Section: .. / 0712-exploits /
| /// File Name: |
shnews-sql.txt |
Description:
|
SH-News version 3.0 suffers from a remote SQL injection vulnerability in comments.php.
| | Author: | hadihadi | | File Size: | 1068 | | Last Modified: | Dec 10 17:11:19 2007 |
| MD5 Checksum: | 7814f65c7210ed1ed5f0a82139fedf5a |
|
| /// File Name: |
ace-sql.txt |
Description:
|
The Ace Image Hosting Script suffers from a remote SQL injection vulnerability.
| | Author: | t0pp8uzz, xprog | | File Size: | 955 | | Last Modified: | Dec 10 17:10:25 2007 |
| MD5 Checksum: | 8f28595fa1dda14db8e7fc9fefbc00cf |
|
| /// File Name: |
cinject-sql.txt |
Description:
|
Content Injector versions 1.53 suffers from a remote SQL injection vulnerability in index.php.
| | Author: | S.W.A.T. | | Homepage: | http://www.xmors.com/ | | File Size: | 1805 | | Last Modified: | Dec 10 17:09:37 2007 |
| MD5 Checksum: | 159231f40b2d2ed8011c5558e4308d48 |
|
| /// File Name: |
flatphp-multi.txt |
Description:
|
Flat PHP Board versions 1.2 and below suffer from privilege escalation, directory traversal, and other vulnerabilities.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 3374 | | Last Modified: | Dec 10 17:08:46 2007 |
| MD5 Checksum: | a185e813a697761949687ba8936b784c |
|
| /// File Name: |
poldoccms-disclose.txt |
Description:
|
PolDoc CMS version 0.96 suffers from a remote file disclosure vulnerability in download_file.php.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 226 | | Last Modified: | Dec 8 18:25:31 2007 |
| MD5 Checksum: | 33c0a6529ccbe8a86a185dd81aaf2c54 |
|
| /// File Name: |
autohtml-lfi.txt |
Description:
|
PHP-Nuke suffers from a remote file inclusion vulnerability in autohtml.php.
| | Author: | d3v1l | | Homepage: | http://security-shell.uni.cc/ | | File Size: | 573 | | Last Modified: | Dec 8 17:45:19 2007 |
| MD5 Checksum: | 13c4a85b3cf2bac81561d5c7300cf399 |
|
| /// File Name: |
doom-rfi.txt |
Description:
|
DOOM CMS for ISPs version 1.2 suffers from a remote file inclusion vulnerability.
| | Author: | ShAy6oOoN | | File Size: | 829 | | Last Modified: | Dec 8 17:43:46 2007 |
| MD5 Checksum: | c41a75c29f802c89315fdfd8a9d0d897 |
|
| /// File Name: |
chicomas-xss.txt |
Description:
|
ChiCoMaS CMS version 2.0.4 suffers from a cross site scripting vulnerability.
| | Author: | ShAy6oOoN | | File Size: | 988 | | Last Modified: | Dec 8 17:42:35 2007 |
| MD5 Checksum: | cabc33a22259fb378200bbe89b2152aa |
|
| /// File Name: |
mpc-overflow.txt |
Description:
|
Media Player Classic version 6.4.9 MP4 stack overflow that spawns a shell on port 49152.
| | Author: | SYS 49152 | | File Size: | 5800 | | Last Modified: | Dec 8 17:36:37 2007 |
| MD5 Checksum: | b07e824571fddb46fa6ac45f05631500 |
|
| /// File Name: |
wmp-overflow.txt |
Description:
|
Windows Media Player version 6.4 MP4 stack overflow exploit that spawns a shell on port 49152.
| | Author: | SYS 49152 | | File Size: | 15276 | | Last Modified: | Dec 8 17:36:11 2007 |
| MD5 Checksum: | 95283f2c7f560eaf7ee9319127e20411 |
|
| /// File Name: |
nullsoft-overflow.txt |
Description:
|
Nullsoft Winamp MP4 tags stack overflow exploit. Tuned for version 5.32. Spawns a shell on port 49152.
| | Author: | SYS 49152 | | File Size: | 6512 | | Last Modified: | Dec 8 17:35:08 2007 |
| MD5 Checksum: | 715c0d7d777fc6bc1e246e7fb86ab62c |
|
| /// File Name: |
fireflyz.zip |
Description:
|
Firefly media Server (mt-daapd) versions 2.4.1 and below and SVN versions 1699 and below proof of concept exploit that demonstrates multiple vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | fireflyz.txt | | File Size: | 620 | | Last Modified: | Dec 7 20:22:09 2007 |
| MD5 Checksum: | f894f26ed6a203afada2cc56274fa17d |
|
| /// File Name: |
simple-traverse.txt |
Description:
|
Simple HTTPD versions 1.38 and below suffer from directory traversal and script viewing vulnerabilities. Details for exploitation provided.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | File Size: | 2316 | | Last Modified: | Dec 7 20:19:25 2007 |
| MD5 Checksum: | 9e1df2ac8d37aa7da73fd989c8cf9a32 |
|
| /// File Name: |
efsup.zip |
Description:
|
Easy File Sharing Web Server versions 4.5 and below upload directory traversal proof of concept exploit.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | efsup.txt | | File Size: | 39218 | | Last Modified: | Dec 7 20:18:01 2007 |
| MD5 Checksum: | 416f4f6626f3a06483fa8b1d4d11c396 |
|
| /// File Name: |
kvaliitti-sql.txt |
Description:
|
Kvaliitti WebDoc CMS version 3.0 is susceptible to a remote SQL injection vulnerability.
| | Author: | Jaakko "Chrysalid" Hartikainen | | File Size: | 733 | | Last Modified: | Dec 7 20:11:08 2007 |
| MD5 Checksum: | 132684c96a36b9787acbca4148b4f674 |
|
| /// File Name: |
isaa-2007-004.txt |
Description:
|
wwwstats versions 3.21 and below suffer from a persistent cross site scripting vulnerability.
| | Author: | Jesus Olmos Gonzalez | | File Size: | 3291 | | Last Modified: | Dec 7 19:39:45 2007 |
| MD5 Checksum: | b7f7aebf9320772283841e111dbcc87d |
|
| /// File Name: |
ebay-xss.txt |
Description:
|
It appears that Ebay.com may be susceptible to a cross site scripting vulnerability.
| | Author: | Fugitif | | File Size: | 1063 | | Last Modified: | Dec 7 19:32:45 2007 |
| MD5 Checksum: | e51e234b6456c22fc1e52ad16e57e4a3 |
|
| /// File Name: |
xigla-sql.txt |
Description:
|
Xigla Absolute Banner Manager version 4.0 suffers from a remote SQL injection vulnerability.
| | Author: | Joseph Pierini | | Homepage: | http://www.hackersafelabs.com/ | | File Size: | 3295 | | Last Modified: | Dec 7 19:30:16 2007 |
| MD5 Checksum: | e691e3cd9eec62151c84e59121e73e36 |
|
| /// File Name: |
onl25-xss.txt |
Description:
|
OpenNewsLetter versions 2.5 and below suffer from a cross site scripting vulnerability.
| | Author: | Manu | | File Size: | 826 | | Last Modified: | Dec 7 19:28:16 2007 |
| MD5 Checksum: | ae2f13a05da6d2c33645a3f34a4db2a0 |
|
| /// File Name: |
backdoored-bluetooth.c |
Description:
|
Local root exploit for the Bluetooth stack that is a part of Linux kernel versions below 2.6.11.5.
| | Homepage: | http://backdoored.net/ | | File Size: | 4574 | | Last Modified: | Dec 7 19:27:09 2007 |
| MD5 Checksum: | d35e87593cf1e517e7343d9981c8d1e2 |
|
| /// File Name: |
mwopen-sql.txt |
Description:
|
MWOpen E-Commerce suffers from a remote SQL injection vulnerability in leggi_comenti.asp.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1156 | | Last Modified: | Dec 7 12:44:20 2007 |
| MD5 Checksum: | 5b0a6832a26a1f55655f928e7f22557b |
|
| /// File Name: |
serweb-rfilfi.txt |
Description:
|
SerWeb versions 2.0.0 dev1 2007-02-20 and below suffer from multiple remote and local file inclusion vulnerabilities.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 420 | | Last Modified: | Dec 7 12:43:02 2007 |
| MD5 Checksum: | fe882164e8c8e9c4285283912f6bc8b6 |
|
| /// File Name: |
wppict-disclose.txt |
Description:
|
The Wordpress PictPress plugin versions 0.91 and below suffer from a remote file disclosure vulnerability.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 461 | | Last Modified: | Dec 7 12:39:56 2007 |
| MD5 Checksum: | 5fd1331960c2fc77e318b3afce656fba |
|
| /// File Name: |
ezcontents-disclosure.txt |
Description:
|
ezContents version 1.4.5 suffers from a remote file disclosure vulnerability. Exploitation details included.
| | Author: | p4imi0 | | File Size: | 497 | | Last Modified: | Dec 6 01:07:22 2007 |
| MD5 Checksum: | 9c40302d9b97ddf3245bc8ec050c7793 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
