This module exploits a vulnerability in MongoDB server. An arbitrary value passed as a parameter to the nativeHelper function in MongoDB server allows an attacker to control the execution flows to achieve remote code execution.
This module exploits a vulnerability in W3 Total Cache plugin for Wordpress. Certain macros such as mfunc allow to inject PHP code into comments. By injecting a crafted comment into a valid post an attacker can execute arbitrary PHP code on systems running vulnerable installations of W3 Total Cache.
The DRDA protocol dissector in Wireshark can enter an infinite loop when processing an specially crafted DRDA packet with the iLength field set to 0, causing Wireshark to stop responding.
This module abuses a vulnerability in phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 that allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
This module exploits a remote code execution vulnerability in HP Intelligent Management Center by using the "mibFileUpload" servlet to upload an arbitrary .JSP file.
This module exploits a remote buffer overflow in Firebird SQL by sending a malformed packet to the 3050/TCP port.
This module exploits a remote buffer overflow in Nagios history.cgi by sending a malformed host parameter.
An error in the way that Java implements dynamic binding can be abused to overwrite public final fields.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
The default Java security properties configuration does not restrict access to certain objects in the com.sun.jmx.mbeanserver packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This module exploits a remote buffer overflow in Novell eDirectory by sending a malformed packet to the 524/TCP port.