This exploit is a stack overflow vulnerability in Windows media player 6.4 MP4 codec. It allows an attacker to execute arbitrary code on a vulnerable system. The exploit has been discovered and exploited by SYS 49152.
This modules exploits a vulnerability in Cisco Prime Infrastructure's runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root.
This exploit allows an attacker to execute arbitrary code and gain a bind shell on port 3110 by exploiting a vulnerability in TuneClone software. The exploit leverages a buffer overflow vulnerability to overwrite the Structured Exception Handler (SEH) and gain control of the program flow.
The exploit is a stack overflow vulnerability in Media Player Classic 6.4.9. It allows an attacker to execute arbitrary code by providing a specially crafted MP4 file. The vulnerability was discovered and exploited by SYS 49152. It has been tested on Windows XP SP2 ENG and provides a shell on port 49152.
This exploit allows an attacker to escalate their privileges in Serv-U version 15.1.6. By providing specific arguments to the program, an attacker can execute arbitrary commands with root privileges.
A flaw exists in sudo's -u option (aka sudoedit) in sudo version 1.6.8 that can give an attacker read permission to a file that would otherwise be unreadable.
This exploit allows an attacker to include arbitrary files on a vulnerable phpBB 2.0.4 installation. By manipulating the 'sfile' variable, an attacker can execute malicious code on the server. The vulnerability was discovered in June 2003 by Spoofed Existence.
This module exploits a command execution vulnerability in AROX School-ERP. 'import_stud.php' and 'upload_fille.php' do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore an unathenticated user can execute the command on the system.
This exploit takes advantage of a buffer overflow vulnerability in Aida64 version 6.00.5100. By pasting specific content into the 'Log Sensor Reading to CSV log File' field in the application, an attacker can trigger a SEH buffer overflow.
The Pronestor service PNHM before 8.1.12.0 has insecure permissions for the PronestorHealthMonitor.exe file, allowing local users to gain privileges by executing a Trojan horse PronestorHealthMonitor.exe file. The vulnerability is due to the weak file permissions set during the installation of Pronestors Outlook-Add-In, which creates the PNHM service running as SYSTEM and allows all Authenticated Users to potentially execute arbitrary code as SYSTEM on the local system.
Services By CQR