To trigger the exploit, click 'Search' -> second (+) sign -> 'Add Input Directory' and paste the content of Dup_Scout_buffer.txt
The YNP Portal System version 2.2.0 is vulnerable to remote file disclosure. This allows an attacker to access sensitive files on the server by exploiting the 'showpage.cgi' script. By manipulating the 'p' parameter in the URL, an attacker can disclose files outside the web root directory, such as the '/etc/passwd' file.
This is a proof-of-concept exploit for a heap overflow vulnerability in the TiTan FTP Server. The exploit takes advantage of a long command input to overflow the heap and potentially execute arbitrary code.
This module exploits CVE-2017-1000117, which affects Git version 2.7.5 and lower. A submodule of the form 'ssh://' can be passed parameters from the username incorrectly. This can be used to inject commands to the operating system when the submodule is cloned. This module creates a fake git repository which contains a submodule containing the vulnerability. The vulnerability is triggered when the submodules are initialised.
This exploit targets the VDT70.DLL component in Microsoft Visual Database Tools Database Designer V7.0. It takes advantage of a stack overflow vulnerability to execute arbitrary code. The exploit was discovered by D_7J and developed by the DeltahackingSecurityTEAM. It has been tested on Windows XP Professional SP2 with Internet Explorer 6.
The exploit takes advantage of a buffer overflow vulnerability in Easy Vedio to PSP Converter version 1.6.20. By pasting a specially crafted content into the 'Enter User Name' field, an attacker can trigger the overflow and gain control of the program's execution flow.
An attacker can bypass authentication in the admin dashboard and gain full access to the application and users. Additionally, an attacker can send a malicious page to an authenticated user to change their password.
The la-nai cms_v1.2.14 module is vulnerable to remote SQL injection. The authentication login on the site's front page can be bypassed by using a username from the la-nai tbl_ln_user database. This can be achieved by providing '/* contoh admin'/* <-- magic_quotes_gpc = off
During installation of Panda Antivirus 2008, the permissions for the installation folder are set to Everyone:Full Control, allowing an unprivileged user to replace the service executable with a file of their choice and gain full access with LocalSystem privileges. This can be exploited by renaming the service executable, copying a trojaned application, and rebooting the system.
Buffer overflow vulnerability in Easy RM RMVB to DVD Burner 1.8.11 allows remote attackers to execute arbitrary code via a long string in the 'Enter User Name' field. This can be exploited to execute arbitrary code with the privileges of the user running the application.
Services By CQR