Section:  .. / 0512-exploits  /

Page 4 of 4
<< 1 2 3 4 >> Files 75 - 83 of 83
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: zencart_126d_xpl.html
Description:
Zen-Cart versions 1.2.6d and below are susceptible to blind SQL injection and remote command execution attacks. Exploit included.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:16138
Last Modified:Dec 3 07:22:36 2005
MD5 Checksum:a507099ecbfb1ccd22d23ed6ed3eca57

 ///  File Name: freeHelpInject.txt
Description:
It appears that the Free Help Desk software by Help Desk Reloaded leaves the install.php file in place post installation, allowing remote attackers to create accounts without any authentication or access.
Author:BiPi_HaCk
Homepage:http://www.NightmareSecurity.net
File Size:2210
Last Modified:Dec 3 07:19:51 2005
MD5 Checksum:59d3001cc14911fe89d6c74dc9fab115

 ///  File Name: AD20051202.txt
Description:
WinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
Author:Sowhat
Homepage:http://secway.org/
File Size:3352
Last Modified:Dec 3 06:40:55 2005
MD5 Checksum:e2a03f701231a1f11975df0e44fadadb

 ///  File Name: phpMyChat0146.txt
Description:
phpMyChat version 0.14.6 is susceptible to cross site scripting flaws in start_page.css.php, style.css.php, and users_popupL.php.
Author:Louis Wang
Homepage:http://www.fortinet.com/
File Size:1630
Last Modified:Dec 3 06:38:22 2005
MD5 Checksum:aca7825d44871757fae3eb67dd784b18

 ///  File Name: EdgewallSQL.txt
Description:
Edgewall Trac version 0.9 is susceptible to a SQL injection attack due to a lack of sanity checking on the group variable.
Author:David Maciejak
File Size:800
Last Modified:Dec 3 06:27:47 2005
MD5 Checksum:7df147c2ac1998ed9869129658f50506

 ///  File Name: GameFlyXSS.txt
Description:
GameFly, the popular online video game rental service, suffers from a cross site scripting flaw.
Author:Matthew Benenati
File Size:417
Last Modified:Dec 3 06:25:45 2005
MD5 Checksum:fd363324b7ba22cd1ed151f9e8b1cda4

 ///  File Name: webCalSQL.txt
Description:
WebCalendar version 0.1.0 is susceptible to SQL injection attacks via activity_log.php and edit_report_handler.php. layers_toggle.php is susceptible to CRLF injection. Exploitation details provided.
Author:lwang
File Size:2068
Last Modified:Dec 2 17:57:58 2005
MD5 Checksum:46ca1f68ff71adaff29ee3145854d376

 ///  File Name: winCreateExp.txt
Description:
Microsoft Windows CreateRemoteThread denial of service exploit.
Author:nima Salehi
Homepage:http://www.Ashiyane.com
File Size:4990
Last Modified:Dec 2 17:56:21 2005
MD5 Checksum:5802c87f4a75cb494ecd81206bc890ba