em4 soft and M3 soft both suffer from a privilege escalation vulnerability. Executables can be changed by an authenticated user due to improper permissions.
Microsoft PowerPoint Viewer 12.0.6600.1000 DLL Hijacking
Microsoft PowerPoint Viewer version 12.0.6600.1000 suffers from a DLL hijacking vulnerability.
ATutor 2.2.1 SQL Injection / Remote Code Execution
This Metasploit module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrators interface where they can upload malicious code. You are required to login to the target to reach the SQL Injection, however this can be done as a student […]
[webapps] Gallery 2 < 2.0.2 – Multiple Vulnerabilities
Gallery 2 < 2.0.2 – Multiple Vulnerabilities
[shellcode] – x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes)
x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes)
[local] – Secret Net 7 and Secret Net Studio 8 – Local Privilege Escalation
Secret Net 7 and Secret Net Studio 8 – Local Privilege Escalation
[dos] – PictureTrails Photo Editor GE.exe 2.0.0 – .bmp Crash PoC
PictureTrails Photo Editor GE.exe 2.0.0 – .bmp Crash PoC
[dos] – Quick Tftp Server Pro 2.3 – Read Mode Denial of Service
Quick Tftp Server Pro 2.3 – Read Mode Denial of Service
[dos] – Freeproxy Internet Suite 4.10 – Denial of Service
Freeproxy Internet Suite 4.10 – Denial of Service
jcow v9.9.1 CE – Multiple Persistent Cross Site Vulnerabilities
An independent vulnerability laboratory researcher discovered multiple application-side cross site scripting vulnerability in the jcow v9.9.1 CE web-application.