papers

What this paper is This paper is a short advisory detailing a SQL injection vulnerability found in Web Wiz Forum. The author, eXeSoul, identifies specific URL patterns that are susceptible to this type of attack. The cor

What this paper is This paper details an arbitrary file upload vulnerability in Constructr CMS version 3.03. The exploit, written in Perl, leverages this vulnerability to allow an attacker to upload a malicious file to t

What this paper is This paper, published in March 2011 by Jeremy Brown, details a vulnerability in the Progea Movicon 11 TCPUploadServer service. The core issue is that this service allows remote users to execute various

What this paper is This paper details a Denial of Service (DoS) vulnerability in the IGSS 8 ODBC Server. The vulnerability allows an attacker to crash the server by sending a specially crafted network packet. The author,

What this paper is This paper details a Denial of Service (DoS) vulnerability in VMCPlayer version 1.0. It explains how to trigger this vulnerability through two methods: by providing an invalid file path when launching

What this paper is This paper details a Metasploit module that exploits a vulnerability in Ruby's Distributed Ruby (DRuby) service. Specifically, it targets how DRuby handles remote system calls ( ). The exploit allows a