Section:  .. / 0512-exploits  /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 83
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0512-exploits.tgz
Description:
Packet Storm new exploits for December, 2005.
Homepage:http://packetstormsecurity.org/
File Size:173367
Last Modified:Jan 1 22:36:42 2006
MD5 Checksum:fda394a1e54f4abf73962ed66d26dc3b

 ///  File Name: Acidcat-bypass.txt
Description:
Several vulnerabilities in Acidcat CMS v 2.1.13 and below have been found which can be used to discover the admin credentials or download the database.
Author:Hamid Network Security Team
Homepage:http://hamid.ir
File Size:1748
Last Modified:Dec 28 21:46:38 2005
MD5 Checksum:d683870ab3c64aa5edc3f729683b6aa5

 ///  File Name: ACSSEC-2005-11-25-3.txt
Description:
FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to specially crafted XSS requests. A remote attacker could trick a user into viewing a vulnerable page which could then lead to remote compromise.
Author:Tim Shelton
File Size:1941
Last Modified:Dec 28 06:25:00 2005
MD5 Checksum:e008f66c82dc31ff0cacce9d393a4d6e

 ///  File Name: AD20051202.txt
Description:
WinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
Author:Sowhat
Homepage:http://secway.org/
File Size:3352
Last Modified:Dec 3 06:40:55 2005
MD5 Checksum:e2a03f701231a1f11975df0e44fadadb

 ///  File Name: adpHashdisclose.txt
Description:
ADP Forum versions 2.0 through 2.0.3 suffers from a direct download flaw that discloses users' password hashes.
Author:Liz0ziM
Homepage:http://www.biyo.tk
File Size:1194
Last Modified:Dec 14 09:01:51 2005
MD5 Checksum:3a4537af165b9812a28f6030875fd239

 ///  File Name: ag22sql.txt
Description:
Advanced Guestbook version 2.2 suffers from a SQL injection flaw in the username variable. The SQL injection flaw for the password variable was discovered for this same version back in April of 2004.
Author:BHST
Related Exploit:advguest.txt"
File Size:785
Last Modified:Dec 26 19:50:00 2005
MD5 Checksum:3cc8c772fdccc7a409005cb7a75c6eef

 ///  File Name: alisveristrSQL.txt
Description:
Alisveristr E-Commerce is susceptible to SQL injection attacks during the login phase of usage.
Author:B3g0k
File Size:1018
Last Modified:Dec 7 02:47:58 2005
MD5 Checksum:9ba76e5ba7fdd0e4f2889d7965f9b150

 ///  File Name: appfluent.txt
Description:
Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.
Author:c0ntex
Homepage:http://www.open-security.org
File Size:6908
Last Modified:Dec 14 05:21:23 2005
MD5 Checksum:32c5b58d9d21114244ca445df9985b02

 ///  File Name: AppScanQA-RemoteCodeExec-PoC.zip
Description:
Proof of concept exploit for AppScan QA versions 5.0.x that stages itself as a webserver and exploits a buffer overflow via the WWW-Authenticate header of a 401 HTTP response.
Author:Mariano Nunez
Homepage:http://www.cybsec.com
Related File:cybsec-watchfire.txt
File Size:1564
Last Modified:Dec 18 10:56:06 2005
MD5 Checksum:7f372648b79922c22ee027921f0bcb10

 ///  File Name: arabPortalSQL.txt
Description:
Arab Portal System version 2 Beta 2 is susceptible to SQL injection attacks.
Author:Devil-00
File Size:2062
Last Modified:Dec 14 08:12:40 2005
MD5 Checksum:fb558b6b1217c312052d18162d60388d

 ///  File Name: Bb_6.zip
Description:
Blackboard versions 6.3.1.424 and 6.2.3.23 (and possibly earlier versions) are susceptible to login bypass, spoofing of announcements, and proxying flaws.
Author:dr_insane
File Size:13454
Last Modified:Dec 14 07:36:44 2005
MD5 Checksum:7113f857a7b23c9e90395e557919c2c2

 ///  File Name: bbs.c
Description:
SimpleBBS versions 1.1 and below remote command execution exploit.
Author:unitedasia
File Size:4424
Last Modified:Dec 14 05:24:12 2005
MD5 Checksum:153d8fadee80804f06dda5d29fad686a

 ///  File Name: blog12SQL.txt
Description:
The Blog System version 1.2 is susceptible to SQL injection attacks.
Author:vipsta
File Size:267
Last Modified:Dec 9 17:15:56 2005
MD5 Checksum:9f22d03b751f8205fb13d1528e7da44e

 ///  File Name: BluePIMped.diff
Description:
Patch for ussp-push that allows you to exploit the overflows discovered in the Widcomm BTStackServer.
Author:Kevin Finisterre
Homepage:http://www.digitalmunition.com
Related File:BluePIMped.txt
File Size:5992
Last Modified:Dec 7 07:22:59 2005
MD5 Checksum:8626543797f1b6290b90c1e8c0a180fc

 ///  File Name: browserDoS.txt
Description:
Simple javascript related denial of service that primarily affects Internet Explorer. Version 6.0 was tested and stayed unresponsive for over 3 minutes. Firefox does not appear truly affected as it seems to recover although it may freeze for a short period of time.
Author:Ziplock
File Size:448
Last Modified:Dec 14 06:43:26 2005
MD5 Checksum:142b31ebaf4a6d1c5905efadfe640cc6

 ///  File Name: BTGrup.txt
Description:
The BTGrup Admin WebController script is susceptible to a SQL injection attack.
Author:khc
File Size:172
Last Modified:Dec 14 08:27:50 2005
MD5 Checksum:b077a1a5be54dbc0ddd5f2155b17801d

 ///  File Name: bypassXSSnuke.txt
Description:
PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
Author:Maksymilian Arciemowicz
Homepage:http://securityreason.com/
File Size:6191
Last Modified:Dec 15 07:43:20 2005
MD5 Checksum:eb14def6f8b872d7c1f7296074010db0

 ///  File Name: cerberusHelp.txt
Description:
Cerberus HelpDesk is susceptible to SQL injection and cross site scripting flaws. cerberus-gui 2.649 is affected. support-center 2.649 through 3.2.0pr2 is also affected. Full exploitation details provided.
Author:A. Ramos
Homepage:http://www.unsec.net
File Size:5752
Last Modified:Dec 27 09:31:57 2005
MD5 Checksum:4e8068a82c40d05baeb62691157db870

 ///  File Name: cijfer-ccxpl.pl.txt
Description:
Remote command execution exploit for CubeCart versions 3.0.6 and below that makes use of an input sanitization flaw in orderSuccess.inc.php.
Author:cijfer
File Size:3721
Last Modified:Dec 31 10:02:57 2005
MD5 Checksum:4657be8ac1e8639b13575ee1bf77e75c

 ///  File Name: CounterDoS.c
Description:
Counter Strike 2D denial of service exploit that affects versions 0.1.0.1 and below.
Author:Iman Karim
Homepage:http://home.inf.fh-rhein-sieg.de/~ikarim2s/
File Size:3615
Last Modified:Dec 14 09:28:28 2005
MD5 Checksum:d87083992aad727560be35d101326126

 ///  File Name: dBpowerAMPv11.5.txt
Description:
BpowerAMP Music Converter v11.5 and prior local buffer overflow exploit.
Author:fRoGGz SecuBox Labs
Homepage:http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.html
File Size:3420
Last Modified:Dec 29 03:16:47 2005
MD5 Checksum:07cdccb20d13c9120729756bbdc1d4ee

 ///  File Name: Dev_15_sql_xpl.php.txt
Description:
Dev Web versions less than of equal to 1.5 'cat' SQL injection and admin MD5 password hash disclosure exploit.
Author:rgod
Homepage:http://rgod.altervista.org
File Size:12762
Last Modified:Dec 29 01:47:54 2005
MD5 Checksum:4e8ecca6f99911710c2e7703c1042181

 ///  File Name: DRZESHMS.txt
Description:
DRZES HMS is susceptible to cross site scripting and SQL injection vulnerabilities.
Author:vipsta
File Size:603
Last Modified:Dec 14 05:09:35 2005
MD5 Checksum:bcd5ac7dff7d91a3078343a35c127666

 ///  File Name: EdgewallSQL.txt
Description:
Edgewall Trac version 0.9 is susceptible to a SQL injection attack due to a lack of sanity checking on the group variable.
Author:David Maciejak
File Size:800
Last Modified:Dec 3 06:27:47 2005
MD5 Checksum:7df147c2ac1998ed9869129658f50506

 ///  File Name: envo.txt
Description:
eNvolution, the fork of PostNuke, is susceptible to cross site scripting and SQL injection attacks.
Author:X1ngBox
File Size:521
Last Modified:Dec 14 05:43:12 2005
MD5 Checksum:7e2a2c7faa2be90e8362a75604e36d5c