Section: .. / 0508-exploits /

Page 1 of 5
<< 1 2 3 4 5 >> Files 1 - 25 of 105

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	0508-exploits.tgz
Description:	New Packet Storm exploits for August, 2005.
Homepage:	http://packetstormsecurity.org/
File Size:	206356
Last Modified:	Aug 31 09:28:32 2005
MD5 Checksum:	02ccdc9a05ba0798d3558b6f698c0350

/// File Name:	flat256.html
Description:	FlatNuke version 2.5.6 suffers from remote command execution, cross site scripting, and path disclosure flaws. Detailed exploitation provided.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	1254
Last Modified:	Aug 31 08:51:23 2005
MD5 Checksum:	11acdd9d2ced8d0e8654998fccb7e62b

/// File Name:	fud.html
Description:	Remote code execution exploit for FUD Forum versions 2.7 and below.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related File:	fudForum.txt
File Size:	1476
Last Modified:	Aug 31 08:49:53 2005
MD5 Checksum:	0a6890ae0ddec4b2fbf9dafb1a53e299

/// File Name:	HP_OV_NNM_RCE.c
Description:	Remote command execution exploit for HP OpenView Network Node Manager versions 6.2, 6.4, 7.01, and 7.50.
Author:	Lympex
Homepage:	http://l-bytes.net
File Size:	3959
Last Modified:	Aug 31 08:26:49 2005
MD5 Checksum:	f52cf58231344c9d88f6eb0cd01adc82

/// File Name:	AD20050830.txt
Description:	BNBT EasyTracker is susceptible to a remote denial of service vulnerability when accepting a malformed HTTP request. Demonstration exploit provided. Versions 7.7r3.2004.10.27 and below are affected.
Author:	Sowhat
Homepage:	http://secway.org/advisory/AD20050830.txt
File Size:	8779
Last Modified:	Aug 31 08:09:09 2005
MD5 Checksum:	2ac337d4908927ed071926acbb6d4270

/// File Name:	phpldap.html
Description:	phpLDAPadmin versions 0.9.6 through 0.9.7/alpha5 suffer from directory traversal, remote code execution and cross site scripting vulnerabilities. Detailed exploitation provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	1226
Last Modified:	Aug 31 08:04:26 2005
MD5 Checksum:	3a75a213f873a5a71289eba8299c2757

/// File Name:	bfccown.zip
Description:	Proof of concept exploit for the flaws relating to BFCC versions 1.22_A and below and BFVCC versions 2.14_B and below.
Author:	Luigi Auriemma
Homepage:	http://aluigi.altervista.org
Related File:	bfccown.txt
File Size:	11110
Last Modified:	Aug 31 07:50:44 2005
MD5 Checksum:	0918b1298c512f28393bf9f2d5603a9b

/// File Name:	lduSQL.txt
Description:	Land Down Under versions 801 and below suffer from multiple SQL injection vulnerabilities. Full details provided.
Author:	matrix_killer
Homepage:	http://www.h4cky0u.org
File Size:	1315
Last Modified:	Aug 31 07:45:23 2005
MD5 Checksum:	eb9df365250444e4b536d1fb2e55e3aa

/// File Name:	sphpblog_vulns.pl.txt
Description:	Exploit that demonstrates a vulnerability in the comment_delete_cgi.php from SimplePHPBlog. The PHP script allows for the arbitrary deletion of files. This vulnerability, in combination with the fact that the installation scripts are left on the server after installation, allows an arbitrary user to reset the admin password to one of the attacker's choosing.
Author:	Kenneth F. Belva
Homepage:	http://www.ftusecurity.com
File Size:	13229
Last Modified:	Aug 31 07:41:06 2005
MD5 Checksum:	d5a02f6fa42800a232858d4f054b1541

/// File Name:	SqWebMail.txt
Description:	Secunia Security Advisory - Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks. The vulnerability is caused due to SqWebMail failing to properly sanitize HTML emails. This can be exploited to include arbitrary script code in HTML emails, which will be executed in context of the SqWebMail server, as soon as the user views a received email. Version 5.0.4 is affected.
Author:	Jakob Balle
Homepage:	http://www.secunia.com
File Size:	3694
Last Modified:	Aug 31 07:37:12 2005
MD5 Checksum:	57470dc10cef0798ea3aec873b6095dd

/// File Name:	adv22-y3dips-2005.txt
Description:	PunBB 1.2.6 suffers from a script injection flaw in its use of IMG tags.
Author:	y3dips
Homepage:	http://echo.or.id/adv/adv22-y3dips-2005.txt
File Size:	2515
Last Modified:	Aug 31 07:34:44 2005
MD5 Checksum:	e745714402a160c0bbd36c5fd17862fe

/// File Name:	cosmoshop81078.txt
Description:	Cosmoshop versions 8.10.78 and below suffer from SQL injection flaws, clear text passwords, and directory traversal flaws.
Author:	l0om
Homepage:	http://www.excluded.org
File Size:	1466
Last Modified:	Aug 31 07:32:48 2005
MD5 Checksum:	43eb2a684a72cba7453b395b76af5865

/// File Name:	phpfusionXSS2.txt
Description:	PHP-Fusion versions 6.00.107 and below are susceptible to cross site scripting attacks.
Author:	slacker4ever_1
File Size:	333
Last Modified:	Aug 31 07:24:14 2005
MD5 Checksum:	899b8a9751b5a4ffdc795c68056c4f44

/// File Name:	autolinks21.txt
Description:	AutoLinks Pro 2.1 suffers from a remote file inclusion vulnerability.
Author:	NewAngels Team
File Size:	1308
Last Modified:	Aug 31 07:22:26 2005
MD5 Checksum:	a9273540bd7022124f6c8cb05c02da63

/// File Name:	lduXSS2.txt
Description:	Land Down Under suffers from cross site scripting vulnerabilities in the signature and topic payloads.
Author:	spyMASter
File Size:	804
Last Modified:	Aug 31 07:18:57 2005
MD5 Checksum:	38e1144d56f1c9a6cdeb36bb6a7a7238

/// File Name:	mybbSQL.pl.txt
Description:	MyBulletinBoard (MyBB) member.php SQL injection exploit.
Author:	W7ED
File Size:	1488
Last Modified:	Aug 31 07:17:00 2005
MD5 Checksum:	9274e58ef338ce1541974c525480a669

/// File Name:	multiVulns.txt
Description:	Multiple vulnerabilities have been discovered in various CMS and forum software. e107 suffers from a cross site scripting flaw, Wordpress suffers from a SQL injection flaw, PHPNews suffers from a remote inclusion flaw, phpBB suffers from a SQL injection flaw, Google suffers from a SQL injection flaw, and myspace.com suffers from a user profile defacement flaw. Oh.. and UBB 6.3.2 suffers from a remote code execution flaw.
Author:	pacifico, ratboy
File Size:	4505
Last Modified:	Aug 31 07:15:14 2005
MD5 Checksum:	0b3cc1bdf7c9bc094938f2cf671a24b5

/// File Name:	phpwebnotes.txt
Description:	phpWebNotes version 2.0.0-pr1 suffers from a remote inclusion vulnerability that may allow for cross site scripting attacks.
Author:	Norbert
File Size:	871
Last Modified:	Aug 28 21:20:45 2005
MD5 Checksum:	6771a439057aac9e9acef007389b8f28

/// File Name:	DMA-2005-0826a.txt
Description:	The Nokia Affix Bluetooth btsrv makes poor use of a popen() that in turn allows for privileged code execution as root.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com/
File Size:	4242
Last Modified:	Aug 28 21:17:28 2005
MD5 Checksum:	61e981f322c2f459330e5ada5d8ff244

/// File Name:	lglass20040427.txt
Description:	Exploit for Looking Glass v20040427 arbitrary command execution / cross site scripting vulnerabilities
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	6518
Last Modified:	Aug 28 11:31:58 2005
MD5 Checksum:	fc4b3d001799b92df265dce9d88d0b2a

/// File Name:	qnx-inputtrap.txt
Description:	QNX inputtrap from QNX RTOS versions 6.3 and 6.1.0 suffers from an arbitrary file read vulnerability.
Author:	Julio Cesar Fort
File Size:	1640
Last Modified:	Aug 25 08:09:10 2005
MD5 Checksum:	6485b7c7501a5b7eee39fd1c2b6d013c

/// File Name:	foojanInject.txt
Description:	Foojan PHP Weblog suffers from an injection flaw when trusting an unsanitized HTTP_REFERER payload.
Author:	ali202
File Size:	583
Last Modified:	Aug 25 07:16:23 2005
MD5 Checksum:	8d7c5ecdfa9b64b6f5372f8fa0e32db2

/// File Name:	PaFileDB31SQL.txt
Description:	PaFileDB 3.1 is susceptible to a SQL injection attack that allows for login bypass.
Author:	deluxe89, Astovidatu
Homepage:	http://security-project.org
File Size:	1833
Last Modified:	Aug 25 07:09:21 2005
MD5 Checksum:	5ebb7571066d1cee27025c2990ccbf0e

/// File Name:	beaXSS.txt
Description:	BEA WebLogic versions 8.1 SP4 and below suffer from a cross site scripting flaw in the Administration console.
Author:	GomoR
Homepage:	http://www.GomoR.org/
File Size:	1433
Last Modified:	Aug 25 06:59:40 2005
MD5 Checksum:	75cb275908dde195433f902633155e90

/// File Name:	onunload.txt
Description:	In nearly all browsers you can overwrite the window location in the 'onunload' event. This has been tested against Firefox, Opera, and Internet Explorer.
Author:	Tobias Boonstoppel
File Size:	773
Last Modified:	Aug 25 06:57:48 2005
MD5 Checksum:	cb19d56d011a3ec5af3696705135f266