Complete comprehensive archive of all exploits posted to Packet Storm for 2005.
ae68a5b0cc2feaed42dba3d2307fbc66Packet Storm new exploits for December, 2005.
fda394a1e54f4abf73962ed66d26dc3bLinux kernel 2.6.11 and below CPL 0 local exploit. Third version/variant of this exploit.
fe97c08a01073659a768232db8f502efRemote command execution exploit for CubeCart versions 3.0.6 and below that makes use of an input sanitization flaw in orderSuccess.inc.php.
4657be8ac1e8639b13575ee1bf77e75cThis Metasploit module exploits a vulnerability in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code.
41f7cfba418309a3d955d808ee079bd6KAPDA Advisory #18 - Various WebWiz scripts suffer from SQL injection vulnerabilities due to a lack of input sanitization in check_user.asp. Details on exploitation provided.
23b2a1ef85c18c71cc4d9a6678fedfaaInternet Explorer Version 6.0.2900.2180.xpsp_sp2 mshtml.dll <div> denial of service exploit.
b5a6124e8c38eeed20d5355a60984a7eRemote command execution exploit for phpDocumentor versions 1.3.0 rc4 and below.
2fd6773ad972fc55747644a9248f2869Google's GMailSite script is susceptible to cross site scripting attacks. Details provided. Versions 1.0.4 and below are affected.
b30b60462a746c3ee07d8b8ef9512402BpowerAMP Music Converter v11.5 and prior local buffer overflow exploit.
07cdccb20d13c9120729756bbdc1d4eeDev Web versions less than of equal to 1.5 'cat' SQL injection and admin MD5 password hash disclosure exploit.
4e8ecca6f99911710c2e7703c1042181Microsoft IIS 5.1 malformed URI denial of service exploit.
33e4e92fc77d2514e825fa4956262cd3mIRC exploit for versions 6.16 and below. Proof of concept exploit that does not actually increase privileges but could be useful in restricted environments.
f42e9afc57363d0249b6b3aa0790d5edTolva PHP website system version 0.1.0 suffers from a remote php include vulnerability.
705140a6f6d6ea29bfc9c58f9fba1c14Several vulnerabilities in Acidcat CMS v 2.1.13 and below have been found which can be used to discover the admin credentials or download the database.
d683870ab3c64aa5edc3f729683b6aa5PHPGedView versions less than or equal to 3.3.7 arbitrary local and remote code execution and php injection exploit.
1c536361235cf3a330b3e3b7f98d107fFTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to specially crafted XSS requests. A remote attacker could trick a user into viewing a vulnerable page which could then lead to remote compromise.
e008f66c82dc31ff0cacce9d393a4d6eMetasploit exploit for a remote buffer overflow that exists in the MailEnable Enterprise 1.1 IMAP EXAMINE command. This vulnerability affects MailEnable Enterprise 1.1 without the ME-10009.EXE patch.
0759dc48707c12312cfe8713c81d9517Python exploit for a remote buffer overflow that exists in the MailEnable Enterprise 1.1 IMAP EXAMINE command. This vulnerability affects MailEnable Enterprise 1.1 without the ME-10009.EXE patch.
4d2052261c05aa5f9b5f8999662a166cTwo Microsoft Excel xls files that demonstrate null pointer bugs.
0564e730901ee39f705c3811eb423ef6Cerberus HelpDesk is susceptible to SQL injection and cross site scripting flaws. cerberus-gui 2.649 is affected. support-center 2.649 through 3.2.0pr2 is also affected. Full exploitation details provided.
4e8068a82c40d05baeb62691157db870phpBB 2.0.18 is susceptible to cross site scripting and path disclosure issues.
efaa7a3cf341f9cd6b6b794e94f020b6PlaySMS is susceptible to cross site scripting attacks.
5771d887aad81790eb546ae09bbfb7b2phpMyAdmin version 2.7.0 is susceptible to SQL injection attacks via the server_privileges.php script. Details provided.
16bc082433656f2e812665cc5bc17ad0WebCal versions 1.11 through 3.04 are susceptible to cross site scripting attacks.
515d21f55e70bd7e6756fcf17e9feda3
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed