CakePHP is vulnerable to a file inclusion attack because of its use of the "unserialize()" function on unchecked user input. This makes it possible to inject arbitrary objects into the scope.
This is a kernel exploit that takes advantage of the missing do_munmap return check in the mremap function. It allows an attacker to gain elevated privileges on vulnerable systems. The exploit works by exploiting a vulnerability in the mremap function of the Linux kernel, specifically in versions <= 2.2.25, <= 2.4.24, and <= 2.6.2. By exploiting this vulnerability, an attacker can execute arbitrary code with root privileges. This exploit requires the suid permission on the target binary /bin/ping. The exploit code is written in C and requires compilation with gcc. The exploit can be executed by running the compiled binary with optional arguments for suid and shell.
This exploit is for a buffer overflow vulnerability in eXtremeMP3 Player. It allows an attacker to execute arbitrary code by loading a malicious file through the playlist manager.
This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TCP/IP packet.
Confirmation that SiteScape servers are vulnerable to TCL injection allowing remote code execution through TCL payloads. SecureState has released proof of concept exploit code for this vulnerability.
The NtUserLoadKeyboardLayoutEx function in Windows allows an attacker to inject shellcode into a process by manipulating the offTable parameter. By passing a specially crafted value for offTable, an attacker can cause the function to execute arbitrary code.
This exploit allows an attacker to perform a remote SQL injection attack on ASPPortal version 3.1.1. It takes advantage of a vulnerability in the 'download_click.asp' script to execute arbitrary SQL queries and retrieve sensitive information from the database.
The exploit takes advantage of a file inclusion vulnerability in the Lotus CMS Fraise v3.0. The vulnerability exists in lines 15-23 of the core/lib/router.php file. The CMS also allows an attacker to inject malicious content by commenting on blog posts. The exploit includes proxy support, dynamic User-agent generation, Apache access log and Lotus blog comment injection routines, and custom shell creation and deletion.
TinyBB Version 1.2 is vulnerable to SQLi. The exploit can be performed by appending ' or 'a'='a to the profile ID parameter in the URL.
This exploit causes a denial of service (DoS) by triggering an unhandled exception in the JPEG2000.dll module of IrfanView 4.28. It occurs due to an integer division by zero.
Services By CQR