The specific flaw exists within the RA.ViewElements.Row.1 ActiveXControl method (PanelDevice.dll). By providing a malicious value to the BackColor property.
This module exploits a vulnerability in win32k.sys by creating special Windows menues with crafted parameters.
This module exploits an unauthenticated PHP Injection vulnerability abusing the unserialize() function.
The specific flaw exists within the SetDataIntf method of the AxEditGrid control. The control has an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address.
phpMyAdmin is prone to a regexp abuse via an eval modifier which can be found in old PHP versions. This vulnerability allows authenticated attackers to run arbitrary php code on the affected server.
PHP versions 4.3.0-5.4.6 had a "feature" which allowed users to run a RegExp Pattern Modifier using PREG_REPLACE_EVAL and may lead to execute code.
phpMyAdmin had an issue in their code that can be exploited from a table replace call.
The general idea is to insert a crafted regexp eval record format, and then trigger it via a find and replace function with system commands
For that purpose, the exploit will try to use any existing cookies of that host, or the username and password provided.
Once logged in, if the user provided a database, it will be used. If not, we will search for existing databases.
The attack will not leave any trace.
This exploit installs an OS Agent.
PHP versions 4.3.0-5.4.6 had a "feature" which allowed users to run a RegExp Pattern Modifier using PREG_REPLACE_EVAL and may lead to execute code.
phpMyAdmin had an issue in their code that can be exploited from a table replace call.
The general idea is to insert a crafted regexp eval record format, and then trigger it via a find and replace function with system commands
For that purpose, the exploit will try to use any existing cookies of that host, or the username and password provided.
Once logged in, if the user provided a database, it will be used. If not, we will search for existing databases.
The attack will not leave any trace.
This exploit installs an OS Agent.
A vulnerability exists in the FileUploadServlet servlet of WebNMS Framework Server. This servlet allows unauthenticated file uploads. By uploading a JSP file, an attacker can achieve remote code execution.
JMS Object messages within Apache ActiveMQ depend on Java Serialization for marshaling/unmashaling of the message payload. This lead to execution of untrusted code when a specially crafted object is received.
This update introduces an exploit that will attempt to connect using the STOMP protocol and abuse the vulnerability to execute a Core Impact agent in the vulnerable system.
This update introduces an exploit that will attempt to connect using the STOMP protocol and abuse the vulnerability to execute a Core Impact agent in the vulnerable system.
The specific flaw exists within the processing of network TCP requests by ELCSimulator.exe. A crafted request will cause a stack buffer overflow.
Microsoft Windows is prone to a stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This update improves the exploit reliability.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This update improves the exploit reliability.
A heap overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a crafted argument to the Attachment_Names method.
This update reduces user interaction, automating the focus of the mouse in the created window object.
This update reduces user interaction, automating the focus of the mouse in the created window object.