The vulnerability allows an attacker to inject SQL commands.
This module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.
This module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.
This exploit allows an attacker to perform a remote SQL injection attack in the AuraCMS Forum Module. The vulnerability is caused by a lack of proper input filtering on the variable $id, which can be manipulated by a user through their browser. By exploiting this vulnerability, an attacker can execute arbitrary SQL queries and potentially gain unauthorized access to the database.
This exploit allows an attacker to retrieve the admin password(md5) from the paBugs v2.0 Beta 3 application. It uses a union-based SQL injection technique to extract the password from the admin table.
A local buffer overflow vulnerability exists in Live for Speed (LFS) racing simulator. The vulnerability can be exploited by tricking a user into opening a specially crafted .mpr file, allowing an attacker to execute arbitrary shell code on the victim's computer. The buffer overflow is caused by a flaw in the car name field of the .mpr file. By manipulating the car name, an attacker can perform a jump or call to the ESP register, allowing for code execution. The vulnerability affects LFS versions S2, S1, and the demo version.
This exploit targets a vulnerability in dxtmsft.dll, which is a part of DirectX Media -- Image DirectX Transforms. The vulnerability allows for a remote buffer overflow attack. By clicking a button on a webpage, an attacker can execute arbitrary code on the target system. The exploit code in this case creates a large buffer, overflows it, and then injects shellcode to be executed.
This exploit allows an attacker to change the IP address on all D-Link DCS-900 cameras on the local network without authentication. The cameras use a broadcast/listen method of configuration and listen for a UDP broadcast packet to set their IP address. By sending a modified packet, an attacker can set the IP address of all listening cameras to a desired value.
The vulnerability allows the working user group to inject sql commands
This script is used to test the vulnerability in ASA-2007-015. It establishes a call and sends IAX2 control packets with subtypes 0x0b or 0x0c that contain an information element. If asterisk sends an ACK to the trigger, it didn't crash. If no ACK is read off the socket during the timeout, consider asterisk to be crashed.
Services By CQR