Section: .. / 0912-exploits /

Page 6 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 125 - 150 of 600

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	oracle_dc_submittoexpress.rb.txt
Description:	This Metasploit module exploits a stack overflow in Oracle Document Capture 10g (10.1.3.5.0). Oracle Document Capture 10g comes bundled with a third party ActiveX control emsmtp.dll (6.0.1.0). When passing a overly long string to the method "SubmitToExpress" an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	3101
Related OSVDB(s):	38335
Related CVE(s):	CVE-2007-4607
Last Modified:	Dec 30 22:16:30 2009
MD5 Checksum:	90f704e94ac7935091f0e66cc3347471

/// File Name:	ipb-morexss.txt
Description:	It appears that additional cross site scripting vulnerabilities exist in Invision Power Board using attachments as the attack vector.
Author:	MustLive
File Size:	3084
Last Modified:	Dec 14 20:40:26 2009
MD5 Checksum:	2f2b03b80c8b4b8dd10e56bbe2ee0972

/// File Name:	ezblog-xssxsrf.txt
Description:	Ez Blog version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
Author:	Milos Zivanovic
File Size:	3080
Last Modified:	Dec 15 17:07:08 2009
MD5 Checksum:	b4b4cdb5826e234dc4e30398679718e1

/// File Name:	uploadscript-discloseshell.txt
Description:	Uploadscript version 1.0 suffers from administrator password hash disclosure and shell upload vulnerabilities.
Author:	Mr.aFiR
Homepage:	http://www.aFiR.me/
File Size:	3076
Last Modified:	Dec 13 20:03:07 2009
MD5 Checksum:	9b391c52b5b6283b8e0fac120c4e2092

/// File Name:	plphp-lfi.txt
Description:	pL-PHP versions beta 0.9 and below local file inclusion exploit.
Author:	cr4wl3r
File Size:	3041
Last Modified:	Dec 31 21:41:18 2009
MD5 Checksum:	3cf2dac4c3b50b62856028e9eb1384c4

/// File Name:	joomlajobs-sql.txt
Description:	The Joomla JS Jobs component version 1.0.5.6 suffers from a remote SQL injection vulnerability.
Author:	kaMtiEz
Homepage:	http://www.indonesiancoder.com/
File Size:	3038
Last Modified:	Dec 10 11:27:29 2009
MD5 Checksum:	4514d041953de7159a545fe31a7728db

/// File Name:	despefreecell-xss.txt
Description:	Despe FreeCell suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	3028
Last Modified:	Dec 30 18:21:28 2009
MD5 Checksum:	c8e2b2b5064d991facb954e97565c43c

/// File Name:	msiis-parsing.txt
Description:	Microsoft IIS servers suffer from a semi-colon bug where any file can be executed as an Active Server Page.
Author:	Soroush Dalili
File Size:	2995
Last Modified:	Dec 29 15:59:24 2009
MD5 Checksum:	fa69b52eb5e40c6ae92b438cd0074d53

/// File Name:	ibm_tsm_cad_ping.rb.txt
Description:	This Metasploit module exploits a stack overflow in the IBM Tivoli Storage Manager Express CAD Service. By sending a "ping" packet containing a long string, an attacker can execute arbitrary code. NOTE: the dsmcad.exe service must be in a particular state (CadWaitingStatus = 1) in order for the vulnerable code to be reached. This state doesn't appear to be reachable when the TSM server is not running. This service does not restart.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	2984
Related OSVDB(s):	59632
Related CVE(s):	CVE-2009-3853
Last Modified:	Dec 30 22:22:45 2009
MD5 Checksum:	ee24c193eb411fe535df8a3850ee4693

/// File Name:	aw-overflow.txt
Description:	Audio Workshop version 6.4.2.4.0 universal local buffer overflow exploit that creates a malicious .pls file.Binds a shell to port 4444.
Author:	mr_me
File Size:	2979
Last Modified:	Dec 10 10:31:00 2009
MD5 Checksum:	1a73f07774dcd8a034406cd57917d8fc

/// File Name:	scribd-xss.txt
Description:	Scribd.com suffers from a cross site scripting vulnerability.
Author:	Nishant Soni
Homepage:	http://secworm.net/
File Size:	2975
Last Modified:	Dec 30 18:28:58 2009
MD5 Checksum:	8210e4b01b01708960439dc6eb9a5628

/// File Name:	imageshack-xss.txt
Description:	Imageshack.us suffers from a cross site scripting vulnerability.
Author:	Nishant Soni
Homepage:	http://secworm.net/
File Size:	2963
Last Modified:	Dec 15 16:14:23 2009
MD5 Checksum:	b7c5b73c90cd6bf235fb826633ca1791

/// File Name:	jpgraph306-xss.txt
Description:	JpGraph version 3.0.6 suffers from a cross site scripting vulnerability.
Author:	Martin Barbella
File Size:	2962
Last Modified:	Dec 22 16:24:04 2009
MD5 Checksum:	356815a7ccde37e81e7842028bd4b226

/// File Name:	symantec_altirisdeployment_runcmd.r..>
Description:	This Metasploit module exploits a stack overflow in Symantec Altiris Deployment Solution. When sending an overly long string to RunCmd() method of AeXNSConsoleUtilities.dll (6.0.0.1426) an attacker may be able to execute arbitrary code.
Author:	MC
Homepage:	http://www.metasploit.com
File Size:	2960
Related OSVDB(s):	60496
Related CVE(s):	CVE-2009-3033
Last Modified:	Dec 30 22:15:54 2009
MD5 Checksum:	e7bee240433f48b851a862df8e50ce02

/// File Name:	ezfaqmaker-xssxsrf.txt
Description:	Ez Faq Maker version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
Author:	Milos Zivanovic
File Size:	2926
Last Modified:	Dec 15 16:58:45 2009
MD5 Checksum:	934489546b0d805451802f7b45d51752

/// File Name:	ipbbackup-disclose.txt
Description:	Invision Power Board version 2.0.4 suffers from a backup related vulnerability.
Author:	indoushka
File Size:	2914
Last Modified:	Dec 31 20:47:13 2009
MD5 Checksum:	7e4b748aaa1584aa2ecb56788e24a090

/// File Name:	idevaffiliate-xss.txt
Description:	iDevAffiliate version 4.0 suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	2891
Last Modified:	Dec 30 18:09:58 2009
MD5 Checksum:	fbeebc10857ceb891de0359e079ae40f

/// File Name:	eureka-overflow.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message.
Author:	Dr_IDE,Francis Provencher,dookie
Homepage:	http://www.metasploit.com
File Size:	2867
Last Modified:	Dec 10 17:18:20 2009
MD5 Checksum:	df43a0282459a241e90c5b7e2feacddc

/// File Name:	eureka_mail_err.rb.txt
Description:	This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message. NOTE: this exploit isn't very reliable. Unfortunately reaching the vulnerable code can only be done when manually checking mail (Ctrl-M). Checking at startup will not reach the code targeted here.
Author:	Dr_IDE,Francis Provencher,dookie,jduck
Homepage:	http://www.metasploit.com
File Size:	2853
Related OSVDB(s):	59262
Related CVE(s):	CVE-2009-3837
Last Modified:	Dec 30 22:23:29 2009
MD5 Checksum:	6cf9e60c1d3f8e4b11891d6b756b3249

/// File Name:	corelanc0d3r_quickplayer_xpsp3.pl.t..>
Description:	M.J.M. Quick Player version 1.2 stack buffer overflow exploit that creates a malicious .m3u file.
Author:	corelanc0d3r
File Size:	2847
Last Modified:	Dec 30 13:44:12 2009
MD5 Checksum:	e7a901e51a5d66b4aa2af1435160f708

/// File Name:	articlelive2005-xss.txt
Description:	ArticleLive PHP version 2005.0.0 suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	2821
Last Modified:	Dec 30 17:04:03 2009
MD5 Checksum:	2faf4281786c7bfdc6e24297b431b943

/// File Name:	hp_loadrunner_addfile.rb.txt
Description:	This Metasploit module exploits a stack overflow in Persits Software Inc's XUpload ActiveX control(version 3.0.0.3) thats included in HP LoadRunner 9.5. By passing an overly long string to the AddFile method, an attacker may be able to execute arbitrary code.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	2814
Related OSVDB(s):	40762
Related CVE(s):	CVE-2008-0492
Last Modified:	Dec 30 22:11:33 2009
MD5 Checksum:	2bc076f50063d771eb3c9d51361b66d5

/// File Name:	aptgp-xss.txt
Description:	Aptgp version 1.3.0c suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	2802
Last Modified:	Dec 30 18:05:01 2009
MD5 Checksum:	4b0a7e4118bbed0d901ff8cd0c5f2833

/// File Name:	kayako-xssxsrf.txt
Description:	Kayako suffers from cross site scripting and cross site request forgery vulnerabilities.
Author:	D3V!L FucK3r
File Size:	2762
Last Modified:	Dec 31 21:35:32 2009
MD5 Checksum:	f3f4122edf3b88794833106fdf1e15d7

/// File Name:	thedailyshow.pl.txt
Description:	Mozilla Codesighs proof of concept memory corruption exploit.
Author:	Jeremy Brown
File Size:	2743
Last Modified:	Dec 12 00:55:30 2009
MD5 Checksum:	3196f3ec1c19aa0a7b5df2325d8c36e4