Section: .. / 0510-exploits /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 76

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	phpMyAdminLocal.txt
Description:	phpMyAdmin 2.6.4-pl1 is susceptible to a local file inclusion vulnerability.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com
File Size:	8149
Last Modified:	Oct 11 06:34:28 2005
MD5 Checksum:	6af123949f333b3d2883db675b30c812

/// File Name:	eguestproXSSSQL.txt
Description:	EGuest PRO guestbook version 4.0 is susceptible to SQL injection and cross site scripting attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1284
Last Modified:	Oct 11 06:14:38 2005
MD5 Checksum:	e40f18d14bfa5461a0fb251f320cd963

/// File Name:	xueBookSQL.txt
Description:	xueBook guestbook version 1.0 is susceptible to SQL injection attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1296
Last Modified:	Oct 11 06:13:11 2005
MD5 Checksum:	23bca368f06ceb762eccd6a3c361d261

/// File Name:	baalASPSQL.txt
Description:	BaalASP Free Bulletin Board is susceptible to SQL injection attacks.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1188
Last Modified:	Oct 11 04:56:44 2005
MD5 Checksum:	031f15de6e552cab101c3ef2e0d44fa7

/// File Name:	phpCounter.txt
Description:	PHP Counter is susceptible to cross site scripting and SQL injection vulnerabilities. Exploitation details provided.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareTeAmZ.altervista.org
File Size:	1720
Last Modified:	Oct 8 20:50:18 2005
MD5 Checksum:	9916ad3027dfb8af14d2133ed6921f42

/// File Name:	xine-cddb-server.pl.txt
Description:	Proof of concept exploit for the remote format string vulnerability discovered in the xine/gxine CD player. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
Author:	Ulf Harnhammar
Homepage:	http://www.debian.org/security/audit/
Related File:	xineFormat.txt
File Size:	2410
Related CVE(s):	CAN-2005-2967
Last Modified:	Oct 8 20:48:06 2005
MD5 Checksum:	0ccbc74dc926408c0b0bd3ad220e9737

/// File Name:	cyphor019.html
Description:	Cyphor version 0.19 suffers from SQL injection and cross site scripting flaws. Full proof of concept exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12027
Last Modified:	Oct 8 20:36:21 2005
MD5 Checksum:	447053d0d8b68ea69e51c55648493cad

/// File Name:	AVCraftedArchive.txt
Description:	An Anti-Virus bypass flaw has been discovered that slightly varies from CAN-2004-0932 and CAN-2004-0937. It makes use of a specially crafted archive. Full exploitation details provided. Appears to possibly affect all anti-virus products.
Author:	fRoGGz
Homepage:	http://shadock.net/secubox/AVCraftedArchive.html
File Size:	9378
Last Modified:	Oct 8 20:27:59 2005
MD5 Checksum:	705b5d261986d37d1a7b22621692481a

/// File Name:	oracle_xmldb_css.txt
Description:	The XMLDB in Oracle Database 9i Release 2 is susceptible to cross site scripting attacks.
Author:	Alexander Kornbrust
Homepage:	http://www.red-database-security.com/
File Size:	1848
Last Modified:	Oct 8 19:23:25 2005
MD5 Checksum:	3b7637096a07b9e72700e8fa81e8aff1

/// File Name:	oracle_isqlplus_css.txt
Description:	Oracle Database 9.0.2.4 with iSQLPlus is susceptible to a cross site scripting flaw.
Author:	Alexander Kornbrust
Homepage:	http://www.red-database-security.com/
File Size:	1749
Last Modified:	Oct 8 19:21:12 2005
MD5 Checksum:	de7fe9e04d8c718cdf7675e88d1387d3

/// File Name:	oracle_htmldb_css.txt
Description:	The Oracle HTMLDB contains some cross site scripting vulnerabilities.
Author:	Alexander Kornbrust
Homepage:	http://www.red-database-security.com/
File Size:	2629
Last Modified:	Oct 8 19:17:00 2005
MD5 Checksum:	1eb249024feeb9e544cb57a805f4d8b4

/// File Name:	aenovoSQL.txt
Description:	Aenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.
Author:	Devil_box, Farhad Koosha
Homepage:	http://www.kapda.ir/
File Size:	3108
Last Modified:	Oct 8 18:36:11 2005
MD5 Checksum:	e561e4e93fc7945cc8062b0c36201777

/// File Name:	mailenable.cpp
Description:	MailEnable proof of concept exploit for the W3C logging vulnerability. The shellcode used actually renames the vulnerable binary to disable the system from being vulnerable.
File Size:	12469
Last Modified:	Oct 8 18:34:00 2005
MD5 Checksum:	69cfa64e42bd717da95037ca93d691e1

/// File Name:	utopia113.html
Description:	Utopia News Pro version 1.1.3 is susceptible to SQL Injection and cross site scripting attacks. Proof of concept administrative credential disclosure exploit included.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	8843
Last Modified:	Oct 7 06:59:47 2005
MD5 Checksum:	8f9ba5681d49ffd33a7d7fada90a99b4

/// File Name:	aspReadySQL.txt
Description:	aspReady FAQ suffers from a SQL injection flaw that allows for administrator access to change and delete the underlying database.
Author:	Preben Nyloekken
File Size:	543
Last Modified:	Oct 7 06:58:07 2005
MD5 Checksum:	8bba10150932204775cf0a12de0c48cb

/// File Name:	planetBackdoor.txt
Description:	The Planet Technology Corp FGSW2402RS switch has a backdoor hardwired into the firmware when using a default password.
Author:	Luis Miguel Silva
File Size:	1117
Last Modified:	Oct 7 06:24:13 2005
MD5 Checksum:	8a8922998fb4dcba8245d02e7f3a02cb

/// File Name:	xloadFlaws.tgz
Description:	Three buffer overflows have been discovered in xloadimage during the handling of the image title name. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. At that point, it will also copy the title from the old image to the newly created image. The 'zoom', 'reduce', and 'rotate' functions are using a fixed length buffer to construct the new title name when an image processing is done. Since the title name in a NIFF format is of varying length, and there are insufficient buffer size validations, the buffer can be overflowed. Proof of concept files included.
Author:	Ariel Berkman
File Size:	1754
Last Modified:	Oct 7 06:21:21 2005
MD5 Checksum:	4ebe115927efb8268af7d4de94c58dc9

/// File Name:	prozilla.c
Description:	ProZilla versions 1.3.7.4 and below ftpsearch results handling client-side buffer overflow exploit.
Related File:	dsa-834-1.txt
File Size:	1253
Related CVE(s):	CAN-2005-2961
Last Modified:	Oct 6 09:07:41 2005
MD5 Checksum:	6b624116150454edaad0deae414417dc

/// File Name:	EXPL-A-2005-015-tellme.txt
Description:	TellMe versions 1.2 and below are susceptible to cross site scripting attacks.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	2855
Last Modified:	Oct 6 09:02:13 2005
MD5 Checksum:	3ddd430c42f0a27aecf330497720b583

/// File Name:	ctxpoliciesbypass.txt
Description:	A vulnerability in Citrix Metaframe Presentation Server versions 3.0 and 4.0 allows for users to bypass policy restrictions.
Author:	Gustavo Gurmandi
Homepage:	http://www.grupoitpro.com.ar
File Size:	1929
Last Modified:	Oct 6 05:46:58 2005
MD5 Checksum:	5f13820d1d8a116dcd37c6039870051d

/// File Name:	guppyTraverse.txt
Description:	Guppy versions less than 4.5.6a suffer from a directory traversal flaw.
Author:	Josh Zlatin-Amishav
File Size:	1673
Last Modified:	Oct 6 05:36:13 2005
MD5 Checksum:	bcee9b2224bbc4f22288e5405a625bc0

/// File Name:	MerakXSS.txt
Description:	Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1 is susceptible to cross site scripting and directory traversal attacks.
Author:	ShineShadow
File Size:	3990
Last Modified:	Oct 6 05:34:48 2005
MD5 Checksum:	c5479586cfc38ea73b1362a12df8f872

/// File Name:	Fusionv-6.00.109.txt
Description:	Exploit for PHP-Fusion v6.00.109 SQL Injection / credentials disclosure vulnerability. Written in php.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	8447
Last Modified:	Oct 4 07:25:57 2005
MD5 Checksum:	0ab5f674038013c3308b5a06752874fe

/// File Name:	fr-dyn0.txt
Description:	www.friendsreunited.co.uk suffers from a XSS vulnerability in the lost password section.
Author:	dyn0
Homepage:	http://0xdeadface.co.uk
File Size:	842
Last Modified:	Oct 4 07:06:52 2005
MD5 Checksum:	5019b03af3546fccd49bf140d435435f

/// File Name:	mybloggie213b.txt
Description:	Exploit for MyBloggie 2.1.3beta Login Bypass vulnerability.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	10156
Last Modified:	Oct 4 06:58:25 2005
MD5 Checksum:	6447a7a4c22c35745e4921300ad419b0