Section: .. / 0601-exploits /

Page 5 of 6
<< 1 2 3 4 5 6 >> Files 100 - 125 of 137

Currently sorted by: Last Modified Sort By: File Name, File Size

/// File Name:	2005-23-12-brainsquad-team-cms.txt
Description:	The CMS system from brainsquad-team suffers from a cross site scripting vulnerability in the user profile section and also may be susceptible to SQL injection attacks.
Author:	yorn
File Size:	1353
Last Modified:	Jan 9 19:27:12 2006
MD5 Checksum:	b304061cc1e355228534d3d9cd8b9988

/// File Name:	ms05-055.c
Description:	Microsoft Windows Kernel APC Data-Free local privilege escalation vulnerability exploit.
Author:	SoBeIt
File Size:	10589
Last Modified:	Jan 8 19:57:55 2006
MD5 Checksum:	3364bf57dfbfff5b82e1c2917e44cfc5

/// File Name:	ihs_winrar.c
Description:	WinRAR local buffer overflow exploit for versions 3.3.0 and below.
Author:	c0d3r
File Size:	5207
Last Modified:	Jan 8 19:53:22 2006
MD5 Checksum:	68a94ebfd48c42c061dfb8437d23f021

/// File Name:	EV0019.txt
Description:	NavBoard BBcode version 16 Stable (2.6.0) is susceptible to cross site scripting attacks. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1387
Last Modified:	Jan 8 19:28:12 2006
MD5 Checksum:	795dcec7a4b3981f729c758dd838b026

/// File Name:	CAN-2005-4085_exploit.pl.txt
Description:	Remote exploit that makes use of a buffer overflow vulnerability in the Host: string sent to Blue Coat Systems Inc.'s WinProxy. Successful exploitation binds a shell on tcp port 4444.
Author:	FistFuXXer
Related File:	01.05.06-2.txt
File Size:	2917
Related CVE(s):	CAN-2005-4085
Last Modified:	Jan 8 06:55:47 2006
MD5 Checksum:	f4d52f7a8622879b4bfb2f3b61a9c7a3

/// File Name:	CAN-2005-3187_exploit.pl.txt
Description:	Simple denial of service exploit for Blue Coat Systems Inc.'s WinProxy that will cause the server to crash when sent 32,768 bytes.
Author:	FistFuXXer
Related File:	01.05.06-1.txt
File Size:	729
Related CVE(s):	CAN-2005-3187
Last Modified:	Jan 8 06:52:13 2006
MD5 Checksum:	d3e9e76887d418de63793cc25b3632db

/// File Name:	EV0017.txt
Description:	TheWebForum version 1.2.1 is susceptible to cross site scripting and SQL injection attacks. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1693
Last Modified:	Jan 8 06:35:14 2006
MD5 Checksum:	bae4e106cc7612ff061fa6c458a550d0

/// File Name:	EV0016.txt
Description:	Proyecto Domus version 2.10 is susceptible to a cross site scripting vulnerability. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1127
Last Modified:	Jan 8 06:30:18 2006
MD5 Checksum:	afec9a648f52c5327ffda04fcbe5ce4e

/// File Name:	EV0015.txt
Description:	ADNForum version 1.0b is susceptible to SQL injection and cross site scripting vulnerabilities. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1427
Last Modified:	Jan 8 06:15:20 2006
MD5 Checksum:	f56b32e64169be4a853e63ddc387ecdb

/// File Name:	cybershopSQL.txt
Description:	CyberShop is susceptible to SQL injection attacks via the login sequence.
Author:	Night_Warrior
File Size:	290
Last Modified:	Jan 8 06:04:34 2006
MD5 Checksum:	9709be0980f44d10901219d6ed7e7225

/// File Name:	EV0014.txt
Description:	TinyPHPForum versions 3.6 and below suffer from directory traversal, cross site scripting, and information disclosure flaws. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1337
Last Modified:	Jan 8 03:24:34 2006
MD5 Checksum:	90693ed76e197a01401b1c05b494c36b

/// File Name:	webftpInclude.txt
Description:	A file inclusion vulnerability exists in WebFTP version 1.2.6 in webftp.php.
Author:	Thomas Henlich
File Size:	1260
Last Modified:	Jan 8 03:01:11 2006
MD5 Checksum:	28b26f75d55cc9d465dd46388dec480d

/// File Name:	phpflaw.php.zip
Description:	PHP 4.3.10 and 4.4.0 Windows remote stack overflow exploit which works on certain systems by overflowing the mysql_connect function. Includes an advisory and workaround information.
Author:	mercenary
File Size:	2548
Last Modified:	Jan 6 10:47:06 2006
MD5 Checksum:	77f826297bb36e8891bdac9ce5515e63

/// File Name:	MS05-055Exp.rar
Description:	MS05-055 local privilege escalation exploit tested on Windows2000 pro sp4 with and without rollup 1 - Chinese and English versions. Takes advantage of a vulnerability in the Windows Kernel APC Data-Free. Includes C source.
Author:	SoBeIt
File Size:	54187
Last Modified:	Jan 6 10:32:10 2006
MD5 Checksum:	81029bdb3889e6fc2d3cd1307e150698

/// File Name:	LizardCart.txt
Description:	The Lizard Cart CMS version 1.04 suffers from an SQL injection vulnerability in the "id" variable.
Author:	Aliaksandr Hartsuyeu
Homepage:	http://evuln.com/vulns/12/summary.html
File Size:	1251
Last Modified:	Jan 5 02:24:05 2006
MD5 Checksum:	77c466bb102824b0596cf05408e2fa1a

/// File Name:	20051228.ie_xp_pfv_metafile.pm
Description:	Perl module which exploits the WMF SetAbortProc in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code and was reported to the Bugtraq mailing list after being discovered in the wild at the following URL: http://unionseek[DOT]com/d/t1/wmf_exp.htm. Unofficial patch here.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	50586
Last Modified:	Jan 4 20:50:37 2006
MD5 Checksum:	3260de4f252b0eff3a96c08dcbf37c99

/// File Name:	20051231.ie_xp_pfv_metafile.pm
Description:	Microsoft Windows Metafile (WMF) SetAbortProc remote code execution exploit which takes advantage of a vulnerability in the GDI library by using the 'Escape' metafile function to execute arbitrary code through the SetAbortProc procedure. Tested against Windows XP and 2003.
Author:	H D Moore, San, O600KO78RUS
Homepage:	http://www.metasploit.com
Related File:	WMFHotfix-1.4.msi
File Size:	6170
Last Modified:	Jan 4 20:35:47 2006
MD5 Checksum:	d3193306031cf79a65054de5ec58c6f7

/// File Name:	winrar330.c
Description:	WinRAR version 3.30 suffers from a buffer overflow vulnerability when processing a long file name. Proof of concept exploit provided.
Author:	Alpha_Programmer
File Size:	1597
Last Modified:	Jan 4 06:19:13 2006
MD5 Checksum:	6febae945f6edab57176fea3e2651d71

/// File Name:	cijfer-vsczpl.pl.txt
Description:	Valdersoft Shopping Cart versions 3.0 and below remote command execution exploit.
Author:	cijfer
File Size:	3120
Last Modified:	Jan 4 06:14:35 2006
MD5 Checksum:	1334d876f1f971b86d5eeb002c43ead9

/// File Name:	termsh.c
Description:	SCO Openserver 5.0.7 termsh local privilege escalation exploit.
Author:	RoD hEDoR
File Size:	1270
Related CVE(s):	CAN-2005-0351
Last Modified:	Jan 4 06:12:52 2006
MD5 Checksum:	7eb534c3390752e4d676fd49101944ba

/// File Name:	EV0011.txt
Description:	ScozBook version BETA 1.1 is susceptible to SQL injection attacks. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1154
Last Modified:	Jan 4 06:09:45 2006
MD5 Checksum:	b44ed22d773155b59a9f51328ccdc751

/// File Name:	EV0010.txt
Description:	B-net Software version 1.0 is susceptible to cross site scripting attacks. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1185
Last Modified:	Jan 4 06:09:07 2006
MD5 Checksum:	8e8f514602094834d3eb15a736e18fff

/// File Name:	EV0009.txt
Description:	PHPjournaler version 1.0 is susceptible to SQL injection attacks via index.php. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1021
Last Modified:	Jan 4 05:41:21 2006
MD5 Checksum:	ba8cd3f4d615b26d13a8ea614dcca1e6

/// File Name:	EV0008.txt
Description:	inTouch 0.5.1 Alpha is susceptible to SQL injection attacks via the login page. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	975
Last Modified:	Jan 4 05:40:41 2006
MD5 Checksum:	06bfd3cd16d5efa0cf2668fa307934a2

/// File Name:	EV0007.txt
Description:	Chimera Web Portal System version 0.2 is susceptible to SQL injection and cross site scripting attacks. Exploitation details provided.
Author:	Aliaksandr Hartsuyeu
File Size:	1505
Last Modified:	Jan 4 05:40:01 2006
MD5 Checksum:	d1b0ac8378f55aebcccf71d22f4738a1