This exploit allows an attacker to cause a denial of service (DoS) on the QNap QVR Client 5.0.3.23100 software. By sending a specially crafted payload, the software crashes, rendering it unusable.
This exploit allows an attacker to disclose kernel memory on Solaris systems using the fifofs I_PEEK vulnerability. By leveraging this vulnerability, an attacker can read sensitive information from kernel memory.
This exploit targets a buffer overflow vulnerability in CloudMe Sync version 1.10.9. It bypasses both SEH and DEP protections on Windows 10 (x64) systems. By sending a specially crafted request, an attacker can overwrite the SEH handler and execute arbitrary code.
Wavemaker Studio 6.6 contains an exploitable unvaildated parameter allowing an attacker to pass dangerous content to a victim via a phishing link. The vulnerability can also be exploited to access sensitive data or to use the server hosting Wavemaker as a form of HTTP proxy among other things.
CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download.
The application is vulnerable to CSRF attack (No CSRF token in place) meaning that if an admin user can be tricked to visit a crafted URL created by attacker (via spear phishing/social engineering).
This exploit targets a buffer overflow vulnerability in AgataSoft Auto PingMaster 1.5. By generating a specific payload and pasting it into the application's 'Host name' field, an attacker can execute arbitrary code, such as launching the calculator application. The vulnerability has been tested on Windows 7 SP1 x86.
This exploit allows an attacker to disclose kernel memory information on Solaris systems. It takes advantage of a vulnerability in the sysinfo() function, which can be used to obtain sensitive system information. By exploiting this vulnerability, an attacker can retrieve kernel memory contents, potentially exposing sensitive data.
The Socumsoft Wedding Slideshow Studio 1.36 software is vulnerable to a buffer overflow exploit. By copying and pasting a specially crafted payload into the License Name field and clicking Register, an attacker can execute arbitrary code on the target system.
This exploit takes advantage of a buffer overflow vulnerability in the Eggdrop Server Module Message Handling. By sending a specially crafted request, an attacker can overflow the buffer and execute arbitrary code on the target system. The exploit is a fake ircd and can be used to poison DNS cache or perform other malicious actions.
Services By CQR