Section: .. / 0912-exploits /

Page 4 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 75 - 100 of 600

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	btl-xss.txt
Description:	Best Top List suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	1361
Last Modified:	Dec 29 20:13:28 2009
MD5 Checksum:	07fb748088de006bf29519ba1ea53d28

/// File Name:	ca_arcserve_342.rb.txt
Description:	This Metasploit module exploits a buffer overflow in Computer Associates BrighStor ARCserve r11.5 (build 3884). By sending a specially crafted RPC request to opcode 0x342, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will need set the hostname argument (HNAME).
Author:	MC,Nahuel Cayento Riva
Homepage:	http://www.metasploit.com
File Size:	3337
Related OSVDB(s):	49468
Related CVE(s):	CVE-2008-4397
Last Modified:	Dec 30 22:27:15 2009
MD5 Checksum:	919226f787d00935bbbced3153583218

/// File Name:	cactushop-disclose.txt
Description:	CactuShop version 6 suffers from a remote database disclosure vulnerability.
Author:	LionTurk
File Size:	1971
Last Modified:	Dec 30 00:54:29 2009
MD5 Checksum:	6e35617b98501922ca05f37564a58044

/// File Name:	calendar2002proverbs-xss.txt
Description:	Calendar 2002 Proverbs suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	1443
Last Modified:	Dec 29 20:04:21 2009
MD5 Checksum:	8359af699b8316927222b6dbde68d623

/// File Name:	calendarexpress-sql.txt
Description:	Calendar Express version 2.0 suffers from a remote SQL injection vulnerability.
Author:	Baybora
File Size:	866
Last Modified:	Dec 30 13:24:50 2009
MD5 Checksum:	4bcb8ba701bf0c2f91ade803b977bafd

/// File Name:	camino-overrun.txt
Description:	Camino version 1.6.10 suffers from a remote array overrun that allows for arbitrary code execution.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	14268
Related CVE(s):	CVE-2009-0689
Last Modified:	Dec 11 22:59:21 2009
MD5 Checksum:	639d9cd3f82171d6da257f3007620899

/// File Name:	caricatier-xss.txt
Description:	Caricatier version 2.5 suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	1811
Last Modified:	Dec 29 20:03:31 2009
MD5 Checksum:	8c9988f5dbda4f64d4df1a8775c13a23

/// File Name:	castripper-overflow.txt
Description:	CastRipper buffer overflow exploit that creates a malicious .m3u file.
Author:	bibi-info
File Size:	3383
Last Modified:	Dec 29 19:00:19 2009
MD5 Checksum:	50dfe02b23d031956c4fd32163d1cfb1

/// File Name:	celerondude-upload.txt
Description:	CeleronDude version 5.3.0 suffers from a remote shell upload vulnerability.
Author:	Stink
File Size:	392
Last Modified:	Dec 17 20:55:07 2009
MD5 Checksum:	2efc13a65ec416d133bf986aec67cdce

/// File Name:	census-2009-0004.txt
Description:	Monkey Web Server versions 0.9.2 and below suffer from a remote denial of service vulnerability. Proof of concept code included.
Author:	Patroklos Argyroudis
Homepage:	http://census-labs.com/
File Size:	3264
Last Modified:	Dec 14 20:53:35 2009
MD5 Checksum:	1f8cd6f0a7e20a4d4281368f54f6ebe1

/// File Name:	charoncart-sql.txt
Description:	Charon Cart version 3 suffers from a remote blind SQL injection vulnerability.
Author:	R3d-D3v!L
File Size:	1318
Last Modified:	Dec 17 20:47:58 2009
MD5 Checksum:	78a6e79d9b32c6ef850b566a8ff45278

/// File Name:	chipmunkbs-xsrf.txt
Description:	Chipmunk Board Script 1.x suffers from multiple cross site request forgery vulnerabilities.
Author:	Milos Zivanovic
File Size:	6059
Last Modified:	Dec 13 18:30:04 2009
MD5 Checksum:	9a748d904b84c55b231d1626e5e746eb

/// File Name:	chipmunknl-xsrf.txt
Description:	Chipmunk Newsletter suffers from cross site request forgery vulnerabilities.
Author:	Milos Zivanovic
File Size:	4097
Last Modified:	Dec 13 18:26:55 2009
MD5 Checksum:	5bc5bd46a5b49b35cd9974258bfb75c7

/// File Name:	chipmunknl-xss.txt
Description:	Chipmunk Newsletter suffers from a persistent cross site scripting vulnerability.
Author:	mr_me
File Size:	910
Last Modified:	Dec 7 18:00:53 2009
MD5 Checksum:	650c67e5ddc4c6665e58299462c0c4a2

/// File Name:	chrome-obfuscate.txt
Description:	Google Chrome version 3.0195.38 suffers from a simple status bar obfuscation vulnerability.
Author:	599eme Man
File Size:	943
Last Modified:	Dec 31 20:36:29 2009
MD5 Checksum:	d6389e2d89bac2cede5f71b40f7f3215

/// File Name:	ciamoscms-rfi.txt
Description:	Ciamos CMS versions 0.9.5 and below suffer form a remote file inclusion vulnerability.
Author:	cr4wl3r
Related Exploit:	ciamosCMS096b-rfi.txt
File Size:	1027
Last Modified:	Dec 1 15:42:50 2009
MD5 Checksum:	ff0054b7efdc249cd8ce12847e8c3caa

/// File Name:	ciscoasa-bypass.txt
Description:	Cisco VPN SSL Clientless lets administrators define rules to specific targets within the private network that WebVPN users will be able to access. This specific targets are published using links in VPN SSL home page. These links (URL) are protected (obfuscated) using a ROT13 substitution and converting ASCII characters to hexadecimal. An user with a valid account and without "URL entry" can access any internal/external resource simply taken an URL, encrypt with ROT 13, convert ASCII characters to hexadecimal and appending this string to Cisco VPN SSL URL. Brilliant. Versions 8.x and below are affected. Proof of concept included.
Author:	David Eduardo Acosta Rodriguez
File Size:	3776
Last Modified:	Dec 17 17:23:06 2009
MD5 Checksum:	23532263eadd9395718b1e4e0b9dda08

/// File Name:	clarkconnect-xss.txt
Description:	Clark Connect suffers from a cross site scripting vulnerability.
Author:	Edgard Chammas
File Size:	626
Last Modified:	Dec 22 15:39:04 2009
MD5 Checksum:	8a6a08a8ee54c920b064c32e4198a56d

/// File Name:	cmsdb-xss.txt
Description:	CMS-DB versions 0.7.13 and below suffer from cross site scripting and path disclosure vulnerabilities.
Author:	cp77fk4r
File Size:	2399
Last Modified:	Dec 29 20:08:56 2009
MD5 Checksum:	cf57e70c54057683f9737847589ba5c2

/// File Name:	colombianisp-default.txt
Description:	The Colombian ISP ETB suffers from an issue where their modems are open to manipulation by external attackers.
Author:	Cilia Pretel Gallo
File Size:	2095
Last Modified:	Dec 30 14:54:50 2009
MD5 Checksum:	fc55e53b2bd42ecd74298aa7ee52057d

/// File Name:	coolplayer218-overflow.txt
Description:	CoolPlayer version 2.18 buffer overflow exploit that creates a malicious .m3u file.
Author:	data$hack
File Size:	1422
Last Modified:	Dec 22 15:47:06 2009
MD5 Checksum:	9c5cf20cc2f8657b3c2c089e278613d9

/// File Name:	CORE-2009-0911.txt
Description:	Core Security Technologies Advisory - DAZ Studio is a 3D figure illustration/animation application released by DAZ 3D Inc. DAZ Studio can be accessed via a scripting language which allows for quite a bit of diversity in tool creation. DAZ Studio does not ask for any confirmation from the user prior to executing a scripting file with any of the following extensions: .ds, .dsa, .dse, .dsb. An attacker could abuse the scripting interface by enticing an unsuspecting user to open a malicious scripting file, thus obtaining remote code execution. Proof of concept code included.
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	6547
Related CVE(s):	CVE-2009-4148
Last Modified:	Dec 3 16:06:21 2009
MD5 Checksum:	d9c21d30ac2d229c35e2a6ddd7d12a5f

/// File Name:	CORE-2009-1013.txt
Description:	Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.
Homepage:	http://www.coresecurity.com/corelabs/
File Size:	13638
Related CVE(s):	CVE-2009-4237, CVE-2009-4238
Last Modified:	Dec 10 17:02:55 2009
MD5 Checksum:	5bd0873514f5d1acc5c48a40aa46f3f5

/// File Name:	coreftp-dos.txt
Description:	Core FTP Server version 1.0 Build 319 suffers from a remote denial of service vulnerability.
Author:	Mert SARICA
File Size:	737
Last Modified:	Dec 4 23:13:25 2009
MD5 Checksum:	cb890ee677f3442afd521561fedb05f8

/// File Name:	corehttp_cgienabled.rb.txt
Description:	This Metasploit module exploits a remote command execution vulnerability in corehttp versions 0.5.3.1 and earlier. It requires that you know the name of a cgi file on the server. NOTE: If you want to do something more than remote shell, you'll have to change CGICMD.
Author:	Aaron Conole
Homepage:	http://www.metasploit.com
Related File:	corehttp.txt
File Size:	1962
Last Modified:	Dec 23 11:52:38 2009
MD5 Checksum:	26a7d6db3c49622c313d25b92d636f69