Section: .. / 0910-exploits /

Page 7 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 150 - 175 of 210

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	php_wordpress_lastpost.rb.txt
Description:	This Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software. This vulnerability is only present when the PHP 'register_globals' option is enabled (common for hosting providers). All versions of WordPress prior to 1.5.1.3 are affected.
Author:	str0ke
File Size:	2704
Related OSVDB(s):	18672
Related CVE(s):	CVE-2005-2612
Last Modified:	Oct 30 14:47:48 2009
MD5 Checksum:	f0c5a85b146ef22ce67312366495cb42

/// File Name:	php_xmlrpc_eval.rb.txt
Description:	This Metasploit module exploits an arbitrary code execution flaw discovered in many implementations of the PHP XML-RPC module. This flaw is exploitable through a number of PHP web applications, including but not limited to Drupal, Wordpress, Postnuke, and TikiWiki.
Author:	H D Moore,cazz
Homepage:	http://www.metasploit.com
File Size:	3354
Related OSVDB(s):	17793
Related CVE(s):	CVE-2005-1921
Last Modified:	Oct 30 14:49:23 2009
MD5 Checksum:	cea4cd1d99b0e5eb14b3f425347482c5

/// File Name:	phpbb_highlist.rb.txt
Description:	This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
Author:	Val Smith
File Size:	3369
Related OSVDB(s):	11719,17613
Related CVE(s):	CVE-2005-2086, CVE-2004-1315
Last Modified:	Oct 30 14:51:38 2009
MD5 Checksum:	7a942828f6e1af4e45f98f4bc41785f9

/// File Name:	phpcms2008-disclose.txt
Description:	phpCMS 2008 suffers from a remote file disclosure vulnerability.
Author:	Securitylab Security Research
Homepage:	http://securitylab.ir/
File Size:	1032
Last Modified:	Oct 19 20:15:09 2009
MD5 Checksum:	13d434d08b85f2a4a0aae1099f7b2560

/// File Name:	piwik-upload.txt
Description:	Piwik Build versions 1357 2009-08-02 and below suffer from a remote file upload vulnerability in ofc_upload_image.php that allows for remote command execution.
Author:	boecke
File Size:	1823
Last Modified:	Oct 19 19:35:13 2009
MD5 Checksum:	0045b13278afb66e98008f2d0131ac78

/// File Name:	poptop_negative_read.rb.txt
Description:	This is an exploit for the Poptop negative read overflow. This will work against versions prior to 1.1.3-b3 and 1.1.3-20030409.
Author:	spoonm
File Size:	3833
Related OSVDB(s):	3293
Related CVE(s):	CVE-2003-0213
Last Modified:	Oct 27 16:22:39 2009
MD5 Checksum:	830bfdbd26298b840c903bfc1b4d5d94

/// File Name:	prdelka-vs-SUN-virtualbox.sh.txt
Description:	Sun VirtualBox versions 3.0.6 and below local root exploit that takes advantage of a popen() meta char shell injection vulnerability.
Author:	prdelka
Homepage:	https://prdelka.blackart.org.uk/
File Size:	4066
Related CVE(s):	CVE-2009-3692
Last Modified:	Oct 17 16:05:48 2009
MD5 Checksum:	c406efbe8e998f36edbb0aa6652790fe

/// File Name:	proc-access.txt
Description:	It appears that manipulation of file descriptors via /proc can circumvent permissions on parent directories of the file.
Author:	Pavel Machek
File Size:	2874
Last Modified:	Oct 23 16:16:47 2009
MD5 Checksum:	43ddfec3b4e663a94f8e7c784aeb31a8

/// File Name:	proftpd-mod_ctrls-opensuse10_2.pl.t..>
Description:	ProFTPd version 1.3.0 mod_ctrls local stack overflow root exploit that binds a shell to port 19091.
Author:	Michael Domberg
Homepage:	http://www.devtarget.org/
File Size:	2204
Last Modified:	Oct 12 17:33:09 2009
MD5 Checksum:	7ae33616bc34fe84beb8bf9728dd2540

/// File Name:	psart-sql.txt
Description:	PSArt version 1.2 suffers from a remote SQL injection vulnerability.
Author:	Securitylab Security Research
Homepage:	http://securitylab.ir/
File Size:	724
Last Modified:	Oct 30 16:15:16 2009
MD5 Checksum:	1043e1fc083872e2a574e77e1e1078b9

/// File Name:	qtjava_pointer.rb.txt
Description:	This Metasploit module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7.
Author:	Dino A Dai Zovi,H D Moore,Kevin Finisterre
Homepage:	http://www.metasploit.com
File Size:	5492
Related OSVDB(s):	23608
Related CVE(s):	CVE-2007-2175
Last Modified:	Oct 27 17:15:01 2009
MD5 Checksum:	fd12e3cb5086c03366ca1e1daa1f55f1

/// File Name:	quickcart-xsslfixsrf.txt
Description:	QuickCart suffers from cross site scripting, cross site request forgery, and local file inclusion vulnerabilities.
Author:	kl3ryk
File Size:	3611
Last Modified:	Oct 8 20:23:39 2009
MD5 Checksum:	194340ea0274f9abb69dc3192245c216

/// File Name:	quickteam-sql.txt
Description:	QuickTeam version 2.2 suffers from a remote SQL injection vulnerability.
Author:	drunken danish rednecks
File Size:	820
Last Modified:	Oct 14 19:26:09 2009
MD5 Checksum:	545304c90c2885f34d689f6d63bad48e

/// File Name:	quicktime_rtsp_content_type.rb.txt
Description:	This Metasploit module exploits the Mac OS X Quicktime RTSP Content-Type overflow.
Homepage:	http://www.metasploit.com
File Size:	5278
Last Modified:	Oct 28 16:01:22 2009
MD5 Checksum:	380966feca11229459ef798d1bee894d

/// File Name:	redbull.sh.txt
Description:	Geany version 0.18 local file overwrite exploit.
Author:	Jeremy Brown
Homepage:	http://jbrownsec.blogspot.com/
File Size:	3282
Last Modified:	Oct 6 19:33:55 2009
MD5 Checksum:	fb83344576ad2d695493595544f719c4

/// File Name:	redcatmedia-sql.txt
Description:	Redcat Media suffers from a remote SQL injection vulnerability.
Author:	s4va
Homepage:	http://s4vaworld.uni.cc/
File Size:	1405
Last Modified:	Oct 12 17:49:43 2009
MD5 Checksum:	34da6a28e1d79e51cefbc18a31602273

/// File Name:	riorey-passwd.txt
Description:	Riorey DDoS mitigation appliances suffer from a very poor design vulnerability where they have a hardcoded root login and password for automation. Fail!
Author:	Marek Kroemeke
File Size:	2402
Last Modified:	Oct 7 22:04:44 2009
MD5 Checksum:	e5537fe045b3a9e6407e302e8380e079

/// File Name:	sadmind_adm_build_path.rb.txt
Description:	This Metasploit module exploits a buffer overflow vulnerability in adm_build_path() function of sadmind daemon.
Author:	Adriano Lima
Homepage:	http://www.risesecurity.org/
File Size:	4446
Related OSVDB(s):	49111
Related CVE(s):	CVE-2008-4556
Last Modified:	Oct 28 19:21:21 2009
MD5 Checksum:	445586327b6a99350a42708bd196facb

/// File Name:	sadmind_exec.rb.txt
Description:	This exploit targets a weakness in the default security settings of the sadmind RPC application. This server is installed and enabled by default on most versions of the Solaris operating system. Vulnerable systems include solaris 2.7, 8, and 9.
Author:	H D Moore,cazz,vlad902
Homepage:	http://www.metasploit.com
File Size:	3795
Related OSVDB(s):	4585
Related CVE(s):	CVE-2003-0722
Last Modified:	Oct 28 19:24:09 2009
MD5 Checksum:	b35c5bfeebb1e521bdad45053c664ca2

/// File Name:	safari_metadata_archive.rb.txt
Description:	This Metasploit module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	9516
Related OSVDB(s):	23510
Related CVE(s):	CVE-2006-0848
Last Modified:	Oct 28 14:58:15 2009
MD5 Checksum:	c9eff8239967b82607204dfb73547679

/// File Name:	sdl-xss.txt
Description:	Simple Directory Listing version 2.1_beta1 suffers a cross site scripting vulnerability.
Author:	Amol Naik
File Size:	1292
Last Modified:	Oct 12 17:05:18 2009
MD5 Checksum:	c9e7416815ed2bfa1e44488fdf9b256a

/// File Name:	sendmail_exec.rb.txt
Description:	This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Sun Solaris up to and including 8.0. This module uses a technique discovered by Dino Dai Zovi to exploit the flaw without needing to know the resolved name of the attacking system.
Author:	Dino A Dai Zovi,H D Moore
Homepage:	http://www.metasploit.com
File Size:	4166
Related OSVDB(s):	15131
Related CVE(s):	CVE-2001-1583
Last Modified:	Oct 28 16:43:46 2009
MD5 Checksum:	e38a9f11115d68bc3f3a83145bf7542a

/// File Name:	snitzforums-xss.txt
Description:	Snitz Forums 2000 version 3.4.07 suffers from cross site scripting vulnerabilities.
Author:	Andrea Fabrizi
Homepage:	http://www.andreafabrizi.it/
File Size:	773
Last Modified:	Oct 15 16:10:37 2009
MD5 Checksum:	723dc377285c76b63c7e551c10519663

/// File Name:	snort285-dos.txt
Description:	Snort versions 2.8.5 and below suffer from an IPv6 related remote denial of service vulnerability.
Author:	laurent gaffie
File Size:	1934
Last Modified:	Oct 23 13:36:42 2009
MD5 Checksum:	3c22f17e6a527be646ae04024532eba1

/// File Name:	snortbopre.rb.txt
Description:	This Metasploit module exploits a stack overflow in the Back Orifice pre-processor module included with Snort versions 2.4.0, 2.4.1, 2.4.2, and 2.4.3. This vulnerability could be used to completely compromise a Snort sensor, and would typically gain an attacker full root or administrative privileges.
Author:	Lau KaiJern
File Size:	2402
Related OSVDB(s):	20034
Related CVE(s):	CVE-2005-3252
Last Modified:	Oct 27 13:43:05 2009
MD5 Checksum:	2380abc1b12bb852042aa564e3e1b09f