This is a heap overflow bug in the inotify Linux kernel vulnerability. By triggering an inotify event through file open and rename, it is possible to manipulate the rip register. The exploit has been tested successfully on Debian 8 Linux version 3.16.39(amd64). However, it does not provide root access. Thanks to Vladis Dronov <vdronov () redhat com> and someone from HK university. Author: Jeremy Huang (jeremyhcw@gmail.com)
This is a quick and dirty PoC (Proof of Concept) for CVE-2016-6187, a heap off-by-one vulnerability. The exploit allows the execution of instructions from the address 0xdeadbeef. However, there is no privilege escalation payload included.
Modified PoC for CVE-2013-1763 with SMEP bypass. This exploit allows an attacker to bypass SMEP (Supervisor Mode Execution Prevention) on Linux systems. The exploit is based on the work by SynQ and was presented by Vitaly Nikolenko. The target system is Linux Ubuntu 3.5.0-23-generic #35~precise1-Ubuntu SMP Fri Jan 25 17:13:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux. The exploit code is written in C and compiled with gcc.
This exploit allows an attacker to escalate privileges on Ubuntu 16.04.4 kernel. The exploit code is provided in the form of a C program.
This is a Proof of Concept exploit against Firefox 46.0.1 that bypasses full ASLR and DEP using ASM.JS JIT spray. It targets a specific address of a fake node object and an ASM.JS float pool payload. By spraying ASM.JS float constant pools and fake Node objects, it triggers a vulnerability in the browser and allows the execution of arbitrary code.
The T-Soft E-Commerce 4 application is vulnerable to stored cross-site scripting (XSS) attacks. An attacker can exploit this vulnerability by adding a payload containing malicious JavaScript code to the 'UrunAdi' parameter when adding a product through the administrator page. When the payload is displayed on the website, it will be executed in the context of the user's browser, allowing the attacker to perform various malicious actions.
This exploit allows an attacker to execute arbitrary operating system commands on the target system. By sending a specially crafted HTTP request to the vulnerable CGI script, the attacker can inject malicious commands into the command parameter, which will be executed by the server. This can lead to unauthorized access, data leakage, and potential remote code execution.
This exploit allows an attacker to delete arbitrary files on the target system. By sending a specially crafted DELETE request, the attacker can specify the file to be deleted. This vulnerability can be exploited without authentication.
College Management System 1.0 allows SQL Injection via parameter 'course_code' in /College-Management-System/admin/asign-single-student-subjects.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Due to the Via WebDAV (Web Distributed Authoring and Versioning), on the remote server,telesquare TLR-2021 allows unauthorized users to upload any file(e.g. asp, aspx, cfm, html, jhtml, jsp, shtml) which causes remote code execution as well. Due to the WebDAV, it is possible to upload the arbitrary file utilizing the PUT method.
Services By CQR