CVE-2021-36707

In ProLink PRC2402M V1.0.18 and older, the setledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the ledcmd parameter is passed directly to dosystem...

ProLink PRC2402M 命令注入漏洞

ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setledonoff function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the ledcmd parameter...

The MIPS buffer overflow vulnerability practice-vulnerability warning-the black bar safety net

This practice from the learn-decrypt router vulnerability notes, and summaries. Mainly used to review and consolidate the entire process, the entire process is not very smooth, the main problem in the point that the overflow function of the address determination. This write your own exploit code ...

GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

Выполнение подзапросов и команд ОС в инъекциях SELECT под MySQL

We would like to open our blog notes on the practical implementation of the SQL-injections. And also we try to focus more attention on the practical aspects of web application security in the future. SQL injections are the most common server-side Web application vulnerabilities and meet almost...

MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit

No description provided by source. / $Id: raptorudf2.c,v 1.1 2006/01/18 17:58:54 raptor Exp $ raptorudf2.c - dynamic library for dosystem MySQL UDF Copyright c 2006 Marco Ivaldi [email protected] This is an helper dynamic library for local privilege escalation through MySQL run with root...

GNU Mailutils imap4d 0.6 Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

GNU Mailutils imap4d 0.6 - exec-shield Remote Format String

/ Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference: https://www.securityfocus.com/bid/14794 2005/09/09...

GNU Mailutils imap4d 0.6 Remote Format String Exploit (exec-shield)

Exploit for linux platform in category remote exploits =================================================================== GNU Mailutils imap4d 0.6 Remote Format String Exploit exec-shield =================================================================== / Fedora Core 6 exec-shield based GNU...