Section:  .. / 0702-exploits  /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 126
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 02062007-raptor_winudf.tgz
Description:
This is a MySQL backdoor kit for Windows based on the UDFs (User Defined Functions) mechanism. It can be used to spawn a reverse shell (netcat UDF on port 80/tcp) or to execute single OS commands (exec UDF). Tested on MySQL 4.0.18-win32 (running on Windows XP SP2), MySQL 4.1.22-win32 (running on Windows XP SP2), MySQL 5.0.27-win32 (running on Windows XP SP2).
Author:Marco Ivaldi
File Size:68771
Last Modified:Feb 8 06:08:50 2007
MD5 Checksum:7c61df06ad51543872d66efc84c7858c

 ///  File Name: 0702-exploits.tgz
Description:
Packet Storm new exploits for February, 2007.
Homepage:http://packetstormsecurity.org/
File Size:215102
Last Modified:Mar 6 06:08:23 2007
MD5 Checksum:4293d73fbe0d189cd0fbb512857db6c8

 ///  File Name: 12070214.txt
Description:
Jupiter CMS version 1.1.5 suffers from multiple vulnerabilities including SQL injection, cross site scripting, local and remote file inclusion, and more. I think it should be a do-over.
Author:DarkFig
Homepage:http://www.acid-root.new.fr/
File Size:8609
Last Modified:Feb 14 23:17:00 2007
MD5 Checksum:e99bcc28b629a60c407dba283724c814

 ///  File Name: activecal120-multi.txt
Description:
ActiveCalendar version 1.2.0 suffers from cross site scripting and local file inclusion vulnerabilities.
Author:Simon Bonnard
File Size:574
Last Modified:Feb 28 01:38:41 2007
MD5 Checksum:f8122376858f457b150dbad19ec59183

 ///  File Name: adv63-y3dips-2007.txt
Description:
Cadre suffers from a remote file inclusion flaw.
Author:y3dips
Homepage:http://echo.or.id/
File Size:1768
Last Modified:Feb 1 05:53:40 2007
MD5 Checksum:dbe6dbe67c3ec2682c8b3daa37c2d9f5

 ///  File Name: adv64-y3dips-2007.txt
Description:
Open-CMS Site Protection Plugin suffers from a remote file inclusion flaw.
Author:y3dips
Homepage:http://echo.or.id/
File Size:2515
Last Modified:Feb 13 07:38:07 2007
MD5 Checksum:ce492393cbbc9fcfd2e17deba0c99f6a

 ///  File Name: adv66-K-159-2007.txt
Description:
SendStudio versions 2004.14 and below suffer from a remote file inclusion vulnerability.
Author:M.Hasran Addahroni
Homepage:http://advisories.echo.or.id/
File Size:6029
Last Modified:Feb 24 01:04:57 2007
MD5 Checksum:e49bc139f7bc31e7917783ba3e8a0c4f

 ///  File Name: agermenu-rfi.txt
Description:
AgerMenu version 0.01 suffers from a remote file inclusion vulnerability.
Author:GolD_M
File Size:594
Last Modified:Feb 8 06:16:49 2007
MD5 Checksum:1322f6bf0968ff8fdb0e30e5d46c12c8

 ///  File Name: ap205-gen.txt
Description:
Advanced Poll versions 2.0.5-dev and below remote admin session generation exploit.
Author:diwou
File Size:1571
Last Modified:Feb 8 06:14:45 2007
MD5 Checksum:65cd890ef5a6f95794ef298761256e02

 ///  File Name: atmail-xss.txt
Description:
@Mail suffers from cross site scripting flaws in search.pl.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:2227
Last Modified:Feb 14 21:10:30 2007
MD5 Checksum:d60b8c17ec10bebc6c28f497e00b60bb

 ///  File Name: axiagen.c
Description:
Axigen eMail Server version 2.0 Beta format string exploit that binds a shell to port 31337. Not tested.
Author:fugich
File Size:6119
Last Modified:Feb 17 05:55:06 2007
MD5 Checksum:ec6405482e949071196784b15d5168ae

 ///  File Name: BTP00000P005CF.zip
Description:
Denial of service exploit that demonstrates a lack of argument validation in Comodo Firewall Pro. Affected versions include Comodo Firewall Pro 2.4.16.174 and Comodo Personal Firewall 2.3.6.81.
Homepage:http://www.matousec.com/
Related File:BTP00000P005CF.txt
File Size:4515
Last Modified:Feb 6 05:06:36 2007
MD5 Checksum:03df1ac8bbebb394ff5a7b9d4be37b1c

 ///  File Name: calexp-xss.txt
Description:
Calendar Express 2 suffers from a cross site scripting flaw.
Author:BLacK ZeRo
File Size:449
Last Modified:Feb 16 08:18:31 2007
MD5 Checksum:f92eb4f2a73ffcc159d8f4158729b173

 ///  File Name: cattools-traverse.txt
Description:
Kiwi CatTools versions below 3.2.0 Beta suffer from a tftp directory traversal flaw.
Author:Nicob
File Size:883
Last Modified:Feb 13 06:54:54 2007
MD5 Checksum:15e1d669c724fd97d9cf42080bc6c86c

 ///  File Name: ccs-xss.txt
Description:
Call Center Software version 0.93 is susceptible to a cross site scripting vulnerability.
Author:CorryL
File Size:3387
Last Modified:Feb 24 02:38:06 2007
MD5 Checksum:5cd1a0a65423a1d16e51134a548cde32

 ///  File Name: cedstat131-xss.txt
Description:
CedStat version 1.31 suffers from a cross site scripting flaw.
Author:sn0oPy
File Size:423
Last Modified:Feb 16 09:07:25 2007
MD5 Checksum:72035b6f9493e72a8b4a5d3ae3f0aee2

 ///  File Name: cerulean-rfi.txt
Description:
Cerulean Portal System suffers from a remote file inclusion flaw in phpbb_root_path.
Author:xoron
File Size:1054
Last Modified:Feb 6 05:02:08 2007
MD5 Checksum:545427f4b60cb061e3ce615b5a1cbc1e

 ///  File Name: cold-xss.txt
Description:
The Cold Fusion web server suffers from a cross site scripting vulnerability.
Author:digi7al64
File Size:849
Last Modified:Feb 6 06:28:51 2007
MD5 Checksum:d78f55d5a50dac30d925e2e8ed4887e8

 ///  File Name: comserv-xss.txt
Description:
CommunityServer Commercial Edition suffers from a cross site scripting flaw.
Author:BLacK ZeRo
File Size:323
Last Modified:Feb 13 07:33:03 2007
MD5 Checksum:0a8b10e857fd3e4b85243417164b312c

 ///  File Name: connectix-multi.txt
Description:
Connectix Boards versions 0.7 and below privilege escalation and remote code execution exploit.
Author:DarkFig
File Size:10514
Last Modified:Feb 24 02:34:47 2007
MD5 Checksum:4e9f41620a7ecbe2ee5ddc0eae631d6f

 ///  File Name: coppermine-blindsql.txt
Description:
Coppermine Photo Gallery version 1.3.x blind SQL injection exploit.
Author:s0cratex
File Size:2204
Last Modified:Feb 28 01:45:24 2007
MD5 Checksum:a455d05a88b89a11ba6a2296c29cffb3

 ///  File Name: cotv2-dos.txt
Description:
cotv 2.0 suffers from a client-side denial of service vulnerability due to a lack of validation. Demonstration exploit included.
Author:poplix
File Size:2325
Last Modified:Feb 6 05:20:16 2007
MD5 Checksum:09fcabf3a5299f63313c1f1e27df059b

 ///  File Name: crfdb-disclose.txt
Description:
Capital Request Forms DB suffers from a remote username and password disclosure flaw.
Author:Gokhan
File Size:972
Last Modified:Feb 13 07:08:21 2007
MD5 Checksum:fd2f51df842d9fe1255175546ac99245

 ///  File Name: demtrac-log.txt
Description:
Dem_trac allows direct download access to the system's log file without authentication.
Author:sn0oPy
File Size:457
Last Modified:Feb 17 05:44:32 2007
MD5 Checksum:0100d8835d01c2eafa42d293244d19e2

 ///  File Name: deskpro-xss.txt
Description:
Deskpro version 1.1.0 suffers from a cross site scripting flaw.
Author:BLacK ZeRo
File Size:371
Last Modified:Feb 16 08:19:10 2007
MD5 Checksum:255202d92a54ed746f9a50e440add431