Cerulean Studios Trillian 0.74i. It spawns a shell on port 5555 when executed.
The exploit allows leakage of approximately 2000 bytes per second from Linux kernel memory on Intel Xeon CPU E5-1650 v3 and AMD PRO A8-9600 R7 machines. It may also be possible to leak host memory from inside a KVM guest on Intel CPUs. The exploit does not work as well on ARM CPUs.
The CKGold Shopping Cart v2.0 is vulnerable to blind SQL injection. An attacker can exploit this vulnerability to extract sensitive information from the database.
This exploit takes advantage of a vulnerability in the HTML object tag to execute arbitrary code. It uses a shellcode embedded in the script to perform the code execution.
Services By CQR