This module exploits a php object instantiation vulnerability in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently performs whitelist check which can be bypassed to trigger an object injection. An attacker can leverage this to deserialize an arbitrary payload and write a webshell to the target system, resulting in remote code execution. Tested on Shopware git branches 5.6, 5.5, 5.4, 5.3.
This module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root.
The kernel’s Registry Virtualization doesn’t safely open the real key for a virtualization location leading to enumerating arbitrary keys resulting in EoP.
Input passed to the "catid" parameter is not properly verified before being used to sql query. This can be exploited thru the browser and get the hash md5 password from users. Successful exploitation requires that "magic_quotes" is off.
Attacker can combine CSRF vulnerability in Trean Bookmarks and Stored XSS vulnerability in Horde TagCloud to steal victim's emails. Attacker can also use 3 different reflected XSS vulnerabilities to exploit Remote Command Execution, SQL Injection, and Code Execution. Attacker will send an email to the victim and when the victim clicks the attacker's website, the victim's inbox will be dumped in the attacker's FTP.
This is a proof-of-concept exploit for a remote Denial of Service (DoS) vulnerability in Apple MACOS X 10.5.0 (leopard) vpnd. The exploit triggers an arithmetic exception, causing the program to crash.
This exploit allows an attacker to escalate their privileges on a system using the ReadCD utility. It creates two C programs, s.c and ss.c, which are compiled and executed to gain root access. The exploit uses the setuid(0), setgid(0), chown, chmod, and execl functions to achieve this.
In Carel pCOWeb web page, user can modify the system configuration by accessing the /config/pw_snmp.html. Attackers can inject malicious XSS code in post data. The XSS code will be stored in the database, causing a stored XSS vulnerability.
integer overflow causes infinite loop in load_threadstack.
The XML entity expansion attack can be performed by sending requests that exceed the existing memory and processor capacities, causing memory bottlenecks and preventing the service from running.
Services By CQR