Section: .. / 0501-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 92

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	OWL-Intranet.txt
Description:	OWL versions 0.7 and 0.8 suffer from cross site scripting and SQL injection vulnerabilities.
Author:	Joxean Koret
File Size:	2296
Last Modified:	Jan 2 21:51:05 2005
MD5 Checksum:	ccfd6b1bbecbce6fd29bd93463b5a4ff

/// File Name:	peer2mail.c
Description:	Peer2Mail Encrypt passdumper exploit version 1.0. Versions 1.4 and below are affected. Tested on Win XP SP2.
Author:	ATmaCA
Homepage:	http://www.atmacasoft.com/
File Size:	3681
Last Modified:	Jan 19 07:01:44 2005
MD5 Checksum:	e6376162f2a711928b65864775d81550

/// File Name:	PhotoPost.txt
Description:	GulfTech Security Research - PhotoPost PHP versions 4.8.6 and below suffer from cross site scripting and SQL injection flaws. Sample exploitation given.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3096
Last Modified:	Jan 5 05:08:39 2005
MD5 Checksum:	a8252c4a7a9a930d42220a299a3a2a0f

/// File Name:	phpbb.ssh.D.txt
Description:	New version of the phpBB worm with bot install that makes use of Altavista.
Author:	priv8crew
File Size:	2084
Last Modified:	Jan 7 02:35:35 2005
MD5 Checksum:	a85a8594d27153953b6a73ffdef9fac0

/// File Name:	phpEventCalendar.txt
Description:	phpEventCalendar version 0.2 does not check title and event text when the data is inserted in the database, allowing for arbitrary HTML injection.
Author:	Madelman
File Size:	1957
Last Modified:	Jan 27 04:33:50 2005
MD5 Checksum:	e9a569c32f80bca6c0ffb8d8af9ac8ff

/// File Name:	phpGiftReq.txt
Description:	phpGiftReq 1.4.0 suffers from multiple SQL injection flaws that allow for manipulation of the database.
Author:	Madelman
File Size:	2259
Last Modified:	Jan 16 20:11:13 2005
MD5 Checksum:	7c0a1e1bb740848737f21d9abdbd4990

/// File Name:	PSA05-010.txt
Description:	Portcullis Security Advisory - The Emotion MediaPartner Web Server version 5.0 suffers from a classic directory traversal attack.
Author:	Paul J Docherty
File Size:	2758
Last Modified:	Jan 12 06:15:11 2005
MD5 Checksum:	59e110b694a46434de374cc8fd97ea9b

/// File Name:	QWikiwiki.txt
Description:	QWikiwiki 1.4.1 is susceptible to a directory traversal vulnerability. Detailed exploitation provided.
Author:	Madelman
File Size:	2308
Last Modified:	Jan 5 06:05:08 2005
MD5 Checksum:	c3fff0ed07b6980af216deb6169b95d7

/// File Name:	r57ita.pl.txt
Description:	ITA Forum 1.49 SQL injection exploit with one character bruteforce.
Author:	1dt.w0lf
Homepage:	http://www.rst.void.ru
File Size:	3059
Last Modified:	Jan 16 06:47:08 2005
MD5 Checksum:	3ab14d20f51df4e0eadc1c0611e59d23

/// File Name:	ReviewPost.txt
Description:	GulfTech Security Research - ReviewPost PHP Pro versions below 2.84 suffer from cross site scripting and SQL injection attacks. Sample exploitation given.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	3097
Last Modified:	Jan 5 05:06:29 2005
MD5 Checksum:	cc9424064ae6b740688d1fdf641acd1d

/// File Name:	scanner_ndde.c
Description:	Microsoft Windows NetDDE scanner that makes use of a remote code execution vulnerability due to an unchecked buffer.
Author:	Gogu Gigi
File Size:	7286
Last Modified:	Jan 5 05:46:04 2005
MD5 Checksum:	e35e458299ec6ed53336864a059dc467

/// File Name:	siteman.noam.txt
Description:	Siteman versions 1.1.10 and below remote administrative account addition exploit.
Author:	Noam Rathaus
Related Exploit:	siteman.txt"
File Size:	1375
Last Modified:	Jan 27 05:03:14 2005
MD5 Checksum:	23d964d6078eb95f5bdac2764881067c

/// File Name:	siteman.pl.txt
Description:	Siteman version 1.0.x remote perl exploit that adds an administrative account.
Author:	shoaliesefid7
Related Exploit:	siteman.txt"
File Size:	1655
Last Modified:	Jan 25 08:12:37 2005
MD5 Checksum:	1b882d55dd0ffddcd81e52c52d19acba

/// File Name:	siteman.txt
Description:	Siteman version 1.0.x is susceptible to administrative account injection due to a lack of variable sanitization.
Author:	amironline452
Homepage:	http://www.PersianHacker.NET
File Size:	2214
Last Modified:	Jan 25 06:57:48 2005
MD5 Checksum:	e7f1d769b91cd789605ad132f89bee9c

/// File Name:	siteman119.txt
Description:	Siteman version 1.1.9 is susceptible to cross site scripting attacks.
Author:	Pi3ch
Homepage:	http://www.persianhacker.net
File Size:	913
Last Modified:	Jan 16 07:19:52 2005
MD5 Checksum:	dfbac9435848a88522bc7e07e3e2fcb1

/// File Name:	soldnersock.zip
Description:	Remote proof of concept exploit for Soldner that demonstrates a socket termination when an oversized UDP packet is sent to the server.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	soldersock.txt
File Size:	7920
Last Modified:	Jan 5 05:59:52 2005
MD5 Checksum:	97f85864195a95985c845b23f9848a3d

/// File Name:	sparkleBlog.txt
Description:	Direct access to administrative pages in SparkleBlog do not require any authentication. Additionally, is it susceptible to cross site scripting flaws.
Author:	Kovacs Laszlo
File Size:	1336
Last Modified:	Jan 18 06:36:42 2005
MD5 Checksum:	12b17d789a87a73a6e5108db00648558

/// File Name:	sphpBlog037.txt
Description:	SPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
Author:	Madelman
File Size:	1876
Last Modified:	Jan 11 02:13:50 2005
MD5 Checksum:	d3805dea18227681095923838e0572c2

/// File Name:	ss11012005.txt
Description:	MPM Guestbook Pro 1.05 is susceptible to file inclusion and directory traversal attacks.
Author:	SmOk3
File Size:	1465
Last Modified:	Jan 16 06:57:33 2005
MD5 Checksum:	ad15ccd53989598e026abe7b2a496c88

/// File Name:	SSA-20050113-25.txt
Description:	STG Security Advisory: An input validation flaw in ZeroBoard can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	4657
Last Modified:	Jan 16 05:50:00 2005
MD5 Checksum:	60037566ae608048fb38bbba03815d95

/// File Name:	SSA-20050120-22.txt
Description:	STG Security Advisory: JSBoard versions 2.0.9 and below suffer from an input validation flaw that allows for arbitrary file reading.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	1557
Last Modified:	Jan 25 06:18:39 2005
MD5 Checksum:	3b1609ac471d68125c376daa4ee846e6

/// File Name:	SSA-20050120-24.txt
Description:	STG Security Advisory: GForge versions 3.3 and below are susceptible to directory traversal attacks.
Author:	Jeremy Bae
Homepage:	http://stgsecurity.com/
File Size:	3073
Last Modified:	Jan 25 06:18:06 2005
MD5 Checksum:	fd452561768d50aeceeb2481b57d86e1

/// File Name:	stackgrow.c
Description:	expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
Author:	Christophe Devine
Related File:	isec-0022-pagefault.txt
File Size:	4853
Related CVE(s):	CAN-2005-0001
Last Modified:	Jan 15 23:49:05 2005
MD5 Checksum:	1a0272676e96d9794dcc23e6e345f3de

/// File Name:	stackgrow2.c
Description:	Full version of the expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
Author:	Christophe Devine
Related File:	isec-0022-pagefault.txt
File Size:	8366
Related CVE(s):	CAN-2005-0001
Last Modified:	Jan 16 07:30:14 2005
MD5 Checksum:	4f314b5f96fa72c44fff19048f9962b6

/// File Name:	sugarCRM.txt
Description:	Cross site scripting and possible code execution vulnerabilities exists in SugarCRM versions 1.x.
Author:	Joxean Koret
File Size:	2551
Last Modified:	Jan 2 21:52:22 2005
MD5 Checksum:	4165b81336419e069b3cef37301cc62e