This exploit demonstrates a buffer overflow vulnerability in IcoFX version 2.6.0.0. It utilizes a JOP chain to bypass DEP (Data Execution Prevention) and overwrite the SEH (Structured Exception Handler) with a stack pivot. By opening a malicious .ico file, an attacker can execute arbitrary code on the target system.
Color Notes is vulnerable to a DoS condition when a long list of characters is being used when creating a note. Successful exploitation will cause the application to stop working.
The exploit allows an authenticated user to execute remote code on Gitlab version 13.10.2 and below. By providing a command through the command line argument, the exploit creates a payload and uploads it as a snippet on the Gitlab instance. This results in the execution of the provided command on the target system.
This exploit allows an authenticated user to execute remote code on GitLab versions below 13.9.4. The vulnerability exists due to improper input validation, which allows an attacker to inject arbitrary commands. By exploiting this vulnerability, an attacker can execute malicious code on the target system.
An early release of PHP, the PHP 8.1.0-dev version was released with a backdoor on March 28th 2021, but the backdoor was quickly discovered and removed. If this version of PHP runs on a server, an attacker can execute arbitrary code by sending the User-Agentt header. The following exploit uses the backdoor to provide a pseudo shell on the host.
To exploit this vulnerability an attacker requires drop a malicious executable into the service path undetected by the OS in order to gain SYSTEM privileges.
This is a proof of concept for CVE-2020-11978, a RCE vulnerability in one of the example DAGs shipped with airflow. This combines with CVE-2020-13927 where unauthenticated requests to Airflow's Experimental API were allowed by default. Together, potentially allows unauthenticated RCE to Airflow.
This exploit allows for XSS, LFI, and PostgreSQL password stealing attacks. It injects malicious JavaScript code into the Postbird application, enabling the attacker to exfiltrate data and steal credentials.
This exploit allows an attacker to execute arbitrary JavaScript code in the context of a user's browser by storing malicious script in the 'Comment' field of the restaurant reservation form.
This exploit allows an attacker to perform arbitrary writes to escalate privileges locally. The vulnerability exists in the DELL dbutil_2_3.sys driver version 2.3 and below. By sending a specially crafted buffer structure to the vulnerable driver, an attacker can write arbitrary values to a specific memory location. This can be leveraged to overwrite critical data or execute arbitrary code with elevated privileges.
Services By CQR