This exploit takes advantage of a buffer overflow vulnerability in the Imail software to gain unauthorized access to the system. It allows an attacker to execute arbitrary code on the target machine.
The PHP imagepsloadfont function is vulnerable to a buffer overflow. By providing a long string as the argument, an attacker can cause an access violation and potentially execute arbitrary code.
When importing a large user account file on to EFS Web Server 7.2 will trigger the vulnerability.
FASM ( Flat Assembler ) 1.7.21 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This exploit takes advantage of a buffer overflow vulnerability in the Easy File Sharing Web Server 7.2. By sending a specially crafted GET HTTP request, an attacker can trigger a buffer overflow, leading to potential remote code execution.
This exploit allows an attacker to download and overwrite files on a vulnerable system using the "GetToFile" method of the CLINETSUITEX6.OCX ActiveX control. The provided code downloads a text file from a remote server and saves it to the local system. The exploit can be modified to overwrite any file on the system, such as cmd.exe.
This module exploits a POST buffer overflow in the Easy File Sharing FTP Server 7.2 software.
This module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user which is root. The backupNow.do endpoint takes several user inputs and then pass them to the internal service which is responsible for executing operating system command. One of the user input is being passed to the service without proper validation. That cause an command injection vulnerability. But given parameters, such a SSH ip address, port and credentials are validated before executing terminal command. Thus, you need to configure your own SSH service and set the required parameter during module usage. This module was tested against Symantec Messaging Gateway 10.6.2-7.
The exploit allows an attacker to perform a blind SQL injection attack on the IndexScript website. By manipulating the 'cat_id' parameter in the 'show_cat.php' page, the attacker can extract login credentials from the 'dir_login' table.
There is a type confusion vulnerability in Microsoft Edge. The crash happens inside CAttrArray::PrivateFindInl. Rcx (this) pointer is supposed to point to a CAttrArray but it actually points to a CAttribute. CAttrArray::PrivateFindInl is only going to perform reads and its return value is going to be discarded by the calling function (CAttrArray::SetParsed). However, the actual type confusion happens further down the stack (possibly inside CssParser::RecordProperty) and if CAttrArray::PrivateFindInl returns false (can be controlled by an attacker), then CAttrArray::Set is going to also be called with the wrong type, which might lead to more serious consequences.
Services By CQR