The vulnerability exists due to insufficient sanitization of the 'display' parameter in the 'getAll' function in the 'DB.class.php' file and the 'getinfo' function in the 'modulefunctions.class.php' file. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the database.
The vulnerability allows remote attackers to include arbitrary files via a specially crafted URL in the addressbook.php script.
This script allows remote attackers to change the admin username and password of the INTELLINET IP Camera INT-L100M20N device.
This exploit allows an attacker to retrieve the admin username and hash from the EQdkp <= 1.3.2 application. The vulnerability exists in the listmembers.php file, where user input is not properly sanitized before being used in an SQL query. By injecting malicious SQL code through the 'rank' parameter in the URL, an attacker can retrieve sensitive information from the database.
The ipd-dos.c file is a Denial of Service (DoS) exploit that targets the ZwOpenSection function in the ntdll.dll library. By calling the function with specific parameters, it causes the system to crash or become unresponsive, resulting in a DoS condition.
Multiple vulnerabilities exist in Goron Web Server 2.0 for Windows. They allow an attacker to remotely DoS the server, or to abuse XSS or CSRF flaws by sending a crafted email to the web server administrator.
The dig.exe component of NECROSOFT NScan version <= v0.9.1 is vulnerable to a buffer overflow. By sending a specially crafted payload to the 'Target' input field in the DNS lookup, an attacker can overwrite the EIP register and execute arbitrary code.
This is an exploit for Sendcard version 3.4.1 that allows remote code execution. It takes advantage of a vulnerability in the software to execute arbitrary commands on the target server. The exploit requires the hostname or IP address of the target server, the path where Sendcard is located, and the command to execute. It can be used to list files on the server or read the contents of specific files.
This is a modified version of Debasis Mohanty's code. The return addresses and the ROP parts are ported from metasploit module exploit/windows/smb/ms08_067_netapi. The exploit utilizes a reverse TCP shellcode from metasploit with a payload size of 380 bytes. The shellcode is used to execute arbitrary code on a vulnerable system. The exploit takes advantage of a vulnerability in the SMB service on Windows systems to achieve remote code execution.
This exploit targets IBM Tivoli Provisioning Manager and allows for pre-auth remote exploitation. The exploit payload is sent to the target IP address and port 8080. The exploit code is provided in the script.
Services By CQR