Section:  .. / 0503-exploits  /

Page 4 of 6
<< 1 2 3 4 5 6 >> Files 75 - 100 of 142
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: xosx-cf.c
Description:
Local root exploit for /usr/bin/su on Mac OS X that makes use of the buffer overflow vulnerability discovered by iDefense using the CF_CHARSET_PATH environment variable.
Author:vade79
Homepage:http://fakehalo.us/
Related File:03.21.05.txt
File Size:2454
Related CVE(s):CAN-2005-0716
Last Modified:Mar 24 06:38:21 2005
MD5 Checksum:f6fb2b97ea877182983ee16dafacce16

 ///  File Name: phpFusion501.txt
Description:
The setuser.php script from Digitanium for PHP-Fusion version 5.01 is vulnerable to cross site scripting attacks.
Author:Pi3cH
Homepage:http://www.PersianHacker.NET
File Size:2424
Last Modified:Mar 22 15:52:22 2005
MD5 Checksum:6952e575b4e05dcbd885bf65bdedad89

 ///  File Name: HRG009.txt
Description:
A flaw in PBLang 4.63 allows logged in users to delete another user's PM.
Author:Raven
Homepage:http://www.Hackerlounge.com
File Size:2395
Last Modified:Mar 3 08:12:49 2005
MD5 Checksum:33ca2b9e8c8e5709390dfceaf4a503eb

 ///  File Name: phpbb2013user.txt
Description:
phpBB versions 2.0.13 and below remote user level exploit that makes use of an input validation flaw.
Author:Morinex
File Size:2333
Last Modified:Mar 25 18:06:19 2005
MD5 Checksum:18e105940de7be6728d171433a7a61a8

 ///  File Name: phpCoin.txt
Description:
There is a file inclusion and three SQL injection vulnerabilities in phpCoin versions 1.2.1b and below.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:2310
Last Modified:Apr 2 06:52:19 2005
MD5 Checksum:8eb196d960961c4d2af5d20984a065bd

 ///  File Name: dcrab-e-xoops.txt
Description:
Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.
Author:dcrab
Homepage:http://icis.digitalparadox.org/~dcrab
File Size:2221
Last Modified:Mar 28 12:53:42 2005
MD5 Checksum:c403d0741fe94de0e0392d54e9113057

 ///  File Name: einstein101.txt
Description:
Einstein versions 1.01 and below local password disclosure exploit.
Author:Kozan, ATmaCA
Homepage:http://www.netmagister.com
File Size:2200
Last Modified:Mar 1 00:30:11 2005
MD5 Checksum:c55ebe92966f7294f9cbea76d60c2610

 ///  File Name: limehack.pl
Description:
Limewire directory traversal exploit. Exploits bug in versions 4.1.2 - 4.5.6, inclusive.
Author:Marco van Berkum
Homepage:http://jammerjoh.xs4all.nl
Related Exploit:limewire480.txt"
File Size:2198
Last Modified:Mar 27 12:26:18 2005
MD5 Checksum:dfa8a4ee0a01e7310d4c9ee1e46e77c3

 ///  File Name: thaiXSS.txt
Description:
THai's Shoutbox is susceptible to a cross site scripting bug.
Author:CorryL
Homepage:http://www.x0n3-h4ck.org
File Size:2128
Last Modified:Mar 29 07:01:32 2005
MD5 Checksum:29757cec0a44beb39486c0c2b8f7c0c8

 ///  File Name: phpbb2012.txt
Description:
phpBB versions 2.0.12 and below have a flaw that allows for access to the admin control panel without authorization.
Author:pureone
File Size:2115
Last Modified:Mar 17 08:27:08 2005
MD5 Checksum:180b7115c911bb564834895cd700d751

 ///  File Name: postnukeXSS.txt
Description:
PostNuke 0.760-RC2 is susceptible to cross site scripting attacks. Detail exploitation provided.
Author:Maksymilian Arciemowicz
File Size:2078
Last Modified:Mar 1 22:55:17 2005
MD5 Checksum:0a5641d103dbda1a85c6c2d109311008

 ///  File Name: ad20050303.txt
Description:
Local exploitation of a design error vulnerability in the Gene6 FTP Server could allow the attacker to gain elevated Priveleges,usually the SYSTEM.
Author:Sowhat
Homepage:http://secway.org/Advisory/ad20050303.txt
File Size:2064
Last Modified:Mar 15 05:27:36 2005
MD5 Checksum:ec285f76a3e0c6af3967075b7fe16a7a

 ///  File Name: kernel26lowmem.txt
Description:
An integer overflow flaw exists in sys_epoll_wait in the Linux kernel 2.6 series in versions equal to or below 2.6.11. Sample exploitation provided.
Author:Georgi Guninski
File Size:2060
Last Modified:Mar 15 07:15:05 2005
MD5 Checksum:46cd73464c9edcec833e5046efbddce9

 ///  File Name: phpbbsession.c
Description:
phpBB 2.0.x session handling administrator authentication bypass exploit.
Author:Paisterist
File Size:2026
Last Modified:Mar 1 08:08:14 2005
MD5 Checksum:00b09ac5e565503c7197e17f2d94945b

 ///  File Name: phpweblog053.txt
Description:
phpWebLog versions 0.5.3 and below are susceptible to an arbitrary file inclusion flaw.
Author:Filip Groszynski
Homepage:http://shell.homeunix.org
File Size:1958
Last Modified:Mar 15 05:37:55 2005
MD5 Checksum:ed643f1a87cf325af80877019241152c

 ///  File Name: projectBB0451.txt
Description:
ProjectBB version 0.4.5.1 is susceptible to cross site scripting and SQL injection vulnerabilities. Advisory is in French.
Author:Benjilenoob
File Size:1947
Last Modified:Mar 15 07:07:36 2005
MD5 Checksum:c18e9f85fd1d9ddf9d45fd469c4d164e

 ///  File Name: phpBBsession.txt
Description:
phpBB version 2.0.12 session handling authentication bypass exploit.
Author:Ali7
File Size:1940
Last Modified:Mar 17 06:47:02 2005
MD5 Checksum:6bb316681cfa0e5c7242c144517d9e9e

 ///  File Name: invision203.txt
Description:
Invision Power Board version 2.0.3 is susceptible to cross site scripting attacks.
Author:hoang yen
File Size:1940
Last Modified:Mar 30 10:44:56 2005
MD5 Checksum:50b26457115de6ae46e31dd967810418

 ///  File Name: platinumDoS.c
Description:
Platinum FTP versions 1.0.18 and below remote denial of service exploit.
Author:Exoduks
Related File:platinumftp.txt
File Size:1934
Last Modified:Mar 17 08:46:03 2005
MD5 Checksum:a94d0bae8f99fc03f7423decb22d3d31

 ///  File Name: dcrab-paypal.txt
Description:
Various cross-site scripting and (possible) SQL injection vulnerabilities exist in ESMIstudio's PayPal storefront scripts. It may not always be possible to exploit some of these depending on how PHP, Apache, and MySQL have been configured, however.
Author:Dcrab
Homepage:http://icis.digitalparadox.org/~dcrab/
File Size:1929
Last Modified:Mar 26 00:40:07 2005
MD5 Checksum:bd48a913809534b86c6b01d28239201d

 ///  File Name: 897.cpp
Description:
phpBB versions 2.0.12 and below Change User Rights authentication bypass exploit.
Homepage:http://www.milw0rm.com/
File Size:1911
Last Modified:Mar 30 10:43:02 2005
MD5 Checksum:87b1a7d3b64fc21371f9332c95baf906

 ///  File Name: ms04038.c
Description:
Exploit for Internet Explorer (mshtml.dll) that makes use of a buffer overflow when parsing Cascading Style Sheets (CSS) files. This code creates a .css file that exploits the flaw. Reported in MS04-038.
Author:Mansoor to shooq
File Size:1894
Last Modified:Mar 15 07:22:10 2005
MD5 Checksum:983f2cfe531be8432cd1b2b03a811652

 ///  File Name: psnup.pl.txt
Description:
Proof of concept exploit for PostScript utility psnup from the psutils-p17 package.
Author:lammat
File Size:1830
Last Modified:Mar 22 17:04:24 2005
MD5 Checksum:6e1e08b64ca889071c2cc7db98453481

 ///  File Name: goldenFTP192.txt
Description:
Golden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.
Author:Carlos Ulver
Homepage:http://www.debarry2.com.br/carlos
File Size:1821
Last Modified:Mar 3 09:06:12 2005
MD5 Checksum:bed2eb002971805d613a3305ca538276

 ///  File Name: kayakoXSS2.txt
Description:
Kayako eSupport version 2.3 is susceptible to multiple cross site scripting attacks.
Author:James Bercegay
File Size:1784
Last Modified:Mar 24 06:43:25 2005
MD5 Checksum:e178ffb3f374a8a65248e81119eff5f2