header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

GeoMoose <= 2.9.2 Local File Disclosure

The vulnerability allows an attacker to disclose local files on the target system by exploiting a flaw in the GeoMoose software version 2.9.2 and below. By manipulating the 'id' and 'ext' parameters in the '/php/download.php' URL, an attacker can traverse directories and access sensitive files such as '/etc/passwd' and '/WINDOWS/system32/drivers/etc/hosts'.

PHP 5.2.3 glob() Remote DoS Exploit

This exploit targets a vulnerability in the glob() function in PHP 5.2.3. By passing a non-integer value to the 'flags' parameter, an EIP (Extended Instruction Pointer) overwrite can be triggered, causing a Denial of Service. The exploit takes advantage of this to overwrite the EIP with the first 4 bytes of a filename. By saving a file with a specific name and launching it, the EIP can be controlled. This vulnerability was discovered by 'shinnai' with the help of 'Footzo'.

MkPortal reviews and gallery modules SQL Injection Exploit

This exploit targets the MkPortal reviews and gallery modules with versions <= 1.1.1. It allows an attacker to execute arbitrary SQL queries on the vulnerable system. The exploit was discovered by Coloss and developed by Coloss. This is a priv8 exploit, not suitable for children.

Symantec AntiVirus symtdi.sys Local Privilege Escalation

This exploit targets a vulnerability in the symtdi.sys driver of Symantec AntiVirus. By sending specially crafted input to the driver, an attacker can escalate their privileges on the affected system. This vulnerability allows an attacker with limited privileges to execute arbitrary code with kernel-level privileges, potentially gaining full control of the system. This exploit was published on milw0rm.com on July 12, 2007.

Sync Breeze Enterprise v9.5.16 – Remote buffer overflow (SEH)

This exploit is a remote buffer overflow in Sync Breeze Enterprise v9.5.16. By sending a specially crafted request to the application, an attacker can trigger a buffer overflow condition, potentially allowing them to execute arbitrary code on the target system. This vulnerability has a CVSS severity score of 9.8 (Critical).

Subvert The Stack Base Address Randomization With Suid-Binaries

The latest Ubuntu Lucid stock kernel (2.6.32-27-generic) contains a bug that allows a lower privileged user to keep attached to open /proc file entries even after the process is executing suid binary. This allows a malicious user to access information from the proc interface or modify process settings of privileged processes. By monitoring syscalls, syscall stack, and limits of running suid binaries, a simple helper program (ProcReadHelper.c) can be used to open a proc entry before executing a suid program and keep it open. This exploit can also modify core dump flags of running suid binaries by using the same technique on writeable proc files.

sasatl.dll 1.5.0.531 Program Checker-Method DebugMsgLog Heap Spraying Exploit

The DebugMsgLog method in sasatl.dll is prone to a stack-based buffer-overflow vulnerability, because it fails to properly check boundaries. An attacker could execute arbitrary code into the remote machine.

Recent Exploits: