Section: .. / 0503-exploits /

Page 2 of 6
<< 1 2 3 4 5 6 >> Files 25 - 50 of 142

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	cutenews.txt
Description:	Cutenews version 1.3.6 allows for cross site scripting and local code execution attacks. Written in Spanish. Detailed exploitation provided.
Author:	FraMe
Homepage:	http://www.kernelpanik.org
File Size:	3549
Last Modified:	Mar 1 23:12:50 2005
MD5 Checksum:	a5a371f74cdf229b09e5edbafa1652a8

/// File Name:	dcl15.txt
Description:	Download Center Lite (DCL) versions 1.5 and below are susceptible to remote file inclusion.
Author:	Filip Groszynski
File Size:	1369
Last Modified:	Mar 7 07:39:33 2005
MD5 Checksum:	6d07e272a4aa94584a5d3dd9d76afa7c

/// File Name:	dcrab-e-xoops.txt
Description:	Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.
Author:	dcrab
Homepage:	http://icis.digitalparadox.org/~dcrab
File Size:	2221
Last Modified:	Mar 28 12:53:42 2005
MD5 Checksum:	c403d0741fe94de0e0392d54e9113057

/// File Name:	dcrab-estore.txt
Description:	E-Store Kit-2 PayPal Edition is susceptible to file include and cross site scripting vulnerabilities.
Author:	Dcrab
Homepage:	http://icis.digitalparadox.org/~dcrab
File Size:	5072
Last Modified:	Mar 26 00:41:06 2005
MD5 Checksum:	fedf099104a5e7b7f2ff5b77d763ee35

/// File Name:	dcrab-paypal.txt
Description:	Various cross-site scripting and (possible) SQL injection vulnerabilities exist in ESMIstudio's PayPal storefront scripts. It may not always be possible to exploit some of these depending on how PHP, Apache, and MySQL have been configured, however.
Author:	Dcrab
Homepage:	http://icis.digitalparadox.org/~dcrab/
File Size:	1929
Last Modified:	Mar 26 00:40:07 2005
MD5 Checksum:	bd48a913809534b86c6b01d28239201d

/// File Name:	einstein101.txt
Description:	Einstein versions 1.01 and below local password disclosure exploit.
Author:	Kozan, ATmaCA
Homepage:	http://www.netmagister.com
File Size:	2200
Last Modified:	Mar 1 00:30:11 2005
MD5 Checksum:	c55ebe92966f7294f9cbea76d60c2610

/// File Name:	eth0day.c
Description:	Exploit for the Ethereal 3G-A11 dissector remote buffer overflow vulnerability. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.
Author:	Leon Juranic
Homepage:	http://security.lss.hr/en/
Related File:	LSS-2005-03-04.txt
File Size:	973
Last Modified:	Mar 15 05:55:52 2005
MD5 Checksum:	a441e0b038a18e8111f7bdd0a8a8402f

/// File Name:	eth2.c
Description:	Exploit for the Ethereal IAPP dissector remote buffer overflow vulnerability. All versions that have support for the IAPP dissector are affected up to version 0.10.9.
Author:	Leon Juranic
Homepage:	http://security.lss.hr/en/
Related File:	LSS-2005-03-05.txt
File Size:	1632
Last Modified:	Mar 17 07:39:54 2005
MD5 Checksum:	082fa54c1a7d4dae795ed2fa0fdf520a

/// File Name:	ethereal-3g-a11.c
Description:	Ethereal 0.10.9 and below proof of concept remote root exploit that makes use of the CDMA2000 A11 protocol dissector stack overflow vulnerability.
Author:	Diego Giagio
Related File:	LSS-2005-03-04.txt
File Size:	15760
Last Modified:	Mar 17 08:49:01 2005
MD5 Checksum:	5c468892fb19345852d7d2c6bf2ed0dd

/// File Name:	exp2.php.txt
Description:	Proof of concept exploit that makes use of a library injection flaw in MySQL via the CREATE function. Version 4.1.10 and versions below and equal to 4.0.23 are affected.
Author:	Stefano Di Paola
Homepage:	http://www.wisec.it
Related File:	mysqlCreateinject.txt
File Size:	10023
Last Modified:	Mar 15 16:28:45 2005
MD5 Checksum:	0d778bbae9d865a9ba85379b9ed620fe

/// File Name:	exp3.pl.txt
Description:	Proof of concept exploit that makes use of functions in libc in order to gain MySQL user privileges. Version 4.1.10 and versions below and equal to 4.0.23 are affected.
Author:	Stefano Di Paola
Homepage:	http://www.wisec.it
Related File:	mysqlCreatelibc.txt
File Size:	3871
Last Modified:	Mar 15 16:32:55 2005
MD5 Checksum:	03d076773b4edd27cd71264b66a9ea04

/// File Name:	eXPerience2.txt
Description:	eXPerience2 suffers from remote file inclusion and path disclosure flaws.
Author:	Francisco Alisson
File Size:	325
Last Modified:	Mar 15 05:47:47 2005
MD5 Checksum:	73628d6dd20afa74b1217a0b384552e3

/// File Name:	EXPL-A-2005-002.txt
Description:	EXPL-A-2005-002 exploitlabs.com Advisory 031 - The Samsung ADSL Modem ships with default root, admin, and user accounts and also allows for arbitrary file access on the underlying filesystem.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	2881
Last Modified:	Mar 22 16:50:43 2005
MD5 Checksum:	6c2865c8bed350e5eb21b7d572dd1f9f

/// File Name:	formmail23.txt
Description:	Form Mail versions 2.3 and below suffer from a remote file inclusion flaw.
Author:	Filip Groszynski
File Size:	1399
Last Modified:	Mar 7 07:47:20 2005
MD5 Checksum:	94a44fe2bb187a0b870debe33a7b9a17

/// File Name:	foros32.txt
Description:	FOROS version 3.2 allows for account compromise by changing the username and forumid in a cookie to someone else's.
Author:	Black Angel
File Size:	879
Last Modified:	Mar 4 05:39:12 2005
MD5 Checksum:	0719f7a4d7744c6076f3ed3194c1aacc

/// File Name:	foxmail.txt
Description:	Foxmail server version 2.0 is susceptible to a boundary error condition in the handling of the USER command. Sample denial of service exploit provided.
Author:	xouyang
File Size:	8609
Last Modified:	Mar 3 08:49:50 2005
MD5 Checksum:	e8be228510f7c2585b6b62df01a61343

/// File Name:	freeciv.pl
Description:	Freeciv Server versions 2.0.0beta8 and below remote denial of service exploit.
Author:	Nico Spicher
Homepage:	http://triplex.it-helpnet.de/
File Size:	1201
Last Modified:	Mar 22 06:13:12 2005
MD5 Checksum:	a351abb6fac679e8a4f6135190dad6ef

/// File Name:	getr00t.sh
Description:	This is a simple script automating the equally simple exploitation of a trusted path bug in AIX. The problem lies in the invscout program.
Author:	ri0t
Related File:	12.20.04-1.txt
File Size:	701
Related OSVDB(s):	12531
Related CVE(s):	CAN-2004-1054
Last Modified:	Mar 25 17:38:20 2005
MD5 Checksum:	2c24407cabeaf323f2d9de28c288acfc

/// File Name:	goldenFTP192.txt
Description:	Golden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.
Author:	Carlos Ulver
Homepage:	http://www.debarry2.com.br/carlos
File Size:	1821
Last Modified:	Mar 3 09:06:12 2005
MD5 Checksum:	bed2eb002971805d613a3305ca538276

/// File Name:	goodtech.c
Description:	Remote exploit for GoodTech Telnet server versions below 5.0.7. This exploit can spawn a bindshell or launch a reverse shell.
Author:	cybertronic
Related File:	goodtechtelnet.txt
File Size:	11456
Last Modified:	Mar 22 06:46:06 2005
MD5 Checksum:	59fd49d039156fcef30e5d275ee11a61

/// File Name:	gtscrash.c.txt
Description:	Remote denial of service exploit for GoodTech Telnet server versions below 5.0.7.
Author:	Komrade
Related File:	goodtechtelnet.txt
File Size:	2705
Last Modified:	Mar 22 06:37:56 2005
MD5 Checksum:	400775bd3c74bd5a59465815cd8c0c03

/// File Name:	highlight.txt
Description:	RUNCMS version 1.1A is susceptible to a file inclusion vulnerability.
Author:	NT
Homepage:	http://www.ihsteam.com/
File Size:	3265
Last Modified:	Mar 22 08:15:54 2005
MD5 Checksum:	8708c66d77eff72b5baf0ae4f818c514

/// File Name:	holaCMS149.txt
Description:	holaCMS version 1.4.9 is susceptible to a file inclusion vulnerability.
Author:	Virginity Security
File Size:	2604
Last Modified:	Mar 17 07:51:07 2005
MD5 Checksum:	c7f12a9a1b4ec43f2c6f9fdb482a6212

/// File Name:	HRG005.txt
Description:	The search.php script in Forumwa is susceptible to cross site scripting attacks.
Author:	Raven
Homepage:	http://www.Hackerlounge.com
File Size:	3478
Last Modified:	Mar 3 08:06:30 2005
MD5 Checksum:	6cf2adefe1042cca13ed7ae62410eb95

/// File Name:	HRG006.txt
Description:	The profile.php script in 427BB is susceptible to cross site scripting attacks.
Author:	Raven
Homepage:	http://www.Hackerlounge.com
File Size:	2571
Last Modified:	Mar 3 08:07:39 2005
MD5 Checksum:	6e24a2850d6229430b561acc068a0b1a