Section: .. / 0512-exploits /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 83

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	hcXSS.txt
Description:	Hosting Controller is susceptible to cross site scripting attacks.
Author:	Lone Rider Knight
File Size:	1653
Last Modified:	Dec 26 19:45:23 2005
MD5 Checksum:	8e45f9ca208630c7be0dfc41bab14e57

/// File Name:	AppScanQA-RemoteCodeExec-PoC.zip
Description:	Proof of concept exploit for AppScan QA versions 5.0.x that stages itself as a webserver and exploits a buffer overflow via the WWW-Authenticate header of a 401 HTTP response.
Author:	Mariano Nunez
Homepage:	http://www.cybsec.com
Related File:	cybsec-watchfire.txt
File Size:	1564
Last Modified:	Dec 18 10:56:06 2005
MD5 Checksum:	7f372648b79922c22ee027921f0bcb10

/// File Name:	marmaraXSS.txt
Description:	MarmaraWeb E-Commerce is susceptible to cross site scripting attacks.
Author:	B3g0k
File Size:	776
Last Modified:	Dec 18 10:22:54 2005
MD5 Checksum:	6a87dd144224dd7bbac2d3717dbf2432

/// File Name:	limbo1042_xpl.txt
Description:	LIMBO CMS versions 1.0.4.2 and below suffer from blind SQL injection, cross site scripting, local file inclusion, remote code execution, and other fun flaws. Exploit provided.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	12178
Last Modified:	Dec 15 07:56:37 2005
MD5 Checksum:	7ffea299a93e6527c9cced8875eb9513

/// File Name:	ibm_css.txt
Description:	IBM Websphere 6 sample scripts are susceptible to cross site scripting vulnerabilities. Details provided.
Author:	dr_insane
File Size:	3434
Last Modified:	Dec 15 07:46:47 2005
MD5 Checksum:	6db36956f39a0952c9aaccb6b92359ef

/// File Name:	bypassXSSnuke.txt
Description:	PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	6191
Last Modified:	Dec 15 07:43:20 2005
MD5 Checksum:	eb14def6f8b872d7c1f7296074010db0

/// File Name:	MS05-053.c
Description:	Microsoft Windows Metafile (WMF) remote exploit which takes advantage of the bug known as ms05-053. This program creates a special .wmf file which crashes IE by overflowing the "mtNoObjects" header.
Author:	Winny Thomas
File Size:	4821
Last Modified:	Dec 14 11:12:31 2005
MD5 Checksum:	380f01f84a68f99123f0eaeefe547cc1

/// File Name:	CounterDoS.c
Description:	Counter Strike 2D denial of service exploit that affects versions 0.1.0.1 and below.
Author:	Iman Karim
Homepage:	http://home.inf.fh-rhein-sieg.de/~ikarim2s/
File Size:	3615
Last Modified:	Dec 14 09:28:28 2005
MD5 Checksum:	d87083992aad727560be35d101326126

/// File Name:	openview_connectednodes_exec.pm.txt
Description:	This Metasploit module exploits an arbitrary command execution vulnerability in the HP OpenView connectedNodes.ovpl CGI application. The results of the command will not be displayed to the screen.
Author:	Valerio Tesei
File Size:	2731
Related OSVDB(s):	19057
Related CVE(s):	CVE-2005-2773
Last Modified:	Dec 14 09:26:31 2005
MD5 Checksum:	ae5ae0d62af26ea683bce8a720fc56eb

/// File Name:	oracle9i_xdb_http.pm.txt
Description:	This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service.
Author:	y0
File Size:	4118
Last Modified:	Dec 14 09:23:36 2005
MD5 Checksum:	3904180db4222415f801532251f226a4

/// File Name:	fireburn.txt
Description:	Proof of concept exploit for Firefox 1.0.4 for the InstallVersion.compareTo() vulnerability. Needs functional shellcode to work.
Author:	Aviv Raff
Homepage:	http://aviv.raffon.net/
File Size:	2912
Last Modified:	Dec 14 09:18:31 2005
MD5 Checksum:	a7b9197c7c69f746d4d5c68ef60627c1

/// File Name:	adpHashdisclose.txt
Description:	ADP Forum versions 2.0 through 2.0.3 suffers from a direct download flaw that discloses users' password hashes.
Author:	Liz0ziM
Homepage:	http://www.biyo.tk
File Size:	1194
Last Modified:	Dec 14 09:01:51 2005
MD5 Checksum:	3a4537af165b9812a28f6030875fd239

/// File Name:	phpcoin_122_sql_xpl.html
Description:	PhpCOIN version 1.2.2 blind SQL injection and remote code execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related Exploit:	phpcoin122.html"
File Size:	12956
Last Modified:	Dec 14 08:38:12 2005
MD5 Checksum:	4e5c4c0841e7cf1d1c5715cd43bc271a

/// File Name:	phpcoin_122_incl_xpl.html
Description:	PhpCOIN version 1.2.2 remote code execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related Exploit:	phpcoin_122_sql_xpl.html"
File Size:	10778
Last Modified:	Dec 14 08:37:06 2005
MD5 Checksum:	8daca9cd0eaad6f3477b12ed9e24d536

/// File Name:	phpcoin122.html
Description:	PhpCOIN version 1.2.2 is susceptible to arbitrary file inclusion, blind SQL injection, and path disclosure attacks.
Author:	rgod
Homepage:	http://rgod.altervista.org
Related Exploit:	phpcoin_122_incl_xpl.html"
File Size:	2291
Last Modified:	Dec 14 08:36:11 2005
MD5 Checksum:	06e0f015908740a626e9fcdad2aa017a

/// File Name:	BTGrup.txt
Description:	The BTGrup Admin WebController script is susceptible to a SQL injection attack.
Author:	khc
File Size:	172
Last Modified:	Dec 14 08:27:50 2005
MD5 Checksum:	b077a1a5be54dbc0ddd5f2155b17801d

/// File Name:	imoelPassword.txt
Description:	Direct download access of the setting.php file in IMOEL CMS allows for disclosure of the SQL password.
Author:	mehrtash mallahzadeh
Homepage:	http://www.ashiyane.com
File Size:	647
Last Modified:	Dec 14 08:26:57 2005
MD5 Checksum:	c3cf39d735cdc657ca8f40d348f2d188

/// File Name:	SEC-20051211-0.txt
Description:	SEC-CONSULT Security Advisory 20051211-0 - Horde versions 3.0.7 and below, Kronolith versions 2.0.5 and below, Mnemo version 2.0.2 and below, Nag versions 2.0.3 and below, and Turba versions 2.0.4 and below are susceptible to cross site scripting attacks.
Author:	Johannes Greil
Homepage:	http://www.sec-consult.com
File Size:	8439
Last Modified:	Dec 14 08:16:06 2005
MD5 Checksum:	cd3e50c6d30cf26aab9c6ebd6280f69c

/// File Name:	arabPortalSQL.txt
Description:	Arab Portal System version 2 Beta 2 is susceptible to SQL injection attacks.
Author:	Devil-00
File Size:	2062
Last Modified:	Dec 14 08:12:40 2005
MD5 Checksum:	fb558b6b1217c312052d18162d60388d

/// File Name:	mkportalXSS.txt
Description:	MkPortal with smf forum is susceptible to a cross site scripting flaw.
Author:	spyMASter
Homepage:	http://www.cyber-warrior.org
File Size:	508
Last Modified:	Dec 14 08:07:06 2005
MD5 Checksum:	5977b955d1a3623fe302409883dcd8eb

/// File Name:	Bb_6.zip
Description:	Blackboard versions 6.3.1.424 and 6.2.3.23 (and possibly earlier versions) are susceptible to login bypass, spoofing of announcements, and proxying flaws.
Author:	dr_insane
File Size:	13454
Last Modified:	Dec 14 07:36:44 2005
MD5 Checksum:	7113f857a7b23c9e90395e557919c2c2

/// File Name:	flatnuke256_xpl.txt
Description:	Flatnuke version 2.5.6 privilege escalation and remote command execution exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12931
Last Modified:	Dec 14 07:31:26 2005
MD5 Checksum:	0b914d4061a58677e535436986fc8701

/// File Name:	MilliScripts14.txt
Description:	MilliScripts version 1.4 is susceptible to cross site scripting attacks.
Author:	Luis Cortes, Vicente Perez
Homepage:	http://www.securitynation.com
File Size:	4178
Last Modified:	Dec 14 07:26:48 2005
MD5 Checksum:	543be3fa525bde43656e71efb7dcf4f2

/// File Name:	SMF11SQL.txt
Description:	Simple Machines Forum version 1.1 rc1 is susceptible to SQL injection attacks.
Author:	trueend5
Homepage:	http://www.KAPDA.ir
File Size:	2037
Last Modified:	Dec 14 07:18:45 2005
MD5 Checksum:	d419208a5047a55cc6a819f041e3c940

/// File Name:	lyris_attachment_mssql.pm.txt
Description:	This Metasploit module exploits a SQL injection flaw in the Lyris ListManager software for Microsoft SQL Server. This flaw allows for arbitrary commands to be executed with administrative privileges by calling the xp_cmdshell stored procedure. Versions 5.0 through 8.8a are affected.
Author:	H D Moore
Homepage:	http://metasploit.com/
Related Exploit:	lyris-listmanager.txt"
File Size:	4399
Last Modified:	Dec 14 07:14:50 2005
MD5 Checksum:	f7190bb52ae23cbb1c9bd08505907146