This exploit allows an attacker to retrieve the admin username and MD5 hash using a SQL injection vulnerability in the Joomla Component Phil-a-Form version 1.2.0.0 or lower.
The Riverbed SteelCentral NetProfiler and NetExpress virtual appliances are affected by multiple security vulnerabilities, including authentication bypass, SQL injection, arbitrary code execution, privilege escalation, local file inclusion, account hijacking, and hardcoded default credentials. Details for other low severity vulnerabilities are available in the accompanying PDF. The SQL injection vulnerability allows an attacker to add a user account in the application's PostgreSQL database and bypass authentication. The exploitation of this vulnerability can be replicated from the main web GUI login functionality.
The submitPageChange function in BigTree CMS <= 4.2.11 is vulnerable to SQL Injection. The function is used twice during development in the following locations: /core/admin/modules/pages/front-end-update.php and /core/admin/modules/pages/update.php. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the /site/index.php/admin/pages/update/ endpoint. The vulnerability allows an authenticated attacker to execute arbitrary SQL queries.
The exploit allows an attacker to execute arbitrary code by creating a malicious CUE file that triggers a buffer overflow vulnerability in Ultra ISO. This can be used to run arbitrary shellcode, such as the Metasploit calc.exe shellcode used in this example.
This exploit targets VUPlayer version <=2.49 and uses a buffer overflow vulnerability to execute shellcode. It also bypasses DEP (Data Execution Prevention) on Windows 7 SP1.
This exploit allows an attacker to execute arbitrary code on a vulnerable machine running UltraISO version 8.6.2.2011 or earlier. The exploit takes advantage of a local buffer overflow vulnerability in the software. By providing a specially crafted bin and cue file, an attacker can execute arbitrary code with the privileges of the user running the vulnerable software. This exploit has been tested on Windows XP Service Pack 2. The shell_code used in the exploit is designed to execute the Windows calculator (calc.exe).
This module exploits a file upload vulnerability in Wolfcms version 0.8.2. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the '/public' directory.
The vulnerability allows an attacker to include a remote file by manipulating the 'waroot' parameter in the URL. This can lead to arbitrary code execution on the target system.
This exploit demonstrates a buffer overflow vulnerability in the Solaris LDAP service. By sending a specially crafted request, an attacker can execute arbitrary code with root privileges on the target system. This exploit contains shellcode to spawn a shell with root privileges.
The exploit allows an attacker to disclose sensitive files on the server by manipulating the skin parameter in the common.css.php script. By using directory traversal techniques, the attacker can access files outside the web root directory, such as the /etc/passwd file.