NETGATE Registry Cleaner installs a service with an unquoted service path. To properly exploit this vulnerability, the local attacker must insert an executable file in the path of the service. Upon service restart or system reboot, the malicious code will be run with elevated privileges.
The exploit crashes Firefox 49.0.1 by sending a specially crafted request. It causes a denial of service by overwhelming the browser and making it unresponsive.
You can change admin's password with CSRF, if you know admin's username
This exploit allows an attacker to download and execute any file they like on the target system. It takes advantage of a code injection vulnerability in the HTML object tag.
The NetBilletterie 2.8 software is vulnerable to multiple SQL Injection attacks. These include time-based blind SQL Injection and boolean-based blind SQL Injection. An attacker can exploit these vulnerabilities to execute arbitrary SQL commands and potentially gain unauthorized access to the database.
MoviePlay is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this vulnerability allows attackers to execute arbitrary machine code in the context of the affected application. The exploit consists of 1053 bytes of buffer, followed by 4 bytes for the return address, 351 bytes of shell code, and 592 bytes of buffer. The file size is 2000 bytes.
1) Plaintext storage of administrative password: Every user password is stored in clear text. An attacker with access to the device itself can easily obtain the full list of passwords. By exploiting command injection or authentication bypass issues, the clear text admin password can be retrieved.2) Missing CSRF protection: The web interface does not use any CSRF protection. If a valid session exists for the user, the attacker can modify all settings of the device via CSRF. If there is no valid session, but the user did not change the default admin password, the attacker can log in as admin via CSRF as well.3) Unauthenticated information disclosure: Under the /cgi-bin/nobody folder every CGI script can be accessed without authentication.
The Zenturi ProgramChecker ActiveX Control "NavigateUrl()" method allows arbitrary local file execution on a target system. This can be exploited to download and execute malicious files on a victim's machine. The vulnerability was discovered by shinnai and reported on milw0rm.com.
This exploit targets a buffer overflow vulnerability in the bmp parsing functionality of the xv image viewer. By providing a specially crafted bmp file, an attacker can execute arbitrary code on the system. The exploit takes advantage of a vulnerability in the bisize field of the bmp header structure to overwrite memory and execute shellcode. The exploit requires the user to provide a return address and an optional alignment value.
sheed AntiVirus installs a service with an unquoted service path. To properly exploit this vulnerability, the local attacker must insert an executable file in the path of the service. Upon service restart or system reboot, the malicious code will be run with elevated privileges.
Services By CQR