Section:  .. / 0605-exploits  /

Page 2 of 7
<< 1 2 3 4 5 6 7 >> Files 25 - 50 of 152
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: phpfusion600306-2.txt
Description:
PHP-Fusion versions 6.00.306 and below "srch_where" SQL injection and administrative credential disclosure exploit.
Author:rgod
Homepage:http://retrogod.altervista.org/
File Size:4798
Last Modified:May 22 07:17:07 2006
MD5 Checksum:9ea60d7d3da3e9dfdfbe79e9ddd7259d

 ///  File Name: freesshd-exploit.txt
Description:
Proof of concept exploit for freeSSHd version 1.0.9 that binds a shell to tcp/1977.
Author:Tauqeer Ahmad a.k.a 0x-Scientist-x0
File Size:4738
Last Modified:May 22 05:33:35 2006
MD5 Checksum:8276c56a73d57290493256ba30b07340

 ///  File Name: DSSExploit.txt
Description:
The default screen saver in Windows XP and Windows 2003 Server runs as a system process. Thus if a malicious person changes logon.scr to cmd.exe or explorer.exe they can take control of the system when the screen saver runs. POC exploit included.
Author:Susam Pal
Homepage:http://susampal.blogspot.com/
File Size:4694
Last Modified:May 26 03:17:41 2006
MD5 Checksum:d8f174910431a7908e23d89bd2c0a6b2

 ///  File Name: my_anon_db_leak.c
Description:
Proof of concept exploit that demonstrates an information leakage vulnerability in MySQL server version 4.1.18 and below and 5.0.20 and below.
Author:Stefano Di Paola
Homepage:http://www.wisec.it
Related File:mysqlLeak.txt
File Size:4677
Last Modified:May 5 14:13:34 2006
MD5 Checksum:13aefb173f330f70de42ba30561937f8

 ///  File Name: CYBSEC-SAPBC2.txt
Description:
CYBSEC Security Advisory - SAP BC was found to allow reading and deleting any file from the file system to which the user that the SAP BC is running as had access. The vulnerability is present in the Monitoring functionality of the SAP Adapter. Versions affected are SAP BC 4.6 and 4.7.
Author:Leandro Meiners
Homepage:http://www.cybsec.com/
File Size:4407
Last Modified:May 22 05:56:50 2006
MD5 Checksum:e71c7c3652c0d7bac4dba537177167dc

 ///  File Name: rt-sa-2006-002.txt
Description:
RedTeam identified a security flaw in prodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
Author:RedTeam Pentesting
Homepage:http://www.redteam-pentesting.de/
File Size:4296
Last Modified:May 24 10:50:14 2006
MD5 Checksum:4c214e8d424dc4c7144691cb7239ed0e

 ///  File Name: AlbinatorPro208.txt
Description:
Albinator Pro versions 2.0.8 and below suffer from a remote command execution vulnerability. Exploit included.
Homepage:http://www.xorcrew.net/
File Size:3945
Last Modified:May 6 23:01:08 2006
MD5 Checksum:6e3caaac804c781a1fbecd8067db00aa

 ///  File Name: ISPConfig.txt
Description:
ISPConfig versions 2.2.2 and below suffer from a remote command execution vulnerability.
Author:ReZEN
Homepage:http://www.xorcrew.net/
File Size:3814
Last Modified:May 9 22:19:54 2006
MD5 Checksum:a6802141e9c78e210ba77d6d8122ce1a

 ///  File Name: ActualAnalyzer688.txt
Description:
ActualAnalyzer version 6.88 suffers from a remote code execution vulnerability.
Author:ReZEN
File Size:3807
Last Modified:May 17 08:49:42 2006
MD5 Checksum:b6a740ec3d33569373e7a2392227e88d

 ///  File Name: sa-caucho.txt
Description:
ScanAlert Security Advisory - Caucho Resin versions 3.0.17 and 3.0.18 suffer from arbitrary file access and information disclosure vulnerabilities.
Homepage:http://www.scanalert.com/
File Size:3480
Last Modified:May 22 07:04:15 2006
MD5 Checksum:e6eb58aae907535140edb0006d174b53

 ///  File Name: bl4ck_awstats_migrate_cmd_inj.py.tx..>
Description:
Remote shell command injection exploit for AWStats versions 6.5 and below.
Author:redsand
File Size:3447
Last Modified:May 7 00:02:27 2006
MD5 Checksum:15748dc0bac06497e96edf06896e3d65

 ///  File Name: SpeedyASPForum.txt
Description:
Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit
Author:ajannhwt
File Size:3436
Last Modified:May 29 09:59:58 2006
MD5 Checksum:5e909f7d5a776f0e1b7345535fc4676a

 ///  File Name: SAPwebas.txt
Description:
SAP Web Application Server versions 7.00 and below suffer from a URL manipulation flaw that can allow for cross site scripting.
Author:A. Grossmann
File Size:3286
Last Modified:May 22 07:02:29 2006
MD5 Checksum:98cdb331d2641aba2e6fc365d4e111b8

 ///  File Name: openvpn207.txt
Description:
OpenVPN version 2.0.7 allows for full authentication bypass due to having an administrative interface wide open via telnetd.
Author:c0redump
File Size:3150
Last Modified:May 6 22:55:36 2006
MD5 Checksum:0a4d634cf0e4e88db3f36b52449a0361

 ///  File Name: portmap-PoC.c
Description:
Local DOS exploit for portmap.
Author:Federico L. Bossi Bonin
File Size:3055
Last Modified:May 27 00:45:47 2006
MD5 Checksum:8760c07f15308affb930e53f085cc32c

 ///  File Name: SEC-20060512-0.txt
Description:
SEC-CONSULT Security Advisory 20060512-0 - The Symantec Enterprise Firewall leaks internal IPs of natted machines in response to certain HTTP requests. Version 8.0 is vulnerable.
Author:Bernhard Mueller
Homepage:http://www.sec-consult.com
File Size:3042
Last Modified:May 21 21:20:55 2006
MD5 Checksum:45efb7adcb6dbcfec7f0bab930904131

 ///  File Name: 4images171.txt
Description:
4images version 1.7.1 is susceptible to SQL injection attacks.
Author:CrAzY CrAcKeR
Homepage:http://www.alshmokh.com
File Size:3021
Last Modified:May 2 07:25:52 2006
MD5 Checksum:a9a9046252a591fd108779cb1a0b6734

 ///  File Name: Kaspersky6-POP3.txt
Description:
Kaspersky antivirus 6 suffers from an error in the POP3 state machine POP3 monitor thus allowing any malicious software on the local computer to bypass the POP3 monitor.
Author:bug.registrator
File Size:2991
Last Modified:May 29 09:07:52 2006
MD5 Checksum:e5dd17cdc394afd4c6b98c13182fa457

 ///  File Name: liberoXSS.txt
Description:
Libero.it is susceptible to cross site scripting vulnerabilities.
Author:Davide Denicolo
File Size:2940
Last Modified:May 6 22:01:34 2006
MD5 Checksum:f974e687ec599bcbb1daea587c1a9e1e

 ///  File Name: aklink-sa-2006-001-jsboard-xss.txt
Description:
JSBoard releases 2.0.10 and 2.0.11 suffer from a cross site scripting vulnerability.
Author:Alexander Klink
Homepage:https://www.klink.name/
File Size:2897
Related CVE(s):CAN-2006-2109
Last Modified:May 5 11:58:20 2006
MD5 Checksum:25479bacc173ad5bb2c098da0e825c2b

 ///  File Name: R7-0024.txt
Description:
Rapid7 Security Advisory - The Caucho Resin web application server for Windows contains a directory traversal vulnerability that allows remote unauthenticated users to download any file from the system. It is possible to download files from any drive on the system. Versions 3.0.18 and 3.0.17 for Windows are vulnerable.
Homepage:http://www.rapid7.com/
File Size:2894
Related CVE(s):CVE-2006-1953
Last Modified:May 22 07:15:39 2006
MD5 Checksum:31d1931060c9dac4600df99620e3a12f

 ///  File Name: JAMES2.2.0.txt
Description:
It is possible to DOS Java Apache Mail Enterprise Server (a.k.a. Apache James) by sending it a long SMTP argument. POC included.
Author:Ahmad Muammar W.K
Homepage:http://y3dips.echo.or.id/
File Size:2690
Last Modified:May 30 01:50:09 2006
MD5 Checksum:3b16937b13c91271931fbb4c674cd88c

 ///  File Name: CANews.txt
Description:
CodeAvalanche News version 1.2 is susceptible to SQL injection and cross site scripting vulnerabilities.
Author:omnipresent
File Size:2552
Last Modified:May 23 09:55:38 2006
MD5 Checksum:704f380ee1fb03a9e885c2c9fbbe24ec

 ///  File Name: jetboxCMS.txt
Description:
JetBox CMS remote file inclusion exploit that allows for command execution.
Author:beford
File Size:2540
Last Modified:May 7 00:00:33 2006
MD5 Checksum:43d3be4df9879b00a52b4cb7224ce15a

 ///  File Name: phpbazar-210.pl.txt
Description:
01:13:55 2006 phpBazar versions less than or equal to 2.1.0 Remote File Inclusion Exploit.
Author:mescalin
Homepage:http://mescalin.100free.com
File Size:2443
Last Modified:May 27
MD5 Checksum:e2891cd9de0eafd2278bbf0bd1aa5bf4