Section: .. / 1001-exploits /

Page 7 of 21
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 >> Files 150 - 175 of 518

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	googlemaps-xss.txt
Description:	Google Maps suffered from a cross site scripting vulnerability. This was patched the same day as it was publicly disclosed.
Author:	Gaurav Baruah,Pratul Agrawal
File Size:	519
Last Modified:	Jan 12 17:38:53 2010
MD5 Checksum:	888f54e7c1d88d88df037210a4b74f12

/// File Name:	gridcc-sqlxss.txt
Description:	Gridcc version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:	R3d-D3v!L
File Size:	1879
Last Modified:	Jan 7 16:47:54 2010
MD5 Checksum:	a10dd902462c531120f441628613db82

/// File Name:	hawhaw-sql.txt
Description:	HAWHAW suffers from a remote SQL injection vulnerability.
Author:	s4r4d0
File Size:	443
Last Modified:	Jan 31 15:00:22 2010
MD5 Checksum:	4ed9835116fd7549716ab93c3d156385

/// File Name:	hellcode-adv008.txt
Description:	AOL version 9.5 suffers from an Active-X related heap overflow vulnerability. Proof of concept code included.
Author:	karak0rsan,murderkey
Homepage:	http://tcc.hellcode.net/
File Size:	817
Last Modified:	Jan 18 20:27:00 2010
MD5 Checksum:	388d9367ecbf4193d480a3538765b6f8

/// File Name:	helpdesk-xsrf.txt
Description:	Hesk Help Desk suffers from a cross site request forgery vulnerability.
Author:	The.Morpheus
File Size:	3385
Last Modified:	Jan 13 21:31:03 2010
MD5 Checksum:	18a54b75297d34102c567ef24f40a71d

/// File Name:	hispanicdn-sql.txt
Description:	Hispanic Digital Network suffers from a remote blind SQL injection vulnerability.
Author:	NoGe
File Size:	1412
Last Modified:	Jan 7 00:13:59 2010
MD5 Checksum:	d1fcac3e70dd9c1a1ed44b0b72cba5bb

/// File Name:	hitcounter-xss.txt
Description:	Hit Counter version 2.0 suffers from a cross site scripting vulnerability.
Author:	indoushka
File Size:	3437
Last Modified:	Jan 3 20:56:45 2010
MD5 Checksum:	368b315f5a65260dd9aacbbf1f98b244

/// File Name:	hlstats135-xss.txt
Description:	HLstats version 1.35 suffers from a cross site scripting vulnerability. Same issue as previously discovered in 1.34.
Author:	Sora
Related Exploit:	hlstatsXSS.txt
File Size:	350
Last Modified:	Jan 3 20:46:23 2010
MD5 Checksum:	4394a9dd628da774be25b0b4c0ffbb1a

/// File Name:	hlstatsx165-sql.txt
Description:	HLstatsX Community Edition version 1.6.5 suffers from a remote SQL injection vulnerability.
Author:	Babora
Related Exploit:	hlstatsx-sql.txt
File Size:	865
Last Modified:	Jan 8 20:44:02 2010
MD5 Checksum:	eae728a6b89fbfae4326c4560527b545

/// File Name:	hlstatsxce-xss.txt
Description:	HLstatsX Community Edition version 1.6.5 suffers from a cross site scripting vulnerability.
Author:	Sora
File Size:	472
Last Modified:	Jan 3 21:44:02 2010
MD5 Checksum:	0c5ade7b85609bb9a6ba7038ab8696be

/// File Name:	houtcast-xsrf.txt
Description:	HOUTcast server versions 1.9.8/Win32 and below suffer from a cross site request forgery vulnerability.
Author:	cp77fk4r
File Size:	517
Last Modified:	Jan 14 16:52:16 2010
MD5 Checksum:	d714e669daa4978abfcf950524416a6b

/// File Name:	hp_nnm_ovalarm_lang.rb.txt
Description:	This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.53. By sending a specially crafted CGI request to ovalarm.exe, an attacker can execute arbitrary code. This specific vulnerability is due to a call to "sprintf_new" in the "isWide" function within "ovalarm.exe". A stack buffer overflow occurs when processing an HTTP request that contains the following. 1. An "Accept-Language" header longer than 100 bytes 2. An "OVABverbose" URI variable set to "on", "true" or "1" The vulnerability is related to "_WebSession::GetWebLocale()" .. NOTE: This exploit has been tested successfully with a reverse_ord_tcp payload.
Author:	jduck
Homepage:	http://www.metasploit.com
File Size:	3354
Related OSVDB(s):	60930
Related CVE(s):	CVE-2009-4179
Last Modified:	Jan 22 01:23:21 2010
MD5 Checksum:	78f6b32633b4d5d3451e110be8b737bb

/// File Name:	hp_omniinet_1.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSG_PROTOCOL (0x010b) packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP Application Recovery Manager and potentially other products. This exploit has been tested against versions 6.1, 6.0, and 5.50 of Data Protector. and versions 6.0 and 6.1 of Application Recovery Manager. NOTE: There are actually two consecutive wcscpy() calls in the program (which may be why ZDI considered them two separate issues). However, this module only exploits the first one.
Author:	EgiX,jduck,riaf
Homepage:	http://www.metasploit.com
File Size:	5327
Related OSVDB(s):	61206
Related CVE(s):	CVE-2007-2280
Last Modified:	Jan 7 01:00:29 2010
MD5 Checksum:	0bcd4a003662b75595c11d89eb98ddba

/// File Name:	hp_omniinet_2.rb.txt
Description:	This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSG_PROTOCOL (0x010b) packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP Application Recovery Manager and potentially other products. This exploit has been tested against versions 6.1, 6.0, and 5.50 of Data Protector. and versions 6.0 and 6.1 of Application Recovery Manager. NOTE: There are actually two consecutive wcscpy() calls in the program (which may be why ZDI considered them two separate issues). However, this module only exploits the second one.
Author:	EgiX,jduck,riaf
Homepage:	http://www.metasploit.com
File Size:	5265
Related OSVDB(s):	60852
Related CVE(s):	CVE-2009-3844
Last Modified:	Jan 7 01:00:00 2010
MD5 Checksum:	b3687ed374a55ab5d0525a4d749456b8

/// File Name:	htmldoc-overflow.c
Description:	HTMLDOC version 1.9.x-r1629 local .html buffer overflow exploit for Win32.
Author:	fl0 fl0w
File Size:	17117
Last Modified:	Jan 11 17:27:38 2010
MD5 Checksum:	9baf734bdf96474f4f1ad797a4bd10b5

/// File Name:	httpdx15-disclose.txt
Description:	Httpdx version 1.5 suffers from a remote source disclosure. This is the same vulnerability that also affected 1.4.6b.
Author:	Securitylab Security Research
Homepage:	http://securitylab.ir/
Related Exploit:	httpdx146b-disclose.txt
File Size:	729
Last Modified:	Jan 3 22:32:56 2010
MD5 Checksum:	37742c6073ad173e067f1593cede0535

/// File Name:	iboutique-xss.txt
Description:	iBoutique version 4.0 suffers from a cross site scripting vulnerability.
Author:	Andrea Bocchetti
File Size:	428
Last Modified:	Jan 22 18:39:08 2010
MD5 Checksum:	e217d897d4e5fa394e87e8589840311b

/// File Name:	ie_aurora.py.txt
Description:	This program acts as a web server that generates an exploit to target a vulnerability in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP2. The exploit's payload spawns the calculator.
Author:	Ahmed Obied
File Size:	6517
Related CVE(s):	CVE-2010-0249
Last Modified:	Jan 17 18:27:46 2010
MD5 Checksum:	51e9323f1f97bef10ea85d37a5d609e6

/// File Name:	ie_aurora.rb.txt
Description:	This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the "Operation Aurora" attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
Homepage:	http://www.metasploit.com
File Size:	5107
Related OSVDB(s):	61697
Related CVE(s):	CVE-2010-0249
Last Modified:	Jan 17 19:21:02 2010
MD5 Checksum:	50ede2e16f7d86132be5262085376217

/// File Name:	ievbdevkit-exec.txt
Description:	Microsoft Internet Explorer vbDevKit.dll Active-X control code execution exploit.
Author:	ahwak2000
File Size:	1148
Last Modified:	Jan 22 18:51:59 2010
MD5 Checksum:	15472276079f02167faf54833d84cf2e

/// File Name:	iewshomocx-addadmin.txt
Description:	Microsoft Internet Explorer wshom.ocx Active-X remote add administrator exploit.
Author:	Stack
File Size:	421
Last Modified:	Jan 22 18:46:35 2010
MD5 Checksum:	041614671780eba8526fcd7054a3fa9a

/// File Name:	ihs-shell.txt
Description:	Image Hosting Script suffers from a shell upload vulnerability.
Author:	R3d-D3v!L
File Size:	1619
Last Modified:	Jan 11 17:17:19 2010
MD5 Checksum:	c0bd3edec7ab1e5e4ffe52a484e74af4

/// File Name:	imagegallery-sql.txt
Description:	Image Gallery version 1.0 suffers from a remote SQL injection vulnerability.
Author:	Hussin X
File Size:	668
Last Modified:	Jan 22 02:38:26 2010
MD5 Checksum:	6d0bd7df9cb17e03c21df97ccb225b95

/// File Name:	imagoscriptsdac-sql.txt
Description:	ImagoScripts Deviant Art Clone suffers from a remote SQL injection vulnerability.
Author:	alnjm33
File Size:	390
Last Modified:	Jan 4 17:07:43 2010
MD5 Checksum:	9b60c25b73a129a21d01f54aad9d4d09

/// File Name:	IntelliTamper.rb.txt
Description:	This Metasploit module exploits a stack overflow in the IntelliTamper. By sending an overly long string to the "defer" script, an attacker may be able to execute arbitrary code.
Author:	Stack
Homepage:	http://www.metasploit.com
File Size:	2791
Last Modified:	Jan 24 15:51:43 2010
MD5 Checksum:	76234bf0981ba4a0af20a02164199c0f