header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Nessus Vulnerability Scanner 3.0.6 ActiveX deleteReport() 0day Remote Delete File Exploit

This exploit targets the deleteReport() function in the Nessus Vulnerability Scanner 3.0.6 ActiveX control. By passing a relative path to the deleteReport() function, an attacker can delete arbitrary files on the system. The exploit was discovered by Krystian Kloskowski (h07) and has been tested on Nessus 3.0.6 running on Internet Explorer 6 on Windows XP SP2 (Polish). This exploit is provided for demonstration purposes only.

Crystal Player 1.98 Playlist(.mls) File Local Buffer Overflow Exploit

The exploit creates a crafted .mls file which triggers a buffer overflow in Crystal Player 1.98. This vulnerability allows an attacker to overwrite the EIP and EBP registers, leading to a Denial of Service (DOS) and potential library destruction upon successful exploitation. The exploit adds a user 'root' with password 'root' to the operating system. It has been tested on x86 Vista Enterprise Edition.

FASM Stack-based Buffer Overflow

FASM ( Flat Assembler ) 1.7.21 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

Easy File Sharing Web Server 7.2 – GET HTTP Request (PassWD) Buffer Overflow (SEH)

This exploit takes advantage of a buffer overflow vulnerability in the Easy File Sharing Web Server 7.2. By sending a specially crafted GET HTTP request, an attacker can trigger a buffer overflow, leading to potential remote code execution.

Clever Internet ActiveX Suite 6.2 (CLINETSUITEX6.OCX) Arbitrary file download/overwrite Exploit

This exploit allows an attacker to download and overwrite files on a vulnerable system using the "GetToFile" method of the CLINETSUITEX6.OCX ActiveX control. The provided code downloads a text file from a remote server and saves it to the local system. The exploit can be modified to overwrite any file on the system, such as cmd.exe.

Recent Exploits: