10 matches found
CVE-2026-25866
MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...
CVE-2020-7825
A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform...
Valve: Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection
With the vulnerability of the GoldSource Engine, the server is able to perform remote code execution on the client, overwriting the stack when reading the BMP file. The problem is in the LoadBMP8 function, which is executed when the player connects to the server, by loading the...
Microsoft Office PowerPoint 2007 DLL Hijacking Exploit
/ Exploit Title: Microsoft Office PowerPoint 2007 DLL Hijacking Exploit rpawinet.dll Date: August 25, 2010 Author: storm [email protected] Version: 2007 12.0.6535.5002 SP2 Tested on: Windows Vista SP2 http://www.gonullyourself.org/ gcc -shared -o rpawinet.dll PowerPoint-DLL.c .odp, .pothtm...
Windows XP Pro Sp2 English "Wordpad" Shellcode (15 bytes)
No description provided by source. ========================================================= Windows XP Pro Sp2 English "Wordpad" Shellcode 15 bytes ========================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\...
Cross site scripting
The Foreign Function Interface ffi extension in PHP 5.0.5 does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does n...
CVE-2007-4528
The Foreign Function Interface ffi extension in PHP 5.0.5 does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does n...
CVE-2007-4528
CVE-2007-4528 concerns PHP’s Foreign Function Interface (ffi) extension in PHP 5.0.5, which does not enforce safe_mode restrictions. This can let context-dependent attackers load an arbitrary DLL and call a function (e.g., kernel32.dll and WinExec), yielding arbitrary code execution in affected c...
CVE-2007-4528
The Foreign Function Interface ffi extension in PHP 5.0.5 does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does n...
Not dead shellcode-exploit warning-the black bar safety net
HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...