Section:  .. / 0511-exploits  /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 132
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0003.txt
Description:
TikiWiki versions 1.9.x up to and including 1.9.2 suffer from a cross site scripting vulnerability and possible SQL injection vulnerabilities.
Homepage:http://moritz-naumann.com/
File Size:2887
Related CVE(s):CVE-2005-3528, CVE-2005-3529
Last Modified:Nov 10 06:25:42 2005
MD5 Checksum:01326c2f74a0d9a59e9f2daf503b0a9b

 ///  File Name: 0004.txt
Description:
Antville version 1.1 suffers from a cross site scripting flaw.
Homepage:http://moritz-naumann.com/
File Size:2407
Related CVE(s):CVE-2005-3530
Last Modified:Nov 10 06:26:50 2005
MD5 Checksum:b892b6dfca7fbf65303b9584f298dfc9

 ///  File Name: 0511-exploits.tgz
Description:
New Packet Storm exploits for November, 2005.
Homepage:http://packetstormsecurity.org/
File Size:525541
Last Modified:Dec 2 18:02:29 2005
MD5 Checksum:c97868904344aab96af71f9270a73bae

 ///  File Name: 11.17.05.txt
Description:
iDEFENSE Security Advisory 11.17.05 - Remote exploitation of a directory transversal vulnerability in Qualcomm WorldMail IMAP Server allows attackers to read any email stored on the system. Exploitation details provided. Tested against Qualcomm Worldmail server version 3.0. Other versions may be vulnerable.
Homepage:http://www.idefense.com/
File Size:4317
Related CVE(s):CAN-2005-3189
Last Modified:Nov 20 20:39:32 2005
MD5 Checksum:b35d6599c12f38d6dfa3fe349fee7afc

 ///  File Name: 12allSQL.txt
Description:
1-2-All Broadcast email software is susceptible to SQL injection attacks.
Author:POPO
Homepage:http://www.Babol-Hackers.com
File Size:456
Last Modified:Nov 15 07:06:40 2005
MD5 Checksum:86fa6dc040c48e7b0f3dde1a6ca224c9

 ///  File Name: 20051021.MS05-047.c
Description:
Remote exploit that makes use of a buffer length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList (services.exe - ms05-047).
File Size:13148
Related CVE(s):CVE-2005-2120
Last Modified:Nov 4 10:16:37 2005
MD5 Checksum:7da4be57b49181300f904d409eadbd69

 ///  File Name: 200511-asterisk.txt
Description:
A vulnerability in the voicemail retrieval system for the Asterisk PBX software allows an authenticated user to download any .wav/.WAV file from the system, including other users' voicemail messages. Versions affected: Asterisk versions 1.0.9 and below, Asterisk Beta versions 1.2.0-beta1 and below, Asterisk @ Home versions 1.5 and below, and Asterisk @ Home Beta versions 2.0 Beta 4 and below.
Author:Adam Pointon
Homepage:http://www.assurance.com.au/
File Size:3541
Last Modified:Nov 8 17:44:44 2005
MD5 Checksum:75dd48e0ad893411c13943121f634111

 ///  File Name: 55k7-msdtc.c
Description:
Microsoft Windows Distributed Transaction Coordinator remote proof of concept exploit for the flaw listed in MS05-051.
Author:Darkeagle
Homepage:http://exploiterz.org/
File Size:9714
Last Modified:Dec 1 10:48:00 2005
MD5 Checksum:5767373f484a8f87676ec524c5f66a8d

 ///  File Name: advisory_212005.80.txt
Description:
PHPKIT versions 1.6.1 R2 and below suffer from cross site scripting, SQL injection, information disclosure, password hash disclosure, local file disclosure, and arbitrary code execution flaws. Various sample exploitation details provided.
Author:Christopher Kunz
Homepage:http://www.hardened-php.net/advisory_212005.80.html
File Size:9498
Last Modified:Nov 9 04:58:23 2005
MD5 Checksum:71a66055fa428354a04394d231ff23d7

 ///  File Name: advisory_212005.81.txt
Description:
phpSysInfo versions 2.4 and below suffer from cross site scripting, HTTP response splitting, and arbitrary file inclusion flaws.
Author:Christopher Kunz
Homepage:http://www.hardened-php.net/advisory_212005.81.html
File Size:7799
Related CVE(s):CVE-2005-3347, CVE-2005-3348
Last Modified:Nov 15 07:25:07 2005
MD5 Checksum:bbe773cb8064fff81b560d1875583ba4

 ///  File Name: advisory_232005.105.txt
Description:
Multiple cross site scripting, authentication bypass, SQL injection, file inclusion, and password hash disclosure flaws exist in vTiger versions 4.2 and below. Various details disclosed.
Author:Stefan Esser
Homepage:http://www.hardened-php.net/
File Size:8157
Last Modified:Nov 30 20:53:51 2005
MD5 Checksum:b6c1646b05615c6ef43bfc64c7ad83bc

 ///  File Name: affiliateNetwork.txt
Description:
Affiliate Network Pro version 7.2 suffers from SQL injection, code execution, and cross site scripting flaws.
Author:Robin Verton
File Size:4307
Last Modified:Nov 20 05:17:59 2005
MD5 Checksum:08ed6a55774004d3cf03f5ae1a1b54cf

 ///  File Name: almondClassifieds.txt
Description:
Almond Classifieds has a validation flaw that allows remote attacks to edit classifieds of other users.
Author:Alexiev
File Size:689
Last Modified:Nov 20 21:48:27 2005
MD5 Checksum:117c4a154fbf3ae6464bb029b24f1055

 ///  File Name: aMemberXSS.txt
Description:
aMember is susceptible to cross site scripting attacks via an unsanitized login variable.
Author:BiPi_HaCk
Homepage:http://www.NightmareSecurity.net/
File Size:1357
Last Modified:Nov 12 04:25:32 2005
MD5 Checksum:38abe00110b2ef2863c56418ee9f1d91

 ///  File Name: apboardSQL.txt
Description:
APBoard is susceptible to SQL injection attacks.
Homepage:http://www.s4a.cc
File Size:268
Last Modified:Nov 30 08:18:28 2005
MD5 Checksum:a9dd7d824e21e79dd9fe513348275e43

 ///  File Name: ASPrider16.txt
Description:
ASP-Rider version 1.6 is susceptible to SQL injection attacks via the REFERER.
File Size:484
Last Modified:Dec 2 17:28:20 2005
MD5 Checksum:1bdb6afa9758e92364f5ac80237fd832

 ///  File Name: asusvsbugs.zip
Description:
Proof of concept exploit code for Asus Video Security versions 3.5.0.0 and below which suffer from buffer overflow and directory traversal vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:asusvsbugs.txt
File Size:8648
Last Modified:Nov 3 02:56:52 2005
MD5 Checksum:e4aa307d8812f26650b98783803691a3

 ///  File Name: athena.txt
Description:
Athena version 0.1a is susceptible to a remote file inclusion flaw.
Author:gb.network
File Size:1627
Last Modified:Nov 30 21:46:12 2005
MD5 Checksum:fa8637e22146db7ca7853e385f1bcb2e

 ///  File Name: atutor151pl2.txt
Description:
ATutor versions less than or equal to 1.5.1pl2 SQL Injection and Remote commands execution exploit.
Author:rgod
Homepage:http://rgod.altervista.org/atutor151pl2.html
File Size:11194
Last Modified:Nov 8 20:52:15 2005
MD5 Checksum:f6e0ae302cbd497b731ce3dc9d4a61f5

 ///  File Name: bcarrydos.zip
Description:
Proof of concept exploit for a denial of service flaw in Battle Carry versions .005 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:bcarrydos.txt
File Size:7736
Last Modified:Nov 3 03:02:01 2005
MD5 Checksum:39dec2b6011875f864315f8ad113b0e4

 ///  File Name: bitchxLocal.c
Description:
Local root exploit for BitchX. Note that BitchX is not normally setuid by default.
Author:Sha0
File Size:1508
Last Modified:Nov 30 20:35:12 2005
MD5 Checksum:df5eef5f69d131956917af0570690b49

 ///  File Name: cerberusDownload.txt
Description:
By playing with parameter manipulation, you can download other people's uploads in Cerberus Helpdesk.
Author:cumhur onat
File Size:1967
Last Modified:Nov 4 18:24:16 2005
MD5 Checksum:0c43ab5599acc8f4875c865a4d4b9278

 ///  File Name: cirt-40-advisory.pdf
Description:
Whatsup Small Business 2004 is susceptible to a directory traversal attack. Exploitation details provided.
Author:Dennis Rand
Homepage:http://www.cirt.dk/
File Size:139157
Last Modified:Nov 3 03:07:48 2005
MD5 Checksum:fad3cd98d759016e604f2963e8e51661

 ///  File Name: ciscoPwn.tgz
Description:
Cisco IOS exploit that demonstrates how unsanitized input from a user can be injected into dynamically generated web pages.
Homepage:http://www.infohacking.com/
File Size:139361
Last Modified:Dec 1 10:20:28 2005
MD5 Checksum:6f0b3f5bc61b8ef0a1887bebe0696b40

 ///  File Name: CuteNews1.4.1.txt
Description:
CuteNews 1.4.1 Arbitrary file inclusion and remote code execution exploit.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:7411
Last Modified:Nov 4 02:33:13 2005
MD5 Checksum:c506f6d33b39493d17b3d6bc7f27f75c