This exploit takes advantage of a remote buffer overflow vulnerability in DiskSavvy Enterprise version 9.4.18. It uses a SEH overwrite technique with WoW64 egghunters to gain remote code execution. The exploit is specifically designed for 64-bit operating systems. It includes a modified version of the original Win7 egghunter and a Win10 WoW64 egghunter. If a WoW64 egghunter is needed for other Windows versions, the author can be contacted through their website.
This exploit targets a buffer overflow vulnerability in the "SaveBMP()" method of AXIS Camera Control (AxisCamControl.ocx v. 1.0.2.15). The vulnerability allows an attacker to execute arbitrary code on vulnerable systems.
EasyCom PHP API suffers from multiple Buffer Overflow entry points, which can result in arbitrary code execution on affected system.
This module exploits object injection, authentication bypass, and IP spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing an authentication bypass issue on gauge.php, adversaries can exploit an object injection vulnerability that leads to an SQL injection attack, which leaks an administrator session token. Attackers can create a rogue action and policy that enables them to execute operating system commands using the captured session token. As a final step, an SSH login attempt with invalid credentials can trigger the created rogue policy, which in turn triggers an action that executes an operating system command with root user privileges. This module was tested against the following product and versions: AlienVault USM 5.3.0, 5.2.5, 5.0.0, 4.15.11, 4.5.0 AlienVault OSSIM 5.0.0, 4.6.1
The vulnerability allows an attacker to perform SQL injection attacks by exploiting the /details_news.php page. By manipulating the 'idnew' parameter, an attacker can inject malicious SQL queries and retrieve sensitive information from the database.
The exploit involves a crash in Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled. The crash occurs due to an out of bounds memory access in the GDI32 library.
Pull out members info from the database.
The vbzoom 1.x forum.php MainID parameter is vulnerable to remote SQL injection. An attacker can manipulate the MainID parameter to execute arbitrary SQL queries and retrieve sensitive information from the Member table. The vulnerability allows unauthorized access to user titles and passwords.
SQL injection in $id of videos.php, admin & password are in config.php, Path disclosure
The vulnerability exists in the $id parameter of the view_page.php file, allowing an attacker to inject SQL code. By using a UNION SELECT statement, the attacker can retrieve the usernames and passwords of users from the ava_users table where the id is 1.
Services By CQR
