This exploit allows an attacker to execute arbitrary commands on the target system. The exploit works on HP Client versions 7.9, 8.1, 9.0, and 9.1. It has been tested on Windows 7 and CentOS release 6.7 (Final). The vulnerability is identified as CVE-2015-1497.
This exploit allows an attacker to delete the system.ini file on the target machine. The exploit is triggered by clicking a button on a webpage that utilizes the Zenturi ProgramChecker ActiveX control. The exploit prompts the user with a message asking if they want to run the exploit, and if they confirm, it will delete the system.ini file. This can cause the target machine to fail to restart properly. The exploit was tested on Windows XP Professional SP2 with Internet Explorer 7.
The IPv6 netfilter subsystem in the Linux kernel through 4.6.2 does not validate certain offset fields, which allows local users to escalate privileges via an IP6T_SO_SET_REPLACE compat setsockopt call with ip6_tables module loaded.
Kernel level (Ring0) DoS in IPv6 support of IPSecDrv.sys (causes an infinite loop in searching option headers 0x1000BEB0). This POC only works on a local subnet since it sends an invalid packet and any sensible router will drop it. However, this is exploitable remotely with IPv6.
The PHP Classifieds Rental Script is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by injecting SQL queries through the 'refid' parameter in the 'product_details.php' page, which can lead to unauthorized access or data manipulation in the database.
An authenticated user can access arbitrary files on the local system.
The server doesn't do a sanity-check on 'Content-Length' value from POST Header, allowing the attacker to control the allocation size and the position in the 'pucPayload' char pointer to write. This could be used to trigger an exception.
This exploit targets a buffer overflow vulnerability in Disk Savvy Enterprise 9.0.32. It allows an attacker to execute arbitrary code with NT AUTHORITYSYSTEM privileges. The exploit does not require authentication. The IP address, shellcode, and bytes can be adjusted as needed. It has been tested on Windows 7 x86 Enterprise SP1.
The exploit allows an attacker to execute arbitrary code and gain NT AUTHORITYSYSTEM privileges in Disk Sorter Enterprise version 9.0.24. The exploit does not require authentication and can be triggered by sending a specially crafted request. The exploit has been tested on Windows 7 x86 Enterprise SP1.
This exploit targets a buffer overflow vulnerability in Dup Scout Enterprise 9.0.28. It allows an attacker to execute arbitrary code and gain NT AUTHORITYSYSTEM privileges without authentication. The exploit has been tested on Windows 7 x86 Enterprise SP1. The payload size is 308 bytes.
Services By CQR