knowledge is security
Showing 101 - 125 of 601 RSS Feed

Files

PhpMyAdmin Config File Code Injection
Posted Dec 31, 2009
Authored by PAgVac, Greg Ose | Site metasploit.com

This Metasploit module exploits a vulnerability in PhpMyAdmin's setup feature which allows an attacker to inject arbitrary PHP code into a configuration file. The original advisory says the vulnerability is present in phpMyAdmin versions 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1; this module was tested on 3.0.1.1. The file where our payload is written (phpMyAdmin/config/config.inc.php) is not directly used by the system, so it may be a good idea to either delete it or copy the running config (phpMyAdmin/config.inc.php) over it after successful exploitation.

tags | exploit, arbitrary, php
advisories | CVE-2009-1151
MD5 | daa773a35dac8ed474de87c4c695b7ea
Download | Favorite | Comments (0)
QuickTime Streaming Server parse_xml.cgi Remote Execution
Posted Dec 31, 2009
Authored by H D Moore | Site metasploit.com

The QuickTime Streaming Server contains a CGI script that is vulnerable to metacharacter injection, allow arbitrary commands to be executed as root.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2003-0050
MD5 | 648b5961f6898d673255697240f0f722
Download | Favorite | Comments (0)
PHP Include Generic Exploit
Posted Dec 31, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits various php include vulnerabilities.

tags | exploit, php, vulnerability
MD5 | 6a900d61894d372ba65f60257f2764ba
Download | Favorite | Comments (0)
Zabbix Agent net.tcp.listen Command Injection
Posted Dec 31, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a metacharacter injection vulnerability in the FreeBSD and Solaris versions of the Zabbix agent. This flaw can only be exploited if the attacker can hijack the IP address of an authorized server (as defined in the configuration file).

tags | exploit
systems | solaris, freebsd
MD5 | f90accbcdb45c5a3c31cf84af285a418
Download | Favorite | Comments (0)
K-Rate SQL Injection
Posted Dec 31, 2009
Authored by e.wiZz!

K-Rate suffers from a remote SQL injection vulnerability in view.php.

tags | exploit, remote, php, sql injection
MD5 | 0eb2c822258d1a3c077096b50b28bea6
Download | Favorite | Comments (0)
UranyumSoft Ylan Servisi Database Disclosure
Posted Dec 31, 2009
Authored by LionTurk

UranyumSoft Ylan Servisi suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 99f9bb401166bc95576abd3546f05021
Download | Favorite | Comments (0)
WingFTP 3.2.4 Cross Site Request Forgery
Posted Dec 31, 2009
Authored by Ams

WingFTP version 3.2.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 863065cd82015c1735c4c9198872fee7
Download | Favorite | Comments (0)
Opera 10.10 Status Bar Obfuscation
Posted Dec 31, 2009
Authored by 599eme Man

Opera 10.10 suffers from a simple status bar obfuscation vulnerability.

tags | exploit
MD5 | e309d08aa14efd6fd2b5c28cec3270b5
Download | Favorite | Comments (0)
Joomla RD Download File Disclosure
Posted Dec 30, 2009
Authored by Fl0riX

The Joomla RD Download component suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | a0b954f3180823dd394b1a0004004b0e
Download | Favorite | Comments (0)
Joomla Airmonoblock Blind SQL Injection
Posted Dec 30, 2009
Authored by Fl0riX

The Joomla Airmonoblock component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ffc3a9fb011285025d338079488f74da
Download | Favorite | Comments (0)
My Book World Edition NAS Cross Site Scripting
Posted Dec 30, 2009
Authored by emgent

My Book World Edition NAS suffers from remote command execution and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss
MD5 | 603bb845511cbdced05e878c1fa933cc
Download | Favorite | Comments (0)
RoseOnlineCMS Local File Inclusion
Posted Dec 30, 2009
Authored by cr4wl3r

RoseOnlineCMS versions 3 B1 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 7c3f101d93c6c62c4bf98d9fc990c4b2
Download | Favorite | Comments (0)
I-Rater Basic Shell Upload
Posted Dec 30, 2009
Authored by indoushka

I-Rater basic suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | a415c2b476672743a6ed92199a269fa4
Download | Favorite | Comments (0)
PicMe 2.1.0 Cross Site Scripting
Posted Dec 30, 2009
Authored by indoushka

PicMe version 2.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | accd871c0501d1a05ba6f137a192b4dc
Download | Favorite | Comments (0)
Mambo View Full Listing SQL Injection
Posted Dec 30, 2009
Authored by Fl0riX

The Mambo View Full Listing component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d1ab68aa2513bf1cf119076f1e1c2164
Download | Favorite | Comments (0)
Diesel Job Site 1.4 RFI / XSS / Bypass
Posted Dec 30, 2009
Authored by indoushka

Diesel Job Site version 1.4 suffers from remote file inclusion, cross site scripting, and bypass vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, bypass, file inclusion
MD5 | 4c41816e138d8cae391b80957b10dc01
Download | Favorite | Comments (0)
I-Escorts Directory SQL Injection
Posted Dec 30, 2009
Authored by R3d-D3v!L

I-Escorts Directory suffers from a remote SQL injection vulnerability in country_escorts.php.

tags | exploit, remote, php, sql injection
MD5 | 4b8aaefb06db33fdf4743f2993597d91
Download | Favorite | Comments (0)
PicMe 2.1.0 Shell Upload
Posted Dec 30, 2009
Authored by indoushka

PicMe version 2.1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | f71a61cb63fbf097422a999d41eeefd5
Download | Favorite | Comments (0)
UBB.Threads 6 Remote File Inclusion
Posted Dec 30, 2009
Authored by indoushka

UBB.Threads version 6 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | e396b743da59c1a162f6900977487ad0
Download | Favorite | Comments (0)
Joomla StaticXT Cross Site Scripting
Posted Dec 30, 2009
Authored by Fl0riX

The Joomla StaticXT component suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e581bf6d71e30d726a95f83d79568b3c
Download | Favorite | Comments (0)
Scribd.com Cross Site Scripting
Posted Dec 30, 2009
Authored by Nishant Soni | Site secworm.net

Scribd.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8210e4b01b01708960439dc6eb9a5628
Download | Favorite | Comments (0)
Netragard Security Advisory 2009-12-19
Posted Dec 30, 2009
Authored by Adriel T. Desautels, Netragard | Site netragard.com

Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.

tags | exploit, java, remote, overflow, code execution
systems | apple, osx
advisories | CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866
MD5 | bf29ef8a7cb944628b6bfd65dacce73a
Download | Favorite | Comments (0)
B2B eCommerce SQL Injection
Posted Dec 30, 2009
Authored by nojacipka4

B2B eCommerce suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2eae3a31fdd8c09be5c3076e31685816
Download | Favorite | Comments (0)
Joomla KKContent Blind SQL Injection
Posted Dec 30, 2009
Authored by Pyske

The Joomla KKContent component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8f87f4dd1fce35d29d61a6999a2bba78
Download | Favorite | Comments (0)
Despe FreeCell Cross Site Scripting
Posted Dec 30, 2009
Authored by indoushka

Despe FreeCell suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c8e2b2b5064d991facb954e97565c43c
Download | Favorite | Comments (0)
Page 5 of 24
Back34567Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Armenia Jails Bredolab Botmaster For 4 Years
Posted May 24, 2012

tags | headline, government, cybercrime, botnet, fraud
Link | Favorite | Comments (0)
Police Given 350 Mobile Fingerprint Scanners For Olympics
Posted May 24, 2012

tags | headline, government, privacy, britain
Link | Favorite | Comments (0)
Researcher Needles Oracle Over Java Security
Posted May 24, 2012

tags | headline, flaw, oracle, java
Link | Favorite | Comments (0)
35,000 Passwords Reset After BigPond GameArena Hacked
Posted May 24, 2012

tags | headline, hacker, data loss, password
Link | Favorite | Comments (0)
Indian SMBs Facing Advanced Attack Threats
Posted May 23, 2012

tags | headline, hacker, india, denial of service, symantec
Link | Favorite | Comments (0)
Jailed Facebook Hack Brit Targeted Justin Bieber's Girlfriend
Posted May 23, 2012

tags | headline, hacker, britain, facebook, social
Link | Favorite | Comments (0)
123-Reg Hosted Websites Go Offline After 'China Attack'
Posted May 23, 2012

tags | headline, china, denial of service
Link | Favorite | Comments (0)
Google To Alert Thousands Over Loss Of Internet Risk From DNSChanger Trojan
Posted May 23, 2012

tags | headline, malware, trojan, dns, google
Link | Favorite | Comments (0)
Microsoft's Rozzle Bolsters Drive-By Malware Defenses
Posted May 22, 2012

tags | headline, malware, microsoft
Link | Favorite | Comments (0)
Chinese Social Network To Recruit In-House Censor
Posted May 22, 2012

tags | headline, china, social, twitter, censorship
Link | Favorite | Comments (0)
View More News →
packet storm

© 2012 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Advertising
Become an Advertiser
Hosting By
Rokabear
Global Mirror List
close