Section: .. / 0711-exploits /
| /// File Name: |
PR07-29.txt |
Description:
|
Two cross site scripting vulnerabilities have been discovered in the Blue coat ProxySG Management Console. Versions below 4.2.6.1 and 5.2.2.5 are susceptible.
| | Author: | Adrian Pastor | | Homepage: | http://www.procheckup.com/ | | File Size: | 2423 | | Last Modified: | Nov 1 19:28:34 2007 |
| MD5 Checksum: | 4300508a909c96cafc2e2f84ee679c17 |
|
| /// File Name: |
guppy-rfilfi.txt |
Description:
|
GuppY version 4.6.3 suffers from remote and local file inclusion vulnerabilities.
| | Author: | irk4z | | File Size: | 2410 | | Last Modified: | Nov 5 10:48:44 2007 |
| MD5 Checksum: | 701311e946dcca83d2cc2837b8c8cd67 |
|
| /// File Name: |
bitdefenderoscan-activex.txt |
Description:
|
BitDefender Online Scanner 8 ActiveX heap overflow exploit that makes use of OScan8.ocx and OScan81.ocx.
| | Author: | Nphinity | | Related File: | EEYE-bitdefender.txt | | File Size: | 2367 | | Last Modified: | Nov 27 22:52:15 2007 |
| MD5 Checksum: | dad0a96eb5485519621d9f97946244b3 |
|
| /// File Name: |
eggblog-xss.txt |
Description:
|
Eggblog version 3.1.0 is susceptible to cross site scripting vulnerabilities.
| | Author: | Mesut Timur | | Homepage: | http://www.h-labs.org/ | | File Size: | 2273 | | Last Modified: | Nov 12 22:44:01 2007 |
| MD5 Checksum: | fb2bc0b01041daf3e29e60d0c593348c |
|
| /// File Name: |
real-overflow.txt |
Description:
|
It appears that RealNetworks RealPlayer suffers from more stack overflow vulnerabilities in ierpplug.dll.
| | Author: | Elazar Broad | | File Size: | 2247 | | Last Modified: | Nov 26 22:13:40 2007 |
| MD5 Checksum: | fc4a3f5f53f505cbdae2277078a65d3c |
|
| /// File Name: |
PR07-02.txt |
Description:
|
The Liferay Portal login page is vulnerable to a cross site scripting vulnerability within the "login" field processed by the "/c/portal/login" server-side script.
| | Author: | Adrian Pastor | | Homepage: | http://www.procheckup.com/ | | File Size: | 2218 | | Last Modified: | Nov 16 02:54:37 2007 |
| MD5 Checksum: | 7b9abfad8585fd2146ccbb87c11f4500 |
|
| /// File Name: |
projectalumni-sqlxss.txt |
Description:
|
Project Alumni versions 1.0.9, 1.0.8, and possibly prior releases suffer from cross site scripting and SQL injection vulnerabilities.
| | Author: | tomplixsee | | File Size: | 2212 | | Last Modified: | Nov 26 16:00:26 2007 |
| MD5 Checksum: | 4cf7c7514232e5aecf2ea8f832899041 |
|
| /// File Name: |
PR07-15.txt |
Description:
|
The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.logon.php3.
| | Author: | Richard Brain | | Homepage: | http://www.procheckup.com/ | | File Size: | 2208 | | Last Modified: | Dec 2 15:39:06 2007 |
| MD5 Checksum: | d2712a2796254f18fd7453d88ff3e8ba |
|
| /// File Name: |
aquick-seh.txt |
Description:
|
Apple QuickTime versions 7.2 and 7.3 RTSP response remote SEH overwrite proof of concept exploit.
| | Author: | h07 | | File Size: | 2188 | | Last Modified: | Nov 26 21:31:24 2007 |
| MD5 Checksum: | c2038dcdccec92fa74e06320fb96f136 |
|
| /// File Name: |
PR07-14.txt |
Description:
|
The F5 FirePass 4100 SSL VPN is susceptible to cross site scripting vulnerabilities in my.activation.php3.
| | Author: | Adrian Pastor, Jan Fry | | Homepage: | http://www.procheckup.com/ | | File Size: | 2177 | | Last Modified: | Dec 2 15:37:49 2007 |
| MD5 Checksum: | a5c5e3277bf1f9ac5dd422520c6fb014 |
|
| /// File Name: |
skalinks-csrf.txt |
Description:
|
Skalinks versions 1.5 and below cross site request forgery add administrator exploit.
| | Author: | Vincy | | File Size: | 2032 | | Last Modified: | Nov 5 11:10:47 2007 |
| MD5 Checksum: | 117885697b5f9ee74219b1fb3cbc6b85 |
|
| /// File Name: |
tildecms-sql.txt |
Description:
|
Tilde CMS versions 4.x and below suffer from a SQL injection vulnerability.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 2009 | | Last Modified: | Nov 26 22:48:35 2007 |
| MD5 Checksum: | 7e70684c3673ed557eabfc800e77eeb6 |
|
| /// File Name: |
dxmsft-overflow.txt |
Description:
|
Multiple stack overflows exist in dxmsft.dll version 6.3.2900.3199 (Image DirectX Transforms). Proof of concept included.
| | Author: | Elazar Broad | | File Size: | 1980 | | Last Modified: | Nov 26 17:23:30 2007 |
| MD5 Checksum: | 5bd751ada3c01c561e54dbe81e6f971f |
|
| /// File Name: |
mcs-rfi.txt |
Description:
|
MySpace Clone Script suffers from a remote file inclusion vulnerability in index.php.
| | Author: | VerY-SecReT | | Homepage: | http://www.sniper-sa.com/ | | File Size: | 1969 | | Last Modified: | Nov 26 16:03:02 2007 |
| MD5 Checksum: | c9610154d92b2e53293abf2eb30ad14d |
|
| /// File Name: |
scribe-exec.txt |
Description:
|
Scribe versions 0.2 and below suffer from a remote PHP code execution vulnerability.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1950 | | Last Modified: | Nov 2 11:50:21 2007 |
| MD5 Checksum: | 69a127ea3eb22cfc0652d108b8c472fc |
|
| /// File Name: |
softbiz4-sql.txt |
Description:
|
Softbiz Links Directory Script suffers from a remote SQL injection vulnerability.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 1930 | | Last Modified: | Nov 12 19:48:01 2007 |
| MD5 Checksum: | bc9b1760bfc2fb84755162832cef02ee |
|
| /// File Name: |
softbiz1-sql.txt |
Description:
|
Softbiz Auctions suffers from a remote SQL injection vulnerability in product_desc.php.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 1899 | | Last Modified: | Nov 12 19:45:53 2007 |
| MD5 Checksum: | cb1f6585f8372b55721a7784e561a0f9 |
|
| /// File Name: |
ftpadmin-multi.txt |
Description:
|
FTP Admin version 0.1.0 suffers from bypass, local file inclusion, and cross site scripting vulnerabilities.
| | Author: | omnipresent | | File Size: | 1847 | | Last Modified: | Nov 30 00:54:37 2007 |
| MD5 Checksum: | 1e741f922fd81e1ff0a42de723906a5f |
|
| /// File Name: |
gwextranet-multi.txt |
Description:
|
GWExtranet version 3.0 suffers from privilege escalation, cross site scripting, and remote file inclusion vulnerabilities.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1829 | | Last Modified: | Nov 26 22:20:36 2007 |
| MD5 Checksum: | 8505ac430be163d75649eb8d4448beb1 |
|
| /// File Name: |
phpnuketopsites-inject.txt |
Description:
|
The PHP-Nuke add-on MS TopSites suffers from a HTML injection vulnerability.
| | Author: | Guns | | Homepage: | http://www.0x90.com.ar/ | | File Size: | 1799 | | Last Modified: | Nov 6 23:16:32 2007 |
| MD5 Checksum: | 26da11a98b86df7366bcd7db6184301f |
|
| /// File Name: |
eurologon-sql.txt |
Description:
|
Eurologon CMS suffers from multiple SQL injection vulnerabilities.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1781 | | Last Modified: | Nov 27 22:38:44 2007 |
| MD5 Checksum: | d5d5b5cfe4219bfb4f02ca65321d6676 |
|
| /// File Name: |
phpnukensn-disclose.txt |
Description:
|
PHP-Nuke NSN Script Depository module versions 1.0.0 and below suffer from a remote source disclosure vulnerability.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1758 | | Last Modified: | Nov 26 22:50:32 2007 |
| MD5 Checksum: | c1b31b6050529af2d3f35a56e8151a33 |
|
| /// File Name: |
meBiblio-xss.txt |
Description:
|
meBiblio version 0.4.5 suffers from cross site scripting vulnerabilities.
| | Author: | ShAy6oOoN | | File Size: | 1715 | | Last Modified: | Nov 26 15:51:59 2007 |
| MD5 Checksum: | 40d8e1f4044e8e5be3c097e6de705f58 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
