Section:  .. / 0511-exploits  /

Page 2 of 6
<< 1 2 3 4 5 6 >> Files 25 - 50 of 132
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: bitchxLocal.c
Description:
Local root exploit for BitchX. Note that BitchX is not normally setuid by default.
Author:Sha0
File Size:1508
Last Modified:Nov 30 20:35:12 2005
MD5 Checksum:df5eef5f69d131956917af0570690b49

 ///  File Name: OTRSXSS.txt
Description:
OTRS versions 1.x and 2.x are susceptible to cross site scripting and blind SQL injection attacks.
Author:Moritz Naumann
Homepage:http://moritz-naumann.com/
File Size:7842
Last Modified:Nov 30 20:28:02 2005
MD5 Checksum:e1e1639a87d80fd00a177c548b662a2b

 ///  File Name: VHCSXSS.txt
Description:
VHCS version 2.x is susceptible to cross site scripting attacks.
Author:Moritz Naumann
Homepage:http://moritz-naumann.com/
File Size:2673
Last Modified:Nov 30 20:26:46 2005
MD5 Checksum:8d6b5fb521260765932fd6061bd26bd1

 ///  File Name: pmwikiXSS.txt
Description:
PmWiki version 2.0.12 is susceptible to cross site scripting attacks.
Author:Moritz Naumann
Homepage:http://moritz-naumann.com/
File Size:2218
Last Modified:Nov 30 20:26:06 2005
MD5 Checksum:83c3eeb671b4c6c58066ae5fbf514b0d

 ///  File Name: kapda-phpp.txt
Description:
PHPP version 1.0 is susceptible to cross site scripting vulnerabilities. Exploitation details provided.
Author:trueend5
Homepage:http://www.KAPDA.ir
File Size:1644
Last Modified:Nov 30 19:52:31 2005
MD5 Checksum:d12e98e779e7391494a526a4f58b87db

 ///  File Name: PIXdos.pl.txt
Description:
Remote denial of service exploit that makes use of a blocking feature in Cisco PIX 515E OS version 6.3(3).
Author:Konstantin V. Gavrilenko
Homepage:http://www.arhont.com/
Related File:ciscoPacket.txt
File Size:2659
Last Modified:Nov 30 19:48:56 2005
MD5 Checksum:24cb7f8e1c499bbc120082a18e1065a9

 ///  File Name: torrentialTraverse.txt
Description:
Torrential version 1.2 is susceptible to directory traversal attacks.
Author:Shell
File Size:1010
Last Modified:Nov 30 19:39:33 2005
MD5 Checksum:860ca089844b7b9cbca1185332388974

 ///  File Name: poc.tgz
Description:
Proof of concept html that demonstrates the code execution flaw in the Microsoft Internet Explorer JavaScript Window() vulnerability previously considered to be simply a denial of service flaw.
Author:Stuart Pearson
Homepage:http://www.computerterrorism.com
Related File:CT21-11-2005.txt
File Size:1949
Related CVE(s):CAN-2005-1790
Last Modified:Nov 30 08:41:47 2005
MD5 Checksum:4d7439869fd6077a04c1e4e2c0db63a5

 ///  File Name: NukeETSQL32.txt
Description:
Nuke ET version 3.2 is susceptible to a remote SQL injection vulnerability. Exploit details provided.
Author:Lostmon
File Size:1564
Last Modified:Nov 30 08:34:23 2005
MD5 Checksum:3b3097b5afd617fc1aeeb96acc1a70f9

 ///  File Name: googleProxy.txt
Description:
The Google Search Appliance allows customization of the search interface through XSLT style sheets. Certain versions of the appliance allow a remote URL to be supplied as the path to the XSLT style sheet. This feature can be abused to perform cross-site scripting (XSS), file discovery, service enumeration, and arbitrary command execution.
Author:H D Moore
Homepage:http://metasploit.com/
File Size:5264
Last Modified:Nov 30 08:19:58 2005
MD5 Checksum:197e33a1a1feb275398aab21c4d16687

 ///  File Name: apboardSQL.txt
Description:
APBoard is susceptible to SQL injection attacks.
Homepage:http://www.s4a.cc
File Size:268
Last Modified:Nov 30 08:18:28 2005
MD5 Checksum:a9dd7d824e21e79dd9fe513348275e43

 ///  File Name: gmailbug.txt
Description:
A flaw in Google's G-Mail system allowed anyone access to any mailbox.
Homepage:http://www.elhacker.net/
File Size:5337
Last Modified:Nov 30 08:11:03 2005
MD5 Checksum:1e15a3835748c9b14ce6ad70691f2e45

 ///  File Name: TKADV2005-11-004.txt
Description:
Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.
Author:Tobias Klein
File Size:7196
Last Modified:Nov 20 21:58:02 2005
MD5 Checksum:05fc1697b2809adbe3c1454fc4daf576

 ///  File Name: exponentCMS.txt
Description:
ExponentCMS versions 0.96.3 and higher suffer from multiple vulnerabilities including cross site scripting and SQL injection flaws.
Author:Hans Wolters
File Size:2986
Last Modified:Nov 20 21:55:23 2005
MD5 Checksum:62881d111aa1ba4f0c8b69db88f7fc47

 ///  File Name: almondClassifieds.txt
Description:
Almond Classifieds has a validation flaw that allows remote attacks to edit classifieds of other users.
Author:Alexiev
File Size:689
Last Modified:Nov 20 21:48:27 2005
MD5 Checksum:117c4a154fbf3ae6464bb029b24f1055

 ///  File Name: exophpdesk_advisory.txt
Description:
ExoPHPDesk version 1.2 is susceptible to remote code execution attacks. Exploitation details provided.
Homepage:http://www.soulblack.com.ar/
File Size:1888
Last Modified:Nov 20 21:47:01 2005
MD5 Checksum:9f790bfc7705ea578361766127649a57

 ///  File Name: eQuickSQLXSS.txt
Description:
e-Quick Cart is susceptible to multiple cross site scripting and SQL injection flaws. Exploitation details provided.
Author:BiPi_HaCk
Homepage:http://www.NightmareSecurity.net/
File Size:1230
Last Modified:Nov 20 21:18:45 2005
MD5 Checksum:71fba8673c1b650aeef965d4009425a8

 ///  File Name: phpFusion600206.txt
Description:
PHP-Fusion versions 6.00.206 and below suffer from SQL injection attacks.
Author:Robin Verton
File Size:1854
Last Modified:Nov 20 21:17:30 2005
MD5 Checksum:3c1b774d9c7711ab22984f3a3ddf5541

 ///  File Name: 11.17.05.txt
Description:
iDEFENSE Security Advisory 11.17.05 - Remote exploitation of a directory transversal vulnerability in Qualcomm WorldMail IMAP Server allows attackers to read any email stored on the system. Exploitation details provided. Tested against Qualcomm Worldmail server version 3.0. Other versions may be vulnerable.
Homepage:http://www.idefense.com/
File Size:4317
Related CVE(s):CAN-2005-3189
Last Modified:Nov 20 20:39:32 2005
MD5 Checksum:b35d6599c12f38d6dfa3fe349fee7afc

 ///  File Name: mailenable154.pm.txt
Description:
This Metasploit module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
Author:y0
Related Exploit:mailenable.cpp"
File Size:3986
Last Modified:Nov 20 20:32:14 2005
MD5 Checksum:e5740ecdc8ee4ed1a44f270d02a429e1

 ///  File Name: google.pm.txt
Description:
This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
Author:H D Moore
File Size:7138
Last Modified:Nov 20 20:29:43 2005
MD5 Checksum:4f156a6909004d91eb34fe3bfb396d20

 ///  File Name: Flashosx.c
Description:
Proof of concept exploit that generates a flash file able to produce a denial of service condition. Relates to Flash.ocx.
Author:BassReFLeX
File Size:2597
Last Modified:Nov 20 20:27:23 2005
MD5 Checksum:4d44188e1e766f43177f22dec02ee46f

 ///  File Name: XH-FreeFTPD_remote_bof.c
Description:
FreeFTPd remote USER buffer overflow exploit for versions 1.0.8 and below.
Author:Expanders, barabas
Homepage:http://www.x0n3-h4ck.org
File Size:7517
Last Modified:Nov 20 20:25:15 2005
MD5 Checksum:ad8cb8527a30bf2280be0f4aea92c3e7

 ///  File Name: ekin103_xpl.html
Description:
EKINboard version 1.0.3 suffers from SQL injection and remote command execution flaws. Exploit provided.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:15499
Last Modified:Nov 20 20:19:41 2005
MD5 Checksum:0ce3e18c99a8415ab0b64160ebbc9e63

 ///  File Name: kapda-13.txt
Description:
KAPDA Advisory - XMB version 1.9.3 Nexus (Final) and 1.9.2 Nexus are susceptible to cross site scripting and html injection flaws.
Author:trueend5
Homepage:http://www.KAPDA.ir
File Size:1629
Last Modified:Nov 20 20:17:17 2005
MD5 Checksum:26adfdcd295c6710644cdc27254a3631