This exploit targets a vulnerability in QuickTime that allows remote attackers to rewrite the stack and execute arbitrary code on systems running Internet Explorer 6 or 7. It involves sending a specially crafted RTSP response with a manipulated Content-type header. The exploit has been tested on Windows Vista and Windows XP SP2 with IE 6.0/7.0 and QuickTime 7.2/7.3.
The program AIDA64 Extreme 5.99.4900 has a SEH Buffer Overflow vulnerability. This code demonstrates one of the instances of the vulnerability. The vulnerability exists in several places within the program. To optimize the code, a stack pivot technique is used, which is the same in Extreme, Engineer, and Network Audit editions of version 5.99.4900. The vulnerability also exists in older versions of the program available on sites like soft32.com or in the AIDA64 downloads archive.
This exploit allows an attacker to perform unauthenticated SQL injection on CMS Made Simple version 2.2.9 or earlier. The vulnerability can be exploited by sending a specially crafted request to the 'moduleinterface.php' file. If exploited successfully, an attacker can gain unauthorized access to the database and potentially extract sensitive information. This vulnerability has been assigned CVE-2019-9053.
LimeSurvey < 3.16 uses an old version of the 'TCPDF' library, which is vulnerable to a Serialization Attack via the 'phar://' wrapper.
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. The issue is triggered when an unauthorized input passed via multiple POST and GET parameters are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The Web Parameter Tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack can be performed by a malicious user who wants to exploit the application for their own benefit, or an attacker who wishes to attack a third-person using a Man-in-the-middle attack. In both cases, tools likes Webscarab and Paros proxy are mostly used.
This exploit corrupts random memory in the browser and launches calculator. It crashes IE even if it fails. It has been tested with Forum XSS Injections, Wordpress 0day, and CMS Injections.
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.jms.common.StreamMessageImpl) to the interface to execute code on vulnerable hosts.
This module exploits a File Upload vulnerability that lead in a RCE in Showtime2 module (<= 3.6.2) in CMS Made Simple (CMSMS). An authenticated user with 'Use Showtime2' privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class 'class.showtime2_image.php' does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1
This exploit takes advantage of a local buffer overflow vulnerability in Base64 Decoder version 1.1.2. The exploit overflows the SEH (Structured Exception Handler) and uses an egghunter technique to execute arbitrary code.
Services By CQR