Section: .. / 0508-exploits /
| /// File Name: |
phpfreenews140.txt |
Description:
|
PHPFreeNews versions 1.40 and below are susceptible to SQL injection and cross site scripting attacks.
| | Author: | matrix killer, h4cky0u | | Homepage: | http://www.h4cky0u.org | | File Size: | 2808 | | Last Modified: | Aug 18 03:30:54 2005 |
| MD5 Checksum: | 678d0e34a1a7e5546aa2cd24aa7be7dd |
|
| /// File Name: |
phpAdsNew205.txt |
Description:
|
phpAdsNew and phpPgAds versions 2.0.5 and below suffer from an arbitrary file inclusion flaw. Detailed exploitation provided.
| | Author: | Maksymilian Arciemowicz | | File Size: | 3018 | | Last Modified: | Aug 18 03:23:35 2005 |
| MD5 Checksum: | 1ed20310705df1b100b9b0f847ea67a1 |
|
| /// File Name: |
phptbInject.txt |
Description:
|
PHPTB versions 2.0 and below suffer from multiple PHP injection flaws.
| | Author: | Filip Groszynski | | File Size: | 1843 | | Last Modified: | Aug 18 02:58:47 2005 |
| MD5 Checksum: | f161d2f673c45c1b9acff4b010f0ef79 |
|
| /// File Name: |
mediabox404.txt |
Description:
|
mediabox404 WebRadio and WebTV manager is susceptible to a SQL injection attack that allows for login bypass. Versions 1.2 and below are vulnerable.
| | Author: | Cedric Tissieres | | Homepage: | http://www.objectif-securite.ch | | File Size: | 1669 | | Last Modified: | Aug 18 02:56:24 2005 |
| MD5 Checksum: | a1587b7efad1ea40f3b4d70501538bb2 |
|
| /// File Name: |
sakeru.txt |
Description:
|
Sakeru version 0.1 is a URL filtering bypass proof of concept tool that takes advantage of weaknesses in Websense, etc.
| | Author: | sinhack research labs | | File Size: | 6956 | | Last Modified: | Aug 17 02:40:28 2005 |
| MD5 Checksum: | 27a51ade94086288debec3a7f8de6f40 |
|
| /// File Name: |
ECWshop.txt |
Description:
|
ECW Shop version 6.0.2 suffers from cross site scripting, various injection, and disclosure vulnerabilities.
| | Author: | John Cobb | | Homepage: | http://www.NoBytes.com | | File Size: | 2023 | | Last Modified: | Aug 17 02:35:33 2005 |
| MD5 Checksum: | 75c91c659c362bb159406bb366bc7aff |
|
| /// File Name: |
x_osh2.pl.txt |
Description:
|
Operator Shell (osh) 1.7-12 local root exploit. New version of an old exploit.
| | Author: | Charles Stevenson aka core | | File Size: | 4659 | | Last Modified: | Aug 17 01:36:57 2005 |
| MD5 Checksum: | bbc767844763edfbf4e168e6b994939b |
|
| /// File Name: |
jgtcXSS.txt |
Description:
|
jg-tc.com is susceptible to a multitude of cross site scripting flaws.
| | Author: | Jeff Peadro | | File Size: | 1895 | | Last Modified: | Aug 17 01:04:41 2005 |
| MD5 Checksum: | 9e166a2972ea986026d7d3996a8b6a30 |
|
| /// File Name: |
nordXSS.txt |
Description:
|
Nordstrom's website is susceptible cross site scripting attacks.
| | Author: | Jeff Peadro | | File Size: | 499 | | Last Modified: | Aug 17 01:04:00 2005 |
| MD5 Checksum: | ccde934bcb2be4c445b17f410caaf369 |
|
| /// File Name: |
citibankXSS.txt |
Description:
|
Citibank's website in the UK is susceptible cross site scripting attacks.
| | Author: | Andrew Smith | | File Size: | 2584 | | Last Modified: | Aug 17 01:02:15 2005 |
| MD5 Checksum: | 8e84876372ebab674c0b73a3848af57e |
|
| /// File Name: |
phptb20.txt |
Description:
|
PHPTB Topic Boards 2.0 is susceptible to a SQL injection attack.
| | Author: | aLMaSTeR HaCKeR | | File Size: | 593 | | Last Modified: | Aug 17 01:00:23 2005 |
| MD5 Checksum: | 58075d11875a9ffbfaccd264fc4f6380 |
|
| /// File Name: |
ADSLFR4II.txt |
Description:
|
Nth Dimension Security Advisory (NDSA20050719) - Mentor's ADSL-FR4II router, firmware version 2.00.0111 2004.04.09, is susceptible to unauthenticated administrative access, downloading of configuration files with the system password, and denial of service attacks.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 3572 | | Last Modified: | Aug 17 00:59:01 2005 |
| MD5 Checksum: | f3bbb1c54db3bfc7d745084f66ad82a6 |
|
| /// File Name: |
jagoff.txt |
Description:
|
The JaguarControl ActiveX controller suffers from a buffer overflow exploit.
| | Author: | Tacettin Karadeniz | | File Size: | 7186 | | Last Modified: | Aug 17 00:39:41 2005 |
| MD5 Checksum: | 643f8b8022b4e721b3f4964731f4da5a |
|
| /// File Name: |
ezupload-2.2.0.pl |
Description:
|
Ezupload prior to v2.2.0 remote command execution exploit via file inclusion.
| | Author: | Johnnie Walker | | Related File: | 1747 | | File Size: | 2142 | | Last Modified: | Aug 16 01:57:33 2005 |
| MD5 Checksum: | 6a7199fabb717954ece8447f5c1f9a8c |
|
| /// File Name: |
mdaemon_imap.pm.txt |
Description:
|
Mdaemon 8.0.3 IMAP CRAM-MD5 authentication remote buffer overflow exploit.
| | File Size: | 2479 | | Last Modified: | Aug 15 01:17:13 2005 |
| MD5 Checksum: | 379e6bb2e530de9238d0c264ea2ef2d8 |
|
| /// File Name: |
edirectory_imonitor.pm.txt |
Description:
|
Novell eDirectory 8.7.3 iMonitor service remote buffer overflow exploit.
| | File Size: | 2235 | | Last Modified: | Aug 15 01:15:34 2005 |
| MD5 Checksum: | fdf29f12ee0e8206f662c61a4ccf9757 |
|
| /// File Name: |
zenworks_desktop_agent.pm.txt |
Description:
|
Novell ZENworks 6.5 Desktop/Server Management remote stack overflow exploit.
| | File Size: | 2711 | | Last Modified: | Aug 15 01:13:39 2005 |
| MD5 Checksum: | 678bf1fc3cd9aa603ec1771ffe7855f5 |
|
| /// File Name: |
rsaXSS.txt |
Description:
|
Definition of irony: Three cross site scripting vulnerabilities have been discovered in the RSA Security Blog entitled "Speaking of Security".
| | Author: | Rodrigo Gutierrez | | File Size: | 1275 | | Last Modified: | Aug 15 01:05:37 2005 |
| MD5 Checksum: | 1d0636b787b9e7133990aaf3e0fd0cbe |
|
| /// File Name: |
HOD-ms05039-pnp-expl.c |
Description:
|
Microsoft Windows Plug-and-Play remote overflow universal exploit that is related to MS05-039. Vulnerable systems include: Microsoft Windows Server 2003 SP1, Microsoft Windows XP SP1 and SP2, and Microsoft Windows 2000 SP4.
| | Author: | houseofdabus | | Related Exploit: | ms05039.c | | File Size: | 14264 | | Related CVE(s): | CAN-2005-1983 | | Last Modified: | Aug 13 03:01:08 2005 |
| MD5 Checksum: | d6dc9aaaab54213702bd9facbedf2e7c |
|
| /// File Name: |
kavLocalRoot.txt |
Description:
|
Due to the logs directory being 777 by default, Kaspersky AntiVirus 5.5 is susceptible to a local root exploit via a symlink attack. Details are provided.
| | Author: | Dr. Peter Bieringer | | File Size: | 15672 | | Last Modified: | Aug 13 02:56:49 2005 |
| MD5 Checksum: | cb19145c1046533f786fc038e618534f |
|
| /// File Name: |
grandstream-DoS.pl.txt |
Description:
|
Denial of service exploit for the Grandstream Budge Tone 101/102 VOIP phone that sends UDP packets larger than 65534 bytes in size to port 5060.
| | Author: | Pierre Kroma | | Related File: | Grandstream.txt | | File Size: | 1288 | | Last Modified: | Aug 13 02:52:52 2005 |
| MD5 Checksum: | 55b5381d4cdf567a6ccc4d0618081fbc |
|
| /// File Name: |
MyBBRC4.txt |
Description:
|
Multiple SQL injection vulnerabilities exist in MyBB RC 4.
| | Author: | Phuket | | File Size: | 1875 | | Last Modified: | Aug 13 02:42:47 2005 |
| MD5 Checksum: | 780f66ab57fa4b0c488ea8c658e9180f |
|
| /// File Name: |
clarolineTraverse.txt |
Description:
|
Claroline 1.6.1 is vulnerable to multiple directory traversal attacks. Teacher access is needed for successful exploitation.
| | Author: | Robbe De Keyzer | | File Size: | 1832 | | Last Modified: | Aug 13 02:41:12 2005 |
| MD5 Checksum: | a6a8f5daf900f15a89847adab37ab590 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
