Section: .. / 0512-exploits /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 83

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	excelBugs.tgz
Description:	Two Microsoft Excel xls files that demonstrate null pointer bugs.
Author:	ad
File Size:	2041
Last Modified:	Dec 28 05:56:46 2005
MD5 Checksum:	0564e730901ee39f705c3811eb423ef6

/// File Name:	eXtremeTraversal.txt
Description:	eXtreme Styles mod versions 2.2.1 and below are susceptible to directory traversal attacks.
Author:	tommie1
File Size:	707
Last Modified:	Dec 7 02:56:22 2005
MD5 Checksum:	9c2189dc03c81b3f9a974e2e9b07179d

/// File Name:	fireburn.txt
Description:	Proof of concept exploit for Firefox 1.0.4 for the InstallVersion.compareTo() vulnerability. Needs functional shellcode to work.
Author:	Aviv Raff
Homepage:	http://aviv.raffon.net/
File Size:	2912
Last Modified:	Dec 14 09:18:31 2005
MD5 Checksum:	a7b9197c7c69f746d4d5c68ef60627c1

/// File Name:	firefox-1.5.txt
Description:	Firefox 1.5 suffers from a denial of service condition when a large topic gets saved automatically to the history.dat file. This only works on a small amount of the Firefox 1.5 users, and it is not apparent that the problem is a buffer overflow. More information available here. Official Mozilla response here.
Author:	ZIPLOCK
File Size:	1021
Last Modified:	Dec 7 07:27:14 2005
MD5 Checksum:	9c066c92de070c906d61510c03fcccac

/// File Name:	flat.txt
Description:	FlatCMS version 1.01 is susceptible to multiple cross site scripting flaws.
Author:	X1ngBox
File Size:	708
Last Modified:	Dec 14 05:40:48 2005
MD5 Checksum:	d820169c55e3dddaa91e6d0a23c84cfd

/// File Name:	flatnuke256_xpl.txt
Description:	Flatnuke version 2.5.6 privilege escalation and remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12931
Last Modified:	Dec 14 07:31:26 2005
MD5 Checksum:	0b914d4061a58677e535436986fc8701

/// File Name:	freeHelpInject.txt
Description:	It appears that the Free Help Desk software by Help Desk Reloaded leaves the install.php file in place post installation, allowing remote attackers to create accounts without any authentication or access.
Author:	BiPi_HaCk
Homepage:	http://www.NightmareSecurity.net
File Size:	2210
Last Modified:	Dec 3 07:19:51 2005
MD5 Checksum:	59d3001cc14911fe89d6c74dc9fab115

/// File Name:	GameFlyXSS.txt
Description:	GameFly, the popular online video game rental service, suffers from a cross site scripting flaw.
Author:	Matthew Benenati
File Size:	417
Last Modified:	Dec 3 06:25:45 2005
MD5 Checksum:	fd363324b7ba22cd1ed151f9e8b1cda4

/// File Name:	gmailXSSinject.txt
Description:	Google's GMailSite script is susceptible to cross site scripting attacks. Details provided. Versions 1.0.4 and below are affected.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	7393
Last Modified:	Dec 31 03:24:35 2005
MD5 Checksum:	b30b60462a746c3ee07d8b8ef9512402

/// File Name:	hcXSS.txt
Description:	Hosting Controller is susceptible to cross site scripting attacks.
Author:	Lone Rider Knight
File Size:	1653
Last Modified:	Dec 26 19:45:23 2005
MD5 Checksum:	8e45f9ca208630c7be0dfc41bab14e57

/// File Name:	hordeGraphic.txt
Description:	All versions of the Horde IMP Webmail client are susceptible to cross site scripting attacks.
Author:	Igor
File Size:	4751
Last Modified:	Dec 9 17:22:17 2005
MD5 Checksum:	557d9a6ec0002e632527b6ca8121083c

/// File Name:	ibm_css.txt
Description:	IBM Websphere 6 sample scripts are susceptible to cross site scripting vulnerabilities. Details provided.
Author:	dr_insane
File Size:	3434
Last Modified:	Dec 15 07:46:47 2005
MD5 Checksum:	6db36956f39a0952c9aaccb6b92359ef

/// File Name:	ie_6_sp2_crash.html
Description:	Internet Explorer Version 6.0.2900.2180.xpsp_sp2 mshtml.dll <div> denial of service exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	800
Last Modified:	Dec 31 03:28:07 2005
MD5 Checksum:	b5a6124e8c38eeed20d5355a60984a7e

/// File Name:	ie_december_crash_xhtmltrans.txt
Description:	A pre tag with the style element white-space:normal; crashes Internet Explorer 6.0 if the pre tag contains two or more 'single' tags (for example, <span />). The bug was tested with Windows XP SP2 and Internet Explorer 6.
Author:	Markus Heer
Homepage:	http://www.pentagroup.ch
File Size:	305
Last Modified:	Dec 14 06:50:53 2005
MD5 Checksum:	decaf32fa31d7424355eb484ea166a18

/// File Name:	ie_xp_pfv_metafile.pm.txt
Description:	This Metasploit module exploits a vulnerability in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	50588
Last Modified:	Dec 31 09:59:58 2005
MD5 Checksum:	41f7cfba418309a3d955d808ee079bd6

/// File Name:	imoelPassword.txt
Description:	Direct download access of the setting.php file in IMOEL CMS allows for disclosure of the SQL password.
Author:	mehrtash mallahzadeh
Homepage:	http://www.ashiyane.com
File Size:	647
Last Modified:	Dec 14 08:26:57 2005
MD5 Checksum:	c3cf39d735cdc657ca8f40d348f2d188

/// File Name:	k-rad3.c
Description:	Linux kernel 2.6.11 and below CPL 0 local exploit. Third version/variant of this exploit.
Author:	sd, alert7
Homepage:	http://www.xfocus.org/
File Size:	17113
Last Modified:	Dec 31 10:05:55 2005
MD5 Checksum:	fe97c08a01073659a768232db8f502ef

/// File Name:	kapda-18.txt
Description:	KAPDA Advisory #18 - Various WebWiz scripts suffer from SQL injection vulnerabilities due to a lack of input sanitization in check_user.asp. Details on exploitation provided.
Author:	DevilBox
Homepage:	http://www.KAPDA.ir
File Size:	2925
Last Modified:	Dec 31 08:16:23 2005
MD5 Checksum:	23b2a1ef85c18c71cc4d9a6678fedfaa

/// File Name:	limbo1042_xpl.txt
Description:	LIMBO CMS versions 1.0.4.2 and below suffer from blind SQL injection, cross site scripting, local file inclusion, remote code execution, and other fun flaws. Exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	12178
Last Modified:	Dec 15 07:56:37 2005
MD5 Checksum:	7ffea299a93e6527c9cced8875eb9513

/// File Name:	lyris-listmanager.txt
Description:	The Lyris ListManager software versions 5.0 through 8.8a are vulnerable to numerous SQL injection, source code disclosure, and authentication bypass flaws. Full details provided.
Author:	H D Moore
Homepage:	http://metasploit.com/
Related Exploit:	lyris_attachment_mssql.pm.txt"
File Size:	6050
Last Modified:	Dec 14 07:11:49 2005
MD5 Checksum:	82ab2ed7706e828cab1028eedd58814c

/// File Name:	lyris_attachment_mssql.pm.txt
Description:	This Metasploit module exploits a SQL injection flaw in the Lyris ListManager software for Microsoft SQL Server. This flaw allows for arbitrary commands to be executed with administrative privileges by calling the xp_cmdshell stored procedure. Versions 5.0 through 8.8a are affected.
Author:	H D Moore
Homepage:	http://metasploit.com/
Related Exploit:	lyris-listmanager.txt"
File Size:	4399
Last Modified:	Dec 14 07:14:50 2005
MD5 Checksum:	f7190bb52ae23cbb1c9bd08505907146

/// File Name:	mailenable-imap-examine.py.txt
Description:	Python exploit for a remote buffer overflow that exists in the MailEnable Enterprise 1.1 IMAP EXAMINE command. This vulnerability affects MailEnable Enterprise 1.1 without the ME-10009.EXE patch.
Author:	Mati Aharoni
Related Exploit:	muts_mailenable_imap_examine.pm.txt"
File Size:	5147
Last Modified:	Dec 28 06:10:21 2005
MD5 Checksum:	4d2052261c05aa5f9b5f8999662a166c

/// File Name:	mambo452_xpl.html
Description:	Mambo versions 4.5.2 and below Globals overwrite and remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	10846
Last Modified:	Dec 9 17:14:28 2005
MD5 Checksum:	6d5cda257b3443d29067a4e7e9e83872

/// File Name:	marmaraXSS.txt
Description:	MarmaraWeb E-Commerce is susceptible to cross site scripting attacks.
Author:	B3g0k
File Size:	776
Last Modified:	Dec 18 10:22:54 2005
MD5 Checksum:	6a87dd144224dd7bbac2d3717dbf2432

/// File Name:	Microsoft.IIS.Malformed.URI.cpp
Description:	Microsoft IIS 5.1 malformed URI denial of service exploit.
Author:	lympex
Homepage:	http://l-bytes.tk
File Size:	3649
Last Modified:	Dec 28 23:28:38 2005
MD5 Checksum:	33e4e92fc77d2514e825fa4956262cd3