Section:  .. / 0507-exploits  /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 92
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 0507-exploits.tgz
Description:
Packet Storm new exploits for July, 2005.
File Size:175523
Last Modified:Aug 5 08:02:35 2005
MD5 Checksum:b244db6b75485b65184830adfd1dfe38

 ///  File Name: BusMail_SMTPDOS.pl.txt
Description:
A buffer overflow in BusinessMail email server system 4.60.00 allows for a denial of service attack. Proof of concept exploit included.
Author:Reed Arvin
Homepage:http://reedarvin.thearvins.com/
File Size:1626
Last Modified:Aug 5 08:01:34 2005
MD5 Checksum:f3fa06fa76a7d8c2d9706b6e4b130403

 ///  File Name: phpList.txt
Description:
A SQL injection flaw exists in phpList. Proper exploitation requires that a user be authenticated.
Author:ziot
File Size:288
Last Modified:Aug 5 07:59:56 2005
MD5 Checksum:3587bfcc5b9052d5e35e53e784f6e583

 ///  File Name: eventum.pl.txt
Description:
MySQL AB Eventum versions 1.5.5 and below proof of concept SQL injection exploit.
Author:James Bercegay
Homepage:http://www.gulftech.org
Related Exploit:mysqlEventum.txt"
File Size:1700
Last Modified:Aug 5 07:56:55 2005
MD5 Checksum:e5b1ffe7254aad864d06c87eebd15e8f

 ///  File Name: mysqlEventum.txt
Description:
MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.
Author:James Bercegay
Homepage:http://www.gulftech.org
Related Exploit:eventum.pl.txt"
File Size:4063
Last Modified:Aug 5 07:55:59 2005
MD5 Checksum:c8b779ab6b2e1864f7cb003b1be9e023

 ///  File Name: phpeasynews.html
Description:
Phpeasynews version 1.13 RC2 is susceptible to cross site scripting, path disclosure, and user check bypass vulnerabilities.
Author:rgod
Homepage:http://www.rgod.altervista.org/
File Size:2144
Last Modified:Aug 5 07:54:05 2005
MD5 Checksum:88d33b4f87015b77fdc764fd3c416ee1

 ///  File Name: kayakoBad.txt
Description:
Kayako liveResponse versions 2.x suffer from cross site scripting, SQL injection, script insertion, and other vulnerabilities.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3929
Last Modified:Aug 5 07:48:34 2005
MD5 Checksum:d12783db84eb4ba42f09805d1c50be4b

 ///  File Name: Easyxp41.txt
Description:
Easyxp41 suffers from multiple cross site scripting and data disclosure flaws. An excessive amount of detailed exploitation is provided.
Author:FalconDeOro
File Size:3043
Last Modified:Aug 5 07:46:25 2005
MD5 Checksum:2895b06398aa7518a481acc5a04b9899

 ///  File Name: pluggedBlog.txt
Description:
Plugged-Blog 0.4.8 suffers from multiple cross site scripting, SQL injection, and other flaws. Detailed exploitation provided.
Author:FalconDeOro
File Size:4757
Last Modified:Aug 5 07:45:31 2005
MD5 Checksum:561b5c650671ccdc4cc6e3e0fd4d5556

 ///  File Name: kshoutaxs.txt
Description:
Kshout versions 2.x and 3.x allow for direct file access to their configuration files.
Author:SoulBlack
Homepage:http://soulblack.com.ar
File Size:1603
Last Modified:Aug 5 07:41:55 2005
MD5 Checksum:fd54c77c253ed96ef9fbab2190066717

 ///  File Name: qlite.html
Description:
qliteNews arbitrary database manipulation and cross site scripting proof of concept exploit.
Author:rgod
Homepage:http://www.rgod.altervista.org/
File Size:6501
Last Modified:Aug 5 07:40:00 2005
MD5 Checksum:2c8ef5b4e893b6077a239dae97667d55

 ///  File Name: kentbb.txt
Description:
Kent's Guestbook allows for direct database file access.
Author:l--s
Homepage:http://3asfh.net/vb
File Size:245
Last Modified:Aug 5 07:35:02 2005
MD5 Checksum:67b78be508320b88e0c2e27981286f9d

 ///  File Name: webc.html
Description:
Web Content Management News System administrative account creation and cross site scripting proof of concept exploit.
Author:rgod
Homepage:http://www.rgod.altervista.org/
File Size:966
Last Modified:Aug 5 07:16:53 2005
MD5 Checksum:8c384ffa562818b79786f14e70f0140b

 ///  File Name: phpfreenews.html
Description:
PHPFreeNews versions 1.32 and below are susceptible to SQL injection, login bypass, and cross site scripting attacks.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:3176
Last Modified:Aug 5 07:13:13 2005
MD5 Checksum:48c666e16e02b14265a50e344fa2a745

 ///  File Name: phpnews.html
Description:
PHP News Manager versions 1.45 through 1.47 are susceptible to login bypass, SQL injection, cross site scripting and path disclosure flaws.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:1529
Last Modified:Aug 5 07:07:04 2005
MD5 Checksum:f6ac2b10357b4417f4691d349a47b070

 ///  File Name: phplistSQL.txt
Description:
PHPList is susceptible to SQL injection and path disclosure flaws.
Author:tgo
File Size:954
Last Modified:Aug 5 06:57:43 2005
MD5 Checksum:2f065a958972a18f02d3f7de846612a4

 ///  File Name: gforgeXSS.txt
Description:
GForge version 4.5 is susceptible to multiple cross site scripting vulnerabilities.
Author:Joxean Koret
File Size:4470
Last Modified:Aug 5 06:56:51 2005
MD5 Checksum:7c50c2216c8acfa27145c82dee23fc73

 ///  File Name: pc26sql.txt
Description:
Product Cart 2.6 is susceptible to a SQL injection attack.
Author:Zinho
Homepage:http://www.hackerscenter.com/
File Size:3608
Last Modified:Jul 28 19:02:24 2005
MD5 Checksum:cef1d8f6a210a35f96070664dacd3f5e

 ///  File Name: atmailXSS.txt
Description:
@Mail 4.03 WebMail for Windows and 4.11 for Unix variants suffers from multiple cross site scripting flaws. Detailed exploitation provided.
Author:Lostmon
File Size:3067
Last Modified:Jul 28 19:01:12 2005
MD5 Checksum:3cd06324574d1aef55b883431ef25f49

 ///  File Name: HPRadiaManagement.txt
Description:
NGSSoftware Insight Security Research Advisory - HP OpenView Radia Management Portal versions 2.x and 1.x running the Radia Management Agent suffer from a remote command execution flaw via a directory traversal. By connecting to the TCP port and sending a crafted packet, it is possible to traverse out of C:\Program Files\Novadigm and run any executable that is located on the same logical disk partition.
Author:David Morgan, Dominic Beecher
Homepage:http://www.ngssoftware.com
File Size:2727
Last Modified:Jul 28 18:59:55 2005
MD5 Checksum:746992e1a974b65a8b4f2abc6eab9a03

 ///  File Name: mu-imap4d_fsexp.c
Description:
GNU Mailutils imap4d version 0.6 remote format string exploit. Tested on Slackware Linux versions 9.0, 10.0, and 10.1.
Author:CoKi
Homepage:http://www.nosystem.com.ar
File Size:12953
Last Modified:Jul 28 09:07:09 2005
MD5 Checksum:da0de44e2242607117540ff5e260dca5

 ///  File Name: cleverNotSo.txt
Description:
Clever Copy suffers from multiple cross site scripting and path disclosure flaws. Versions 2.0 and 2.0a are affected.
Author:Lostmon
File Size:3097
Last Modified:Jul 28 08:57:30 2005
MD5 Checksum:7e31b64773a60d4db45f35bab4fa8e73

 ///  File Name: bmforumXSS.txt
Description:
BMForum Datium! 3.0 RC1-4, Plus! 3.0 RC1-4, Plus! 2.6.1, and PlusMX 3.0.0.5 all suffer from multiple cross site scripting flaws.
Author:Lostmon
File Size:2547
Last Modified:Jul 28 08:56:04 2005
MD5 Checksum:ea70bf5ccd6f398a6c4cdb84fdca4c28

 ///  File Name: cartWIZxss.txt
Description:
CartWIZ suffers from a cross site scripting vulnerability.
Author:Zinho
Homepage:http://www.hackerscenter.com/
File Size:468
Last Modified:Jul 28 08:20:15 2005
MD5 Checksum:641fccc90e9b9e36e4f04c678a73a290

 ///  File Name: simplicityRemote.txt
Description:
Simplicity OF Upload 1.3 allows for remote code execution and cross site scripting attacks.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:5540
Last Modified:Jul 28 08:18:42 2005
MD5 Checksum:c1c29ac201c7889dd7f93fb2b306a1e1