The Pigeon server version 3.02.0143 is vulnerable to a server freeze. By sending a specially crafted payload, an attacker can cause the server to freeze and become unresponsive.
This exploit targets Xitami Web Server version 2.5b4. By sending a specially crafted payload, an attacker can trigger a remote buffer overflow in the server, allowing them to execute arbitrary code on the target system. The exploit utilizes SEH (Structured Exception Handling) and an egghunter to locate the payload in memory.
The DWRCC executable file in Dameware Mini Remote Control version 10.0 x64 is affected by a buffer overflow vulnerability. The buffer size passed in the machine name parameter is not checked, allowing an attacker to pass a buffer to the machine host name parameter.
Windows PowerShell ISE will execute wrongly supplied code when debugging specially crafted PowerShell scripts that contain array brackets as part of the filename. This can result in ISE executing attacker supplied scripts pointed to by the filename and not the "trusted" PS file currently loaded and being viewed by a user in the host application. This undermines the integrity of PowerShell ISE allowing potential unexpected remote code execution.
The KML share 1.1 script, specifically the region.php layer, is vulnerable to remote file disclosure. By exploiting this vulnerability, an attacker can disclose sensitive files from the target system. An example of the exploit is shown below:POC : region.php?layer=../../../../../../../etc/passwd%00
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
This exploit allows an attacker to perform remote SQL injection on Seditio CMS version 121 or below. The vulnerability can be exploited if the target server meets the requirements of MySQL version 4.1 or above with magic_quotes_gpc set to Off. The exploit retrieves the user's hash and cookie to log in as the user.
Sricam DeviceViewer.exe 'username' field SEH overflow
You can upload a php shell file as a vehicle image. After uploading the image, the shell will be saved in the /uploads/ folder with the id code. You can access the shell by going to http://localhost/delivery/public/vehicles/ and right-clicking on the recent 'php shell photo' you have uploaded.
The Joomla! Component JiFile version 2.3.1 is vulnerable to an arbitrary file download. An attacker can exploit this vulnerability to download arbitrary files from the target system.
Services By CQR