Section: .. / 0411-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 77

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	mp-invision.txt
Description:	An input validation vulnerability in Invision Power Board version 2.x allows a remote user the ability to conduct SQL injection attack.
Homepage:	http://www.maxpatrol.com
File Size:	2099
Last Modified:	Nov 20 22:59:45 2004
MD5 Checksum:	172eba93ee042464d0c8803a4e663fab

/// File Name:	wchannelPriv.txt
Description:	Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux that allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system.
Author:	Yuri Gushin, Alex Behar, Valentin Slalov
File Size:	2091
Last Modified:	Dec 11 19:04:53 2004
MD5 Checksum:	35ed88030fee586dc75fd7aed730ad46

/// File Name:	phpwebsite.txt
Description:	phpWebSite 0.9.3-4 is susceptible to an HTTP response splitting vulnerability.
Author:	Maestro
File Size:	2005
Last Modified:	Nov 13 00:47:34 2004
MD5 Checksum:	f84a1df64f88dc3f3e8f541a2fca2859

/// File Name:	mp-ldu.txt
Description:	MaxPatrol Advisory - Land Down Under version 701 suffers from multiple SQL injection vulnerabilities and a path disclosure flaw.
Homepage:	http://www.maxpatrol.com/
File Size:	1995
Last Modified:	Nov 2 02:20:36 2004
MD5 Checksum:	fe76194db83bf381c91dca9983e9611e

/// File Name:	cccitftp-adv.txt
Description:	Chesapeake TFTP server version 1.0 is susceptible to a classic directory traversal attack that allows an attacker to upload and download files anywhere on the disk. This server is also susceptible to a denial of service flaw.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
File Size:	1964
Last Modified:	Nov 2 02:29:11 2004
MD5 Checksum:	34cc374333823f7ecbea15fee1812b10

/// File Name:	eudora62014.txt
Description:	Eudora 6.2.14 for Windows that was just released is still susceptible to an attachment spoofing vulnerability. Working exploit included.
Author:	Paul Szabo
File Size:	1815
Last Modified:	Nov 20 19:53:13 2004
MD5 Checksum:	e9515fc1cf11e9494efc450dd93f8140

/// File Name:	lostmonGmail.txt
Description:	Gmail suffers from multiple vulnerabilities including denial of service and cross site scripting flaws.
Author:	Lostmon
File Size:	1668
Last Modified:	Dec 11 19:12:16 2004
MD5 Checksum:	fe1ee1fe5d98fbd5ed7cd9c0967cc22e

/// File Name:	dmsPOP3.txt
Description:	A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 and prior versions. Demonstration exploit included.
Author:	Reed Arvin
File Size:	1648
Last Modified:	Nov 20 23:21:49 2004
MD5 Checksum:	d0b5cdae27042d688d59e55c6e8046ac

/// File Name:	phpnews.txt
Description:	Simple remote exploit for the SQL injection vulnerability discovered in PHPNews.
Author:	ruggine
Related File:	sa13300.txt
File Size:	1638
Last Modified:	Dec 11 23:24:10 2004
MD5 Checksum:	3542945d30741fed34e9faa2fc32c92a

/// File Name:	mercury.c
Description:	Mercury Mail 4.01 (Pegasus) IMAP remote buffer overflow exploit.
Author:	Muts
Homepage:	http://www.whitehat.co.il
File Size:	1637
Last Modified:	Dec 12 00:24:30 2004
MD5 Checksum:	f016a7e00aaf8c91e97a3f1f0e9aa791

/// File Name:	cht-2004.txt
Description:	Web Forums Server versions 1.6 and 2.0 suffer from directory traversal attacks and also store passwords in cleartext.
Author:	R00tCr4ck
Homepage:	http://www.CyberSpy.Org
File Size:	1488
Last Modified:	Nov 5 05:00:21 2004
MD5 Checksum:	14e19abbf9003b20cdd70064c076608c

/// File Name:	phpbb.php.txt
Description:	Remote command execution exploit for phpBB 2.0.10 that makes use of a flaw in the viewtopic.php code.
Author:	How Dark, pokleyzz
Homepage:	http://www.howdark.com
File Size:	1481
Last Modified:	Nov 20 23:55:49 2004
MD5 Checksum:	f921925d25c8aefc535037fe9d34cefd

/// File Name:	SSA-20041122-12.txt
Description:	STG Security Advisory: Due to an input validation flaw, Zwiki is vulnerable to cross site scripting attacks.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	1416
Last Modified:	Dec 11 20:07:18 2004
MD5 Checksum:	ee307c282c2b83d763b5b423918746e0

/// File Name:	SSA-20041122-11.txt
Description:	STG Security Advisory: Due to an input validation flaw, JSPWiki is vulnerable to cross site scripting attacks.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	1396
Last Modified:	Dec 11 20:06:28 2004
MD5 Checksum:	cea8374c7e4fd06bbe51b34084d7006e

/// File Name:	mailtraq.txt
Description:	A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Mailtraq Version 2.6.1.1677 is vulnerable.
Author:	Reed Arvin
File Size:	1383
Last Modified:	Nov 20 23:25:31 2004
MD5 Checksum:	570f63e06a088944b32ac1db1e0bb12f

/// File Name:	phpkitSQLXSS.txt
Description:	PHP KIT versions 1.6.03 through 1.6.1 suffer from SQL injection and cross site scripting vulnerabilities. Demonstration exploitation included.
Author:	Steve
File Size:	1263
Last Modified:	Dec 11 19:13:41 2004
MD5 Checksum:	a6c57e9918b15f57703753c4b8f197dd

/// File Name:	b4b0-phpbb.tgz
Description:	PhpBB v1.0.0 - 2.0.10 remote exploit which takes advantage of a bug in admin_cash.php. Opens a back door on a tcp port.
Author:	evilrabbi
File Size:	1202
Last Modified:	Nov 24 07:24:24 2004
MD5 Checksum:	3f3f2f16c17761e910f11a2cb42cc9c0

/// File Name:	pntresmailer.txt
Description:	PnTresMailer code browser version 6.03 is susceptible to path disclosure and directory traversal attacks.
Author:	John C.
File Size:	1011
Last Modified:	Dec 11 23:13:05 2004
MD5 Checksum:	62590d39a08e1474f473776fb3efc8d7

/// File Name:	zonelabsFilter.txt
Description:	By using hex encoded characters, it is possible to bypass the Zone Labs IMsecure and IMsecure Pro Active Link filters in versions prior to 1.5.
Author:	Paul Kurczaba
File Size:	992
Last Modified:	Nov 13 00:53:10 2004
MD5 Checksum:	b6d55cd6030469199d8a4f9c0562c539

/// File Name:	mdaemon72.txt
Description:	A local privilege escalation vulnerability exists with MDaemon 7.2 that allows a user to gain SYSTEM level access.
Author:	Reed Arvin
File Size:	878
Last Modified:	Dec 11 23:58:08 2004
MD5 Checksum:	ab98079c7abf569bb92b4d337713545b

/// File Name:	aclient.txt
Description:	Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.
Author:	Reed Arvin
File Size:	870
Last Modified:	Nov 20 23:30:46 2004
MD5 Checksum:	1be9fdc191a6ebdcdd6f90985f998910

/// File Name:	technote-commandexec.txt
Description:	Technote web board products are susceptible to a remote command execution vulnerable that has been around since 2000.
File Size:	820
Last Modified:	Nov 5 05:34:39 2004
MD5 Checksum:	d650e7cdaac5835672b963aa4cf9886d

/// File Name:	hppsc2510.txt
Description:	The HP PSC 2510 runs an FTP daemon that is not configurable and allows anyone to upload a file to be printed without any authentication.
Author:	Justin Rush
File Size:	680
Last Modified:	Nov 13 01:00:44 2004
MD5 Checksum:	9b0747282dd6250fc93d6d79edfff70e

/// File Name:	ipbSQL.txt
Description:	IPB Pro Arcade versions 1.x and 2.x are susceptible to SQL injection attacks. Exploitation included.
Author:	axl daivy
File Size:	647
Last Modified:	Dec 11 19:03:28 2004
MD5 Checksum:	a64714c0a7ef56e2584fa62a39ec3ced

/// File Name:	zyxelreset.txt
Description:	It is possible to reset a ZyXEL Prestige 650 HW router without any authentication.
Author:	Francisco Canela
File Size:	453
Last Modified:	Dec 11 19:09:42 2004
MD5 Checksum:	8b544d5f5b1fe8c8a2e41411ca72f09f