Invision Power Board is vulnerable to a remote code execution due to the use of the unserialize method on user input passed through cookies without a proper sanitization. This module exploits the vulnerability and installs an agent into the target host.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing IntraSrv Simple Web Server. The vulnerability is caused due to a boundary error within IntraSrv Simple Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.

This module exploits a stack overflow in InterSystems Cache by sending a specially crafted GET request.

This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Integard Home and Pro. The vulnerability is caused due to a boundary error within the handling of HTTP POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP POSTrequest to the server.

The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer.

This module exploits a stack-based buffer overflow in the Ipswitch Imail Server 2006.0 and 2006.1

This module exploits a stack-based buffer overflow in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS).

This module exploits a buffer overflow present in RtlDosPathNameToNTName_U!ntdll.dll used by IIS WebDAV.

After successful exploitation, this module executes an agent as the unprivileged IUSR or IWAM user.