Section: .. / 0803-exploits /
| /// File Name: |
blackboard-xss.txt |
Description:
|
Blackboard versions 7.x and below suffer from multiple cross site scripting vulnerabilities.
| | Author: | Knight4vn | | File Size: | 5623 | | Last Modified: | Mar 26 16:25:27 2008 |
| MD5 Checksum: | 0a8b01d36622434b60afb5e0e9ff8583 |
|
| /// File Name: |
dotnetnuke-expose.txt |
Description:
|
DotNetNuke versions 4.8.1 and below suffer from a default machine key exposure vulnerability.
| | Author: | Brian Holyfield | | File Size: | 5499 | | Last Modified: | Mar 21 18:26:21 2008 |
| MD5 Checksum: | 4c61159bd37138c7d273b199c38bf92a |
|
| /// File Name: |
horde316-inclusion.txt |
Description:
|
Horde version 3.1.6 suffers from an arbitrary file inclusion vulnerability. Details and a patch are provided.
| | Author: | Patrick Pelanne, David Collins | | Homepage: | http://www.hostgator.com/ | | File Size: | 5433 | | Last Modified: | Mar 12 17:56:47 2008 |
| MD5 Checksum: | f492e2bfde29693087b5b26ae90cfac0 |
|
| /// File Name: |
jafcms-rfi.txt |
Description:
|
JAF-CMS version 4.0 RC2 suffers from remote file inclusion vulnerabilities.
| | Author: | CraCkEr | | File Size: | 4934 | | Last Modified: | Mar 27 02:30:54 2008 |
| MD5 Checksum: | 5ada725dfde0f0aa16dd8f5f34ab828a |
|
| /// File Name: |
auracms-blindsql.txt |
Description:
|
AuraCMS versions 2.2.1 and below remote blind SQL injection exploit that makes use of online.php.
| | Author: | NTOS-Team | | Homepage: | http://newhack.org/ | | File Size: | 4488 | | Last Modified: | Mar 14 14:27:51 2008 |
| MD5 Checksum: | a92d54e982dbcf7ffb1e19ccdd2893ef |
|
| /// File Name: |
webct_exploits.txt |
Description:
|
WebCT Campus Edition version 4.1.5.8 suffers from multiple javascript related session stealing vulnerabilities.
| | Author: | Benjamin Lupton | | File Size: | 4389 | | Last Modified: | Mar 12 16:19:30 2008 |
| MD5 Checksum: | 050f380010227cc874d259d13a91d8ce |
|
| /// File Name: |
motorolatimbuktu-create.txt |
Description:
|
Motorola Timbuktu Pro versions 8.6.5 and below file deletion and creation exploit.
| | Author: | titon | | File Size: | 4330 | | Last Modified: | Mar 12 20:08:14 2008 |
| MD5 Checksum: | 65ecd158b3c4208128dca16d0427f6da |
|
| /// File Name: |
DSECRG-08-022.txt |
Description:
|
BolinOS version 4.6.1 suffers from local file inclusion, cross site scripting, and information disclosure vulnerabilities.
| | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | File Size: | 4203 | | Last Modified: | Mar 25 20:23:11 2008 |
| MD5 Checksum: | 0bcc2d325a9efc6e37064c609e994335 |
|
| /// File Name: |
solaris-memleak.txt |
Description:
|
Exploit that demonstrates how an integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative value to the I_PEEK ioctl.
| | Author: | Marco Ivaldi | | File Size: | 3984 | | Related CVE(s): | CVE-2007-5225 | | Last Modified: | Mar 12 20:11:08 2008 |
| MD5 Checksum: | 8d609ea4015453829d85d3f773acd6a3 |
|
| /// File Name: |
DSECRG-08-018.txt |
Description:
|
Ruby versions 1.8.6 and below suffer from a directory traversal vulnerability.
| | Author: | Sh2kerr, Stas Svistunovich | | Homepage: | http://www.dsec.ru/ | | File Size: | 3971 | | Last Modified: | Mar 12 16:39:31 2008 |
| MD5 Checksum: | fcdc69f9a7069082ec8c5fdf209155fd |
|
| /// File Name: |
firebird-poc.txt |
Description:
|
Firebird database remote buffer overflow proof of concept exploit.
| | Author: | Eugene Minaev | | Homepage: | http://itdefence.ru/ | | File Size: | 3825 | | Last Modified: | Mar 12 20:27:20 2008 |
| MD5 Checksum: | 3aa68bdfcc701ad646d2a421b817244e |
|
| /// File Name: |
taskmgr_dos.c.txt |
Description:
|
Exploit that demonstrates how the manipulation of a registry key in Microsoft Windows XP SP2 can disable the taskmanager.
| | Author: | SkyOut | | Homepage: | http://www.core-security.net/ | | File Size: | 3715 | | Last Modified: | Mar 14 19:06:33 2008 |
| MD5 Checksum: | fb618742f578d7ebf1dd4271ff7f856f |
|
| /// File Name: |
mplayer-overflowpoc.txt |
Description:
|
MPlayer sdpplin_parse() array indexing proof of concept buffer overflow exploit.
| | Author: | k'sOSe | | Homepage: | http://www.pornosecurity.org/ | | File Size: | 3552 | | Last Modified: | Mar 25 20:15:58 2008 |
| MD5 Checksum: | 686a55c166aa6337c1380226437fce80 |
|
| /// File Name: |
mgsoft-multi.txt |
Description:
|
MG-Soft Net Inspector versions 6.5.0.828 and below suffer from format string, directory traversal, and denial of service vulnerabilities. Full details provided.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | File Size: | 3509 | | Last Modified: | Mar 17 15:45:42 2008 |
| MD5 Checksum: | 16270853481fcdec750062d12fa7b53a |
|
| /// File Name: |
DSECRG-08-021.txt |
Description:
|
PowerPHPBoard version 1.00b suffers from multiple local file inclusion vulnerabilities.
| | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | File Size: | 3321 | | Last Modified: | Mar 24 18:45:26 2008 |
| MD5 Checksum: | 62296a0406370148417f50370dd3baf0 |
|
| /// File Name: |
kap-sql.txt |
Description:
|
KAPhotoservice remote SQL injection exploit that makes use of album.asp.
| | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 3291 | | Last Modified: | Mar 18 22:33:11 2008 |
| MD5 Checksum: | 2cbbd32001ac408b682f66da247e5226 |
|
| /// File Name: |
quicktalk-blindsql.txt |
Description:
|
QuickTalk Forum versions 1.6 and below remote blind SQL injection exploit.
| | Author: | t0pp8uzz, xprog | | File Size: | 3216 | | Last Modified: | Mar 13 00:51:40 2008 |
| MD5 Checksum: | aa2a6c1bbd5d4dfb76f0522af9fc384e |
|
| /// File Name: |
mailenable-dos.txt |
Description:
|
MailEnable SMTP server VRFY/EXPN command buffer overflow denial of service exploit.
| | Author: | Matteo Memelli | | Homepage: | http://be4mind.com/ | | File Size: | 3203 | | Last Modified: | Mar 12 20:17:41 2008 |
| MD5 Checksum: | 34c5fb87581a48e4a55b6fae08d1af46 |
|
| /// File Name: |
DSECRG-08-19.txt |
Description:
|
PowerBook version 1.21 suffers from a local file inclusion vulnerability.
| | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | File Size: | 3182 | | Last Modified: | Mar 24 18:42:03 2008 |
| MD5 Checksum: | 7811408f105ca494cbea1548ab28e2bb |
|
| /// File Name: |
mailenablefetch-overflow.txt |
Description:
|
MailEnable Professional versions 3.13 and below FETCH post-auth buffer overflow exploit for Win2K SP4 Pro English that binds a shell to port 4444.
| | Author: | haluznik | | File Size: | 3153 | | Last Modified: | Mar 14 14:35:47 2008 |
| MD5 Checksum: | d43e58c82bb10b01c84efd0a1a42b000 |
|
| /// File Name: |
checkpoint_080306.txt |
Description:
|
The Checkpoint VPN-1 UTM Edge suffers from a cross site scripting vulnerability. Details provided.
| | Author: | Henri Lindberg | | Homepage: | http://www.louhi.fi/ | | File Size: | 3137 | | Last Modified: | Mar 12 16:45:03 2008 |
| MD5 Checksum: | 2976ece9dbe7ba804cb6bcb08e82370b |
|
| /// File Name: |
liveboxftp-overflow.txt |
Description:
|
The ADI Convergence Galaxy FTP server version 0.1 on the Livebox Router is susceptible to an overflow vulnerability allowing for denial of service. Proof of concept included.
| | Author: | 0in | | Homepage: | http://dark-coders.4rh.eu/ | | File Size: | 3072 | | Last Modified: | Mar 3 15:53:45 2008 |
| MD5 Checksum: | 353fe1f8a7805150739ac3fb54e48112 |
|
| /// File Name: |
rsa-xss.txt |
Description:
|
RSA WebID version 5.3 suffers from a cross site scripting vulnerability. Full details provided.
| | Author: | Quentin Berdugo | | File Size: | 3030 | | Last Modified: | Mar 17 15:43:19 2008 |
| MD5 Checksum: | 3e62edfdc6a92506f0c95fe86bfe7a03 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
