Section: .. / 0805-exploits /
| /// File Name: |
netiouscms-sql.txt |
Description:
|
Netious CMS version 0.4 suffers from a SQL injection vulnerability in index.php.
| | Author: | InjEctOrS | | File Size: | 1999 | | Last Modified: | May 22 01:02:15 2008 |
| MD5 Checksum: | 3f8cd1a64d61b339e565f3d82f7fd77f |
|
| /// File Name: |
mxsystem-sql.txt |
Description:
|
MX-System version 2.7.3 suffers from a remote SQL injection vulnerability in index.php.
| | Author: | cOndemned | | Homepage: | http://condemned.r00t.la/ | | File Size: | 529 | | Last Modified: | May 20 19:53:06 2008 |
| MD5 Checksum: | 20ab2078692e9467746d7f2ae3354dee |
|
| /// File Name: |
comicshout-sql.txt |
Description:
|
ComicShout version 2.5 suffers from a remote SQL injection vulnerability in index.php.
| | Author: | Niiub | | Homepage: | http://www.bl4ck-b0x-info/ | | File Size: | 606 | | Last Modified: | May 20 16:40:00 2008 |
| MD5 Checksum: | 766e757acc678c67e9519eca6c7fce43 |
|
| /// File Name: |
mantis-xssxsrf.txt |
Description:
|
Mantis Bug Tracker version 1.1.1 suffers from remote code execution, cross site scripting, and cross site request forgery vulnerabilities.
| | Author: | Antonio Parata, Francesco Ongaro | | Homepage: | http://www.ush.it/ | | File Size: | 8022 | | Last Modified: | May 20 16:38:52 2008 |
| MD5 Checksum: | 587e23d10c6e859164e8edab05fd763b |
|
| /// File Name: |
ecms-sql.txt |
Description:
|
eCMS version 0.4.2 suffers from remote SQL injection and bypass vulnerabilities.
| | Author: | hadihadi | | Homepage: | http://www.virangar.org/ | | File Size: | 1860 | | Last Modified: | May 20 16:31:17 2008 |
| MD5 Checksum: | 5b0a42173a4e8bc0b0fea076d2301107 |
|
| /// File Name: |
starsgames-xss.txt |
Description:
|
Stargames Control Panel versions 4.6.2 and below suffer from a cross site scripting vulnerability.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1158 | | Last Modified: | May 20 16:29:35 2008 |
| MD5 Checksum: | 4508c6a08d7e7c84697e172ebb353ed1 |
|
| /// File Name: |
appservopen-xss.txt |
Description:
|
AppServ Open Project versions 2.5.10 and below suffer from a cross site scripting vulnerability.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1688 | | Last Modified: | May 20 16:28:53 2008 |
| MD5 Checksum: | 55c3025076b6e369ac78c52ac1e2021e |
|
| /// File Name: |
entertainment-lfi.txt |
Description:
|
EntertainmentScript version 1.4.0 local file inclusion exploit that takes advantage of page.php.
| | Author: | Stack-Terrorist | | Homepage: | http://v4-team.com/ | | File Size: | 5334 | | Last Modified: | May 20 16:28:05 2008 |
| MD5 Checksum: | 47e16822ff06b34e8d7213f87fd187ac |
|
| /// File Name: |
entertainment-sql.txt |
Description:
|
EntertainmentScript suffers from a remote SQL injection vulnerability in play.php.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 1427 | | Last Modified: | May 20 16:27:04 2008 |
| MD5 Checksum: | 8b3a6bea1ce491c8aa5612c5c1c898b2 |
|
| /// File Name: |
winpcap-dos.txt |
Description:
|
WinPCAP denial of service proof of concept exploit.
| | Author: | e.wiZz! | | File Size: | 8209 | | Last Modified: | May 19 21:40:32 2008 |
| MD5 Checksum: | 272040fbf741aa2653660ff84b70ca38 |
|
| /// File Name: |
wpfile-exec.txt |
Description:
|
Wordpress versions 2.5.1 and below offer the ability to execute arbitrary php code via the administrative functionality. This is a bit obvious to anyone who has used Wordpress installations, but I guess it is useful to note.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1542 | | Last Modified: | May 19 21:27:36 2008 |
| MD5 Checksum: | 91f0bd753f04c8747f2146e8008d8ed3 |
|
| /// File Name: |
bcoos-traverse.txt |
Description:
|
Bcoos versions 1.0.13 and below suffer from an arbitrary file read vulnerability via highlight.php.
| | Author: | Lostmon | | Homepage: | http://lostmon.blogspot.com/ | | File Size: | 1888 | | Last Modified: | May 19 21:20:56 2008 |
| MD5 Checksum: | 00de1d9337e4ff835501c7099f9ba870 |
|
| /// File Name: |
msword-xss.txt |
Description:
|
Microsoft Word versions 2003 and 2007 are susceptible to crash and cross site scripting vulnerabilities via malicious javascript execution.
| | Author: | Juan Pablo Lopez Yacubian | | File Size: | 1599 | | Last Modified: | May 19 21:19:45 2008 |
| MD5 Checksum: | 46abbad0f6fa4a499ede6ed3df30f7c5 |
|
| /// File Name: |
cpanel-root.txt |
Description:
|
It appears that there is a remote compromise vulnerability in cPanel in relation to reseller accounts.
| | Author: | Ali Jasbi | | File Size: | 1753 | | Last Modified: | May 19 21:18:02 2008 |
| MD5 Checksum: | 780309ce3bbe1412e71ac6907a34cec8 |
|
| /// File Name: |
mercuryboard-blindsql.txt |
Description:
|
MercuryBoard versions 1.1.5 and below remote blind SQL injection exploit that takes advantage of login.php.
| | Author: | EgiX | | File Size: | 7424 | | Last Modified: | May 19 21:06:46 2008 |
| MD5 Checksum: | f650f8701b81df1cf13d9ed69f574f43 |
|
| /// File Name: |
alkalinephp-sql.txt |
Description:
|
AlkalinePHP versions 0.80.00 beta and below remote SQL injection exploit that takes advantage of thread.php.
| | Author: | Stack-Terrorist | | Homepage: | http://v4-team.com/ | | File Size: | 3612 | | Last Modified: | May 19 21:05:38 2008 |
| MD5 Checksum: | 80419c4f1d7a8f38578af68a6cf65bac |
|
| /// File Name: |
microssyscms-rfi.txt |
Description:
|
microSSys CMS versions 1.5 and below suffer from a remote file inclusion vulnerability.
| | Author: | Raz0r | | Homepage: | http://raz0r.name/ | | File Size: | 737 | | Last Modified: | May 19 19:08:52 2008 |
| MD5 Checksum: | da4a890b41e299daf9e6487591db6b5a |
|
| /// File Name: |
meltingice-user.txt |
Description:
|
MeltingIce File System versions 1.0 and below remote arbitrary add user exploit.
| | Author: | t0pp8uzz | | File Size: | 1438 | | Last Modified: | May 19 19:06:21 2008 |
| MD5 Checksum: | ddce149abab8ef391e9e450779603c5c |
|
| /// File Name: |
phpagtc-admin.txt |
Description:
|
PHP AGTC-Membership System version 1.1a and below arbitrary add administrator exploit.
| | Author: | t0pp8uzz | | File Size: | 1825 | | Last Modified: | May 19 19:05:22 2008 |
| MD5 Checksum: | 3637ebefed573560d82423c5b7760ffb |
|
| /// File Name: |
mypicgallery-admin.txt |
Description:
|
MyPicGallery version 1.0 arbitrary add administrator exploit.
| | Author: | t0pp8uzz | | File Size: | 1176 | | Last Modified: | May 19 19:03:36 2008 |
| MD5 Checksum: | 92656e8c04dcc7a67bb07f3c89d2e4be |
|
| /// File Name: |
gnugallery-lfi.txt |
Description:
|
GNU/Gallery versions 1.1.1.0 and below suffer from a local file inclusion vulnerability in admin.php.
| | Author: | t0pp8uzz | | File Size: | 1148 | | Last Modified: | May 19 19:01:42 2008 |
| MD5 Checksum: | c11baf261b36dd17dbde254ea032c681 |
|
| /// File Name: |
easycms-multi.txt |
Description:
|
easyCMS versions 0.4.2 and below suffer from insecure cookie handling and SQL injection vulnerabilities.
| | Author: | t0pp8uzz | | File Size: | 1796 | | Last Modified: | May 19 19:00:19 2008 |
| MD5 Checksum: | 4d1798b6991d464156b7c4a6a78af100 |
|
| /// File Name: |
alkalinephp-admin.txt |
Description:
|
AlkalinePHP versions 0.77.35 and below suffer from an arbitrary add administrator vulnerability in adduser.php.
| | Author: | t0pp8uzz | | File Size: | 1788 | | Last Modified: | May 19 18:58:54 2008 |
| MD5 Checksum: | c164ed88d4b99e7f659369344b22bbd2 |
|
| /// File Name: |
lulieblog-multi.txt |
Description:
|
LulieBlog version 1.2 suffers from administrative bypass, upload, and blind SQL injection vulnerabilities.
| | Author: | Cod3rZ | | Homepage: | http://cod3rz.helloweb.eu/ | | File Size: | 3852 | | Last Modified: | May 19 18:29:50 2008 |
| MD5 Checksum: | 59654bdf3717a6c2934301e1ab751e1e |
|
| /// File Name: |
phpkuran-sql.txt |
Description:
|
The PHP-Nuke module KuraniKerim suffers from a SQL injection vulnerability.
| | Author: | Lovebug | | File Size: | 451 | | Last Modified: | May 19 18:26:22 2008 |
| MD5 Checksum: | c66d1fe5c9b79b9da43db55dc9f79af8 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
