Section: .. / 0906-exploits /

Page 3 of 10
<< 1 2 3 4 5 6 7 8 9 10 >> Files 50 - 75 of 247

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	4images-bypassxss.txt
Description:	4images versions 1.7.7 and below suffer from filter bypass HTML injection and cross site scripting vulnerabilities.
Author:	Qabandi
File Size:	4849
Last Modified:	Jun 12 12:12:28 2009
MD5 Checksum:	d8ce3c2486af81ddd03d17aae31b9212

/// File Name:	fretsweb-lfi.txt
Description:	FretsWeb version 1.2 suffers from multiple local file inclusion vulnerabilities.
Author:	YEnH4ckEr
File Size:	4777
Last Modified:	Jun 17 18:51:31 2009
MD5 Checksum:	f9fdca1ebfa9d698242afc7e9534c340

/// File Name:	modsecurity-bypass.txt
Description:	ModSecurity versions 2.5.9 and below using ModSecurity Core Rules versions 2.5-1.6.1 and below suffer from a HPP filter bypass vulnerability.
Author:	Lavakumar Kuppan
File Size:	4777
Last Modified:	Jun 11 18:16:04 2009
MD5 Checksum:	b5a27ad15579c0a3d205f693d558d173

/// File Name:	myfusion-lfi.txt
Description:	MyFusion version 6b suffers from a local file inclusion vulnerability.
Author:	CraCkEr
File Size:	4765
Last Modified:	Jun 25 19:52:48 2009
MD5 Checksum:	bf046abf44c509dcd9d8da4b6d5e7dae

/// File Name:	hpdp1-dos.txt
Description:	Proof of concept exploit for a memory disclosure / denial of service vulnerability in HP Data Protector version 4.00-sp1 43064.
Author:	Nibin
File Size:	4722
Last Modified:	Jun 23 20:13:37 2009
MD5 Checksum:	b69a9706b28026ce7773411ba89efc2a

/// File Name:	anguestbook-lfi.txt
Description:	AN Guestbook version 0.7.8 suffers from a local file inclusion vulnerability.
Author:	CraCkEr
File Size:	4719
Last Modified:	Jun 24 20:08:48 2009
MD5 Checksum:	f66016ecc80c036b5d9faa22667bc445

/// File Name:	elgg-xssxsrf.txt
Description:	The Elgg CMS versions below 1.00 suffer from cross site scripting, cross site request forgery, and change password vulnerabilities.
Author:	ThE Lorddemon
File Size:	4530
Last Modified:	Jun 22 22:21:03 2009
MD5 Checksum:	70e99f7e03aeb12b21b2ca34c2b2ba6a

/// File Name:	kjtechforce-sqldelete.txt
Description:	Kjtechforce Mailman Beta-1 suffers from a remote SQL injection delete row vulnerability.
Author:	YEnH4ckEr
Related Exploit:	kjtechforce-blindsql.txt
File Size:	4512
Last Modified:	Jun 5 16:28:00 2009
MD5 Checksum:	d1a66bb2ae132b236d24dab8f412bf98

/// File Name:	shopscript-sql.txt
Description:	Shop Script Pro version 2.12 remote SQL injection exploit.
Author:	Ams
File Size:	4476
Last Modified:	Jun 8 19:54:13 2009
MD5 Checksum:	d9225f8d1642d0ea072a71b40d94f667

/// File Name:	baofengmp-overflow.txt
Description:	The Baofeng Media Player Storm version 3.9.62 suffers from a playlist related stack overflow vulnerability.
Author:	Jambalaya
Homepage:	http://www.nevisnetworks.com/
File Size:	4385
Last Modified:	Jun 29 14:48:29 2009
MD5 Checksum:	cb59d2c57ab02e207f269b7db60dea7a

/// File Name:	splog-sql.txt
Description:	Splog versions 1.2 Beta and below suffer from multiple remote SQL injection vulnerabilities.
Author:	YEnH4ckEr
File Size:	4299
Last Modified:	Jun 11 17:18:11 2009
MD5 Checksum:	cdd79d023e6a6aed8039def8a1a68212

/// File Name:	greendam_url.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in Green Dam Youth Escort version 3.17 in the way it handles overly long URLs. By setting an overly long URL, an attacker can overrun a buffer and execute arbitrary code. This module uses the .NET DLL memory technique by Alexander Sotirov and Mark Dowd and should bypass DEP, NX and ASLR.
Author:	Trancer
Homepage:	http://www.rec-sec.com/
File Size:	4266
Last Modified:	Jun 16 18:38:11 2009
MD5 Checksum:	5a08d81c955f53de749118fe4a316053

/// File Name:	hostdirpro-passwd.txt
Description:	Host Directory PRO version 2.1.0 remote administrative password changing exploit.
Author:	TiGeR-Dz
Homepage:	http://www.h4ckf0u.com/
File Size:	4240
Last Modified:	Jun 4 19:39:02 2009
MD5 Checksum:	17fe642cb6399b0b40567b3e755e643a

/// File Name:	punbbaffiliations-blindsql.txt
Description:	Versions 1.1 and below of the OUT module in PunBB suffers from a remote blind SQL injection vulnerability in Affiliations.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4226
Last Modified:	Jun 29 17:43:48 2009
MD5 Checksum:	8a70c90bed65350e655e76736ac8712c

/// File Name:	oxygen2php113-blindsql.txt
Description:	Oxygen2PHP versions 1.1.3 and below remote blind SQL injection exploit that leverages forumdisplay.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4222
Last Modified:	Jun 29 17:38:32 2009
MD5 Checksum:	5d40aaf3e05cad04abf109ed9318dc57

/// File Name:	punbbaffiliationsin-blindsql.txt
Description:	Versions 1.1 and below of the IN module in PunBB suffers from a remote blind SQL injection vulnerability in Affiliations.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4222
Last Modified:	Jun 29 19:19:52 2009
MD5 Checksum:	3c330bf97acb5e107000af739551fbca

/// File Name:	punbbvoteforusout-blindsql.txt
Description:	Versions 1.0.1 and below of the OUT module in PunBB suffer from a remote blind SQL injection vulnerability in VoteForUs.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4209
Last Modified:	Jun 29 19:18:14 2009
MD5 Checksum:	cb517c883119f24e4a14b567ed5ea258

/// File Name:	oxygen2php113post-blindsql.txt
Description:	Oxygen2PHP versions 1.1.3 and below remote blind SQL injection exploit that leverages post.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4207
Last Modified:	Jun 29 17:39:35 2009
MD5 Checksum:	43cf8289da304d0aaa6a5070b2780ba9

/// File Name:	punbbvoteforus-blindsql.txt
Description:	Versions 1.0.1 and below of the IN module in PunBB suffer from a remote blind SQL injection vulnerability in VoteForUs.php.
Author:	Dante90
Homepage:	http://www.warwolfz.org/
File Size:	4205
Last Modified:	Jun 29 17:45:21 2009
MD5 Checksum:	56c9d705101a445b2a4546414f92ae76

/// File Name:	scms-sql.txt
Description:	S-CMS versions 2.0 Beta3 and below suffer from multiple remote SQL injection vulnerabilities.
Author:	YEnH4ckEr
File Size:	4205
Last Modified:	Jun 10 16:52:45 2009
MD5 Checksum:	f7297544906ef9ecc07a7a6e2d5550fd

/// File Name:	phpmyadminrcesh.txt
Description:	phpMyAdmin /scripts/setup.php PHP code injection remote command execution proof of concept exploit. Versions 3.0.1.1 and below are affected.
Author:	pagvac
File Size:	4197
Related CVE(s):	CVE-2009-1151
Last Modified:	Jun 10 18:24:10 2009
MD5 Checksum:	59f3c5673bb3b69956d8432c0e7b8a9a

/// File Name:	firestats-rfi.txt
Description:	The WordPress FireStats plugin versions 1.6.1 and below suffer from a remote file inclusion vulnerability.
Author:	darkmasking
File Size:	4148
Last Modified:	Jun 13 23:35:24 2009
MD5 Checksum:	2113bb1937eb50d88f635f4724e706d8

/// File Name:	dbtopsites10-exec.txt
Description:	DB Top Sites version 1.0 remote command execution exploit.
Author:	SirGod
Homepage:	http://www.insecurity.ro/
File Size:	4093
Last Modified:	Jun 15 15:50:53 2009
MD5 Checksum:	7c40b84001425d40461b8fff28bc115d

/// File Name:	hpdp2-dos.txt
Description:	HP Data Protector is prone to a memory leak vulnerability. The same vector of exploitation can be used for denial of service attack if an invalid memory address is accessed. This is a Metasploit module that demonstrates this vulnerability.
Author:	Nibin
File Size:	4065
Related CVE(s):	CVE-2009-0714
Last Modified:	Jun 23 20:17:14 2009
MD5 Checksum:	b6eabba86941c72850c9db95f38e71de

/// File Name:	whoisadmin-bypass.txt
Description:	WHOISCART suffers from an information disclosure vulnerability that allows for administrative bypass.
Author:	Black Dream
Homepage:	http://www.sec-r1z.com/
File Size:	4045
Last Modified:	Jun 29 11:21:37 2009
MD5 Checksum:	30c4b1c065e1e327734a8a6a8208e378