Section:  .. / 0906-exploits  /

Page 3 of 10
<< 1 2 3 4 5 6 7 8 9 10 >> Files 50 - 75 of 247
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 4images-bypassxss.txt
Description:
4images versions 1.7.7 and below suffer from filter bypass HTML injection and cross site scripting vulnerabilities.
Author:Qabandi
File Size:4849
Last Modified:Jun 12 12:12:28 2009
MD5 Checksum:d8ce3c2486af81ddd03d17aae31b9212

 ///  File Name: fretsweb-lfi.txt
Description:
FretsWeb version 1.2 suffers from multiple local file inclusion vulnerabilities.
Author:YEnH4ckEr
File Size:4777
Last Modified:Jun 17 18:51:31 2009
MD5 Checksum:f9fdca1ebfa9d698242afc7e9534c340

 ///  File Name: modsecurity-bypass.txt
Description:
ModSecurity versions 2.5.9 and below using ModSecurity Core Rules versions 2.5-1.6.1 and below suffer from a HPP filter bypass vulnerability.
Author:Lavakumar Kuppan
File Size:4777
Last Modified:Jun 11 18:16:04 2009
MD5 Checksum:b5a27ad15579c0a3d205f693d558d173

 ///  File Name: myfusion-lfi.txt
Description:
MyFusion version 6b suffers from a local file inclusion vulnerability.
Author:CraCkEr
File Size:4765
Last Modified:Jun 25 19:52:48 2009
MD5 Checksum:bf046abf44c509dcd9d8da4b6d5e7dae

 ///  File Name: hpdp1-dos.txt
Description:
Proof of concept exploit for a memory disclosure / denial of service vulnerability in HP Data Protector version 4.00-sp1 43064.
Author:Nibin
File Size:4722
Last Modified:Jun 23 20:13:37 2009
MD5 Checksum:b69a9706b28026ce7773411ba89efc2a

 ///  File Name: anguestbook-lfi.txt
Description:
AN Guestbook version 0.7.8 suffers from a local file inclusion vulnerability.
Author:CraCkEr
File Size:4719
Last Modified:Jun 24 20:08:48 2009
MD5 Checksum:f66016ecc80c036b5d9faa22667bc445

 ///  File Name: elgg-xssxsrf.txt
Description:
The Elgg CMS versions below 1.00 suffer from cross site scripting, cross site request forgery, and change password vulnerabilities.
Author:ThE Lorddemon
File Size:4530
Last Modified:Jun 22 22:21:03 2009
MD5 Checksum:70e99f7e03aeb12b21b2ca34c2b2ba6a

 ///  File Name: kjtechforce-sqldelete.txt
Description:
Kjtechforce Mailman Beta-1 suffers from a remote SQL injection delete row vulnerability.
Author:YEnH4ckEr
Related Exploit:kjtechforce-blindsql.txt
File Size:4512
Last Modified:Jun 5 16:28:00 2009
MD5 Checksum:d1a66bb2ae132b236d24dab8f412bf98

 ///  File Name: shopscript-sql.txt
Description:
Shop Script Pro version 2.12 remote SQL injection exploit.
Author:Ams
File Size:4476
Last Modified:Jun 8 19:54:13 2009
MD5 Checksum:d9225f8d1642d0ea072a71b40d94f667

 ///  File Name: baofengmp-overflow.txt
Description:
The Baofeng Media Player Storm version 3.9.62 suffers from a playlist related stack overflow vulnerability.
Author:Jambalaya
Homepage:http://www.nevisnetworks.com/
File Size:4385
Last Modified:Jun 29 14:48:29 2009
MD5 Checksum:cb59d2c57ab02e207f269b7db60dea7a

 ///  File Name: splog-sql.txt
Description:
Splog versions 1.2 Beta and below suffer from multiple remote SQL injection vulnerabilities.
Author:YEnH4ckEr
File Size:4299
Last Modified:Jun 11 17:18:11 2009
MD5 Checksum:cdd79d023e6a6aed8039def8a1a68212

 ///  File Name: greendam_url.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in Green Dam Youth Escort version 3.17 in the way it handles overly long URLs. By setting an overly long URL, an attacker can overrun a buffer and execute arbitrary code. This module uses the .NET DLL memory technique by Alexander Sotirov and Mark Dowd and should bypass DEP, NX and ASLR.
Author:Trancer
Homepage:http://www.rec-sec.com/
File Size:4266
Last Modified:Jun 16 18:38:11 2009
MD5 Checksum:5a08d81c955f53de749118fe4a316053

 ///  File Name: hostdirpro-passwd.txt
Description:
Host Directory PRO version 2.1.0 remote administrative password changing exploit.
Author:TiGeR-Dz
Homepage:http://www.h4ckf0u.com/
File Size:4240
Last Modified:Jun 4 19:39:02 2009
MD5 Checksum:17fe642cb6399b0b40567b3e755e643a

 ///  File Name: punbbaffiliations-blindsql.txt
Description:
Versions 1.1 and below of the OUT module in PunBB suffers from a remote blind SQL injection vulnerability in Affiliations.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4226
Last Modified:Jun 29 17:43:48 2009
MD5 Checksum:8a70c90bed65350e655e76736ac8712c

 ///  File Name: oxygen2php113-blindsql.txt
Description:
Oxygen2PHP versions 1.1.3 and below remote blind SQL injection exploit that leverages forumdisplay.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4222
Last Modified:Jun 29 17:38:32 2009
MD5 Checksum:5d40aaf3e05cad04abf109ed9318dc57

 ///  File Name: punbbaffiliationsin-blindsql.txt
Description:
Versions 1.1 and below of the IN module in PunBB suffers from a remote blind SQL injection vulnerability in Affiliations.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4222
Last Modified:Jun 29 19:19:52 2009
MD5 Checksum:3c330bf97acb5e107000af739551fbca

 ///  File Name: punbbvoteforusout-blindsql.txt
Description:
Versions 1.0.1 and below of the OUT module in PunBB suffer from a remote blind SQL injection vulnerability in VoteForUs.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4209
Last Modified:Jun 29 19:18:14 2009
MD5 Checksum:cb517c883119f24e4a14b567ed5ea258

 ///  File Name: oxygen2php113post-blindsql.txt
Description:
Oxygen2PHP versions 1.1.3 and below remote blind SQL injection exploit that leverages post.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4207
Last Modified:Jun 29 17:39:35 2009
MD5 Checksum:43cf8289da304d0aaa6a5070b2780ba9

 ///  File Name: punbbvoteforus-blindsql.txt
Description:
Versions 1.0.1 and below of the IN module in PunBB suffer from a remote blind SQL injection vulnerability in VoteForUs.php.
Author:Dante90
Homepage:http://www.warwolfz.org/
File Size:4205
Last Modified:Jun 29 17:45:21 2009
MD5 Checksum:56c9d705101a445b2a4546414f92ae76

 ///  File Name: scms-sql.txt
Description:
S-CMS versions 2.0 Beta3 and below suffer from multiple remote SQL injection vulnerabilities.
Author:YEnH4ckEr
File Size:4205
Last Modified:Jun 10 16:52:45 2009
MD5 Checksum:f7297544906ef9ecc07a7a6e2d5550fd

 ///  File Name: phpmyadminrcesh.txt
Description:
phpMyAdmin /scripts/setup.php PHP code injection remote command execution proof of concept exploit. Versions 3.0.1.1 and below are affected.
Author:pagvac
File Size:4197
Related CVE(s):CVE-2009-1151
Last Modified:Jun 10 18:24:10 2009
MD5 Checksum:59f3c5673bb3b69956d8432c0e7b8a9a

 ///  File Name: firestats-rfi.txt
Description:
The WordPress FireStats plugin versions 1.6.1 and below suffer from a remote file inclusion vulnerability.
Author:darkmasking
File Size:4148
Last Modified:Jun 13 23:35:24 2009
MD5 Checksum:2113bb1937eb50d88f635f4724e706d8

 ///  File Name: dbtopsites10-exec.txt
Description:
DB Top Sites version 1.0 remote command execution exploit.
Author:SirGod
Homepage:http://www.insecurity.ro/
File Size:4093
Last Modified:Jun 15 15:50:53 2009
MD5 Checksum:7c40b84001425d40461b8fff28bc115d

 ///  File Name: hpdp2-dos.txt
Description:
HP Data Protector is prone to a memory leak vulnerability. The same vector of exploitation can be used for denial of service attack if an invalid memory address is accessed. This is a Metasploit module that demonstrates this vulnerability.
Author:Nibin
File Size:4065
Related CVE(s):CVE-2009-0714
Last Modified:Jun 23 20:17:14 2009
MD5 Checksum:b6eabba86941c72850c9db95f38e71de

 ///  File Name: whoisadmin-bypass.txt
Description:
WHOISCART suffers from an information disclosure vulnerability that allows for administrative bypass.
Author:Black Dream
Homepage:http://www.sec-r1z.com/
File Size:4045
Last Modified:Jun 29 11:21:37 2009
MD5 Checksum:30c4b1c065e1e327734a8a6a8208e378