Input passed via the "from" and "to" POST parameters to converter.php is not properly sanitised before being stored in includes/currencies.php. This can be exploited to inject and execute arbitrary PHP code.
This module abuses a metacharacter injection vulnerability in the diff.php script. This flaw allows an unauthenticated attacker to execute arbitrary commands as the www-data user account.
Invision Power Board is vulnerable to a remote code execution due to the use of the unserialize method on user input passed through cookies without a proper sanitization.
The vulnerability is caused by scripts using "unserialize()" with user controlled input. This can be exploited to execute arbitrary PHP code via the "__destruct()" method of the "SugarTheme" class or passing an ad-hoc serialized object through the $_REQUEST['current_query_by_page'] input variable.
This module triggers a stack corruption vulnerability in Asterisk by sending a malformed packet to the 8088/TCP port.
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the SamrChangePassword function, when the "username map script" smb.conf option is enabled.
This update adds Solaris support.
This update adds Solaris support.
This module exploits an error in the PAM authentication code and installs an agent into the target host.
This update improves the reliability of the exploit.
This update improves the reliability of the exploit.
Input passed via the "page" parameter to index.php is not properly sanitised in the "Router()" function in core/lib/router.php before being used in an "eval()" call. This can be exploited to execute arbitrary PHP code.
A denial of service vulnerability has been found in the way the multiple
overlapping ranges are handled by the Apache HTTPD server.
This update fixes an issue when launching the module from an agent running
in a Linux system.
overlapping ranges are handled by the Apache HTTPD server.
This update fixes an issue when launching the module from an agent running
in a Linux system.
Traq is vulnerable to an authentication bypass vulnerability, this module exploits this vulnerability in order to install a plugin hook to ultimately install an agent in the target host.