Section: .. / 0508-exploits /
| /// File Name: |
edirectory_imonitor.pm.txt |
Description:
|
Novell eDirectory 8.7.3 iMonitor service remote buffer overflow exploit.
| | File Size: | 2235 | | Last Modified: | Aug 15 01:15:34 2005 |
| MD5 Checksum: | fdf29f12ee0e8206f662c61a4ccf9757 |
|
| /// File Name: |
mybbSQLinject.txt |
Description:
|
MyBulletinBoard (MyBB) versions 1.00 RC1 through RC4 suffer from SQL injection flaws. Perl exploit included.
| | Author: | Devil-00 | | File Size: | 2193 | | Last Modified: | Aug 23 21:04:17 2005 |
| MD5 Checksum: | 49f040c0a085c912cd267235e83f12de |
|
| /// File Name: |
ezupload-2.2.0.pl |
Description:
|
Ezupload prior to v2.2.0 remote command execution exploit via file inclusion.
| | Author: | Johnnie Walker | | Related File: | 1747 | | File Size: | 2142 | | Last Modified: | Aug 16 01:57:33 2005 |
| MD5 Checksum: | 6a7199fabb717954ece8447f5c1f9a8c |
|
| /// File Name: |
OS2A-1001.txt |
Description:
|
ePing is a ping utility plugin for e107, a PHP-based content management system that uses a MySQL backend database. ePing versions 1.02 and prior are vulnerable to a file creation vulnerability caused by improper validation of user-supplied input in the doping.php script.
| | File Size: | 2122 | | Last Modified: | Aug 9 04:46:58 2005 |
| MD5 Checksum: | cd56bc67a5d28cae77bfe3fd1a9d2063 |
|
| /// File Name: |
ECWshop.txt |
Description:
|
ECW Shop version 6.0.2 suffers from cross site scripting, various injection, and disclosure vulnerabilities.
| | Author: | John Cobb | | Homepage: | http://www.NoBytes.com | | File Size: | 2023 | | Last Modified: | Aug 17 02:35:33 2005 |
| MD5 Checksum: | 75c91c659c362bb159406bb366bc7aff |
|
| /// File Name: |
jgtcXSS.txt |
Description:
|
jg-tc.com is susceptible to a multitude of cross site scripting flaws.
| | Author: | Jeff Peadro | | File Size: | 1895 | | Last Modified: | Aug 17 01:04:41 2005 |
| MD5 Checksum: | 9e166a2972ea986026d7d3996a8b6a30 |
|
| /// File Name: |
MyBBRC4.txt |
Description:
|
Multiple SQL injection vulnerabilities exist in MyBB RC 4.
| | Author: | Phuket | | File Size: | 1875 | | Last Modified: | Aug 13 02:42:47 2005 |
| MD5 Checksum: | 780f66ab57fa4b0c488ea8c658e9180f |
|
| /// File Name: |
phptbInject.txt |
Description:
|
PHPTB versions 2.0 and below suffer from multiple PHP injection flaws.
| | Author: | Filip Groszynski | | File Size: | 1843 | | Last Modified: | Aug 18 02:58:47 2005 |
| MD5 Checksum: | f161d2f673c45c1b9acff4b010f0ef79 |
|
| /// File Name: |
PaFileDB31SQL.txt |
Description:
|
PaFileDB 3.1 is susceptible to a SQL injection attack that allows for login bypass.
| | Author: | deluxe89, Astovidatu | | Homepage: | http://security-project.org | | File Size: | 1833 | | Last Modified: | Aug 25 01:09:21 2005 |
| MD5 Checksum: | 5ebb7571066d1cee27025c2990ccbf0e |
|
| /// File Name: |
clarolineTraverse.txt |
Description:
|
Claroline 1.6.1 is vulnerable to multiple directory traversal attacks. Teacher access is needed for successful exploitation.
| | Author: | Robbe De Keyzer | | File Size: | 1832 | | Last Modified: | Aug 13 02:41:12 2005 |
| MD5 Checksum: | a6a8f5daf900f15a89847adab37ab590 |
|
| /// File Name: |
wagora240.txt |
Description:
|
w-agora versions 4.2.0 and below suffer from directory traversal attacks.
| | Author: | matrix killer | | Homepage: | http://www.h4cky0u.org | | File Size: | 1751 | | Last Modified: | Aug 19 01:00:41 2005 |
| MD5 Checksum: | de65ead31088b1588847201a38fb9f70 |
|
| /// File Name: |
NAePolicy.txt |
Description:
|
A privilege escalation flaw exists in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3). Exploitation details provided.
| | Author: | Reed Arvin | | Homepage: | http://reedarvin.thearvins.com/ | | File Size: | 1748 | | Last Modified: | Aug 12 03:00:22 2005 |
| MD5 Checksum: | 3ca0a4e98d960f6e2e41e2b844bed4f7 |
|
| /// File Name: |
linksysWLAN20.txt |
Description:
|
The Linksys WLAN Monitor service (WLSVC) that is used to configure settings for various Linksys wireless network cards runs under the context of the LocalSystem account. It is possible to manipulate the administrative interface of the Linksys WLAN Monitor and escalate privileges to that of the LocalSystem account. Linksys WLAN Monitor version 2.0 is susceptible.
| | Author: | Reed Arvin | | Homepage: | http://reedarvin.thearvins.com/ | | File Size: | 1746 | | Last Modified: | Aug 11 00:52:21 2005 |
| MD5 Checksum: | 880c6418dd76abab4214c0e9146f60e3 |
|
| /// File Name: |
mediabox404.txt |
Description:
|
mediabox404 WebRadio and WebTV manager is susceptible to a SQL injection attack that allows for login bypass. Versions 1.2 and below are vulnerable.
| | Author: | Cedric Tissieres | | Homepage: | http://www.objectif-securite.ch | | File Size: | 1669 | | Last Modified: | Aug 18 02:56:24 2005 |
| MD5 Checksum: | a1587b7efad1ea40f3b4d70501538bb2 |
|
| /// File Name: |
dvbbsXSS.txt |
Description:
|
DVBBS version 7.1 suffers from a cross site scripting flaw.
| | Author: | Lostmon | | File Size: | 1651 | | Related OSVDB(s): | 18512 | | Last Modified: | Aug 9 05:11:31 2005 |
| MD5 Checksum: | 09e5aeaf1577072e5cc026aa88052bab |
|
| /// File Name: |
qnx-inputtrap.txt |
Description:
|
QNX inputtrap from QNX RTOS versions 6.3 and 6.1.0 suffers from an arbitrary file read vulnerability.
| | Author: | Julio Cesar Fort | | File Size: | 1640 | | Last Modified: | Aug 25 02:09:10 2005 |
| MD5 Checksum: | 6485b7c7501a5b7eee39fd1c2b6d013c |
|
| /// File Name: |
cpan.c |
Description:
|
Remote code execution exploit for cPanel versions 9.x and below that binds a shell to port 1666.
| | Author: | PakBraiN | | File Size: | 1602 | | Last Modified: | Aug 12 02:53:10 2005 |
| MD5 Checksum: | e4eb40e742dcd986e712f8dc6e4568e2 |
|
| /// File Name: |
mybbSQL.pl.txt |
Description:
|
MyBulletinBoard (MyBB) member.php SQL injection exploit.
| | Author: | W7ED | | File Size: | 1488 | | Last Modified: | Aug 31 01:17:00 2005 |
| MD5 Checksum: | 9274e58ef338ce1541974c525480a669 |
|
| /// File Name: |
atutor151.txt |
Description:
|
ATutor versions 1.5.1 and below suffer from multiple cross site scripting vulnerabilities.
| | Author: | matrix killer, h4cky0u | | Homepage: | http://www.h4cky0u.org | | File Size: | 1482 | | Last Modified: | Aug 19 00:59:26 2005 |
| MD5 Checksum: | fccc7b6e4fffe218a5e27fd4fae0f546 |
|
| /// File Name: |
fud.html |
Description:
|
Remote code execution exploit for FUD Forum versions 2.7 and below.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | Related File: | fudForum.txt | | File Size: | 1476 | | Last Modified: | Aug 31 02:49:53 2005 |
| MD5 Checksum: | 0a6890ae0ddec4b2fbf9dafb1a53e299 |
|
| /// File Name: |
cosmoshop81078.txt |
Description:
|
Cosmoshop versions 8.10.78 and below suffer from SQL injection flaws, clear text passwords, and directory traversal flaws.
| | Author: | l0om | | Homepage: | http://www.excluded.org | | File Size: | 1466 | | Last Modified: | Aug 31 01:32:48 2005 |
| MD5 Checksum: | 43eb2a684a72cba7453b395b76af5865 |
|
| /// File Name: |
beaXSS.txt |
Description:
|
BEA WebLogic versions 8.1 SP4 and below suffer from a cross site scripting flaw in the Administration console.
| | Author: | GomoR | | Homepage: | http://www.GomoR.org/ | | File Size: | 1433 | | Last Modified: | Aug 25 00:59:40 2005 |
| MD5 Checksum: | 75cb275908dde195433f902633155e90 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
