This exploit allows an attacker to gain control over the execution of Apple QuickTime Player by making the buffer larger than the original exploit and overwriting the last exception handler. It has been tested on Apple QuickTime Player 7.3 and 7.2 with Internet Explorer 7, Firefox, and Opera on Windows XP SP2 and Vista.
In some cases, VbsErase fails to clear the argument variable properly, which can lead to crafting a variable with the array type, but with a pointer controlled by an attacker.
Event Portal is a web software (php script), that can be used to create advanced and multi-user event listing and ticket selling websites.
RunCMS is a comprehensive content management system (CMS) where ease of use, speed, & flexibility are the main development key points. RunCMS is a CMS coming from the cores of E-Xoops. E-Xoops 1.05r3 was the last version with the E-Xoops name.
This module requires Metasploit and is used for code injection. It includes functions for deflation and inflation.
This exploit allows an attacker to execute arbitrary code on a victim's machine by creating a specially crafted RAR archive file. By manipulating the right_hdr_crc value in the RAR file header, the attacker can modify the file content to include malicious code. When the victim opens the RAR file, the malicious code is executed.
This script demonstrates a buffer overflow vulnerability in Tabs Mail Carrier 2.5.1 in the MAIL FROM: parameter. The exploit allows for the execution of a bind shell on TCP port 19397. The script was tested on Windows Vista Home Basic SP2.
This exploit allows for remote code execution in FTPGetter Standard version v.5.97.0.177. The exploit author is w4fz5uck5 and the CVE number associated with this vulnerability is CVE-2019-9760.
The Pegasus CMS is vulnerable to directory traversal and Remote code execution due to the way the extra_fields.php plugin functions. The Plugin can be exploited using the safer eval trick to obtain remote code execution.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
Services By CQR