Section: .. / 0801-exploits /
| /// File Name: |
simple-xss.txt |
Description:
|
Simple Machines Forum suffers from a cross site scripting vulnerability.
| | Author: | DoZ | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 835 | | Last Modified: | Jan 10 03:51:16 2008 |
| MD5 Checksum: | 806fb76982db730b41972308447e55f9 |
|
| /// File Name: |
msrtc-insecure.txt |
Description:
|
Microsoft Rich Textbox Control version 6.0 (SP6) SaveFile() insecure method exploit.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1807 | | Last Modified: | Jan 10 03:48:55 2008 |
| MD5 Checksum: | 20bf0322089d0d507d6aea6f9b908f49 |
|
| /// File Name: |
msfox-vfp6r.txt |
Description:
|
Microsoft FoxServer ActiveX command execution exploit that makes use of vfp6r.dll version 6.0.8862.0.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1080 | | Last Modified: | Jan 10 03:47:08 2008 |
| MD5 Checksum: | 052d0c8ec874cf6887584523c1a23d00 |
|
| /// File Name: |
domphp-admin.txt |
Description:
|
DomPHP versions 0.81 and below remote add administrator exploit.
| | Author: | j0j0 | | File Size: | 8488 | | Last Modified: | Jan 10 03:36:36 2008 |
| MD5 Checksum: | 50034623ab2708b9b329d6da333fcc8e |
|
| /// File Name: |
docebo-exec.txt |
Description:
|
Docebo versions 3.5.0.3 and below command execution exploit that makes use of lib.regset.php.
| | Author: | EgiX | | File Size: | 4688 | | Last Modified: | Jan 10 03:34:59 2008 |
| MD5 Checksum: | 1cdbe2343ef0f75ecc0b82e8aa16725a |
|
| /// File Name: |
webquest-db.txt |
Description:
|
PHP Webquest version 2.6 suffers from a vulnerability that allows for database credential extraction.
| | Author: | MhZ91 | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1466 | | Last Modified: | Jan 10 03:25:37 2008 |
| MD5 Checksum: | e00c6a28288f6dd4fa267acdcd7e7486 |
|
| /// File Name: |
upload-change.txt |
Description:
|
UploadImage version 1.0 and UploadScript version 1.0 remote change admin password exploit.
| | Author: | Dj7xpl | | Homepage: | http://nobody.ir/ | | File Size: | 3579 | | Last Modified: | Jan 10 03:23:56 2008 |
| MD5 Checksum: | 0c5379460f2d8c589a3fd0ddb8622b18 |
|
| /// File Name: |
osdata-lfi.txt |
Description:
|
The Php121 module in osData version 2.08 and below suffer from a local file inclusion vulnerability.
| | Author: | Cold z3ro | | Homepage: | http://www.hack-teach.com/ | | File Size: | 1463 | | Last Modified: | Jan 10 03:21:53 2008 |
| MD5 Checksum: | f2187d2d3c591ef8417162bf428d499d |
|
| /// File Name: |
sapone.zip |
Description:
|
Remote exploit for SAP MaxDB versions 7.6.03 build 007 and below which suffer from a pre-authentication remote code execution vulnerability. Launches cmd.exe.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | sapone.txt | | File Size: | 8941 | | Last Modified: | Jan 9 13:21:31 2008 |
| MD5 Checksum: | aaac074fd56fd46ab2c8f96970e4fa1c |
|
| /// File Name: |
DSECRG08-001.txt |
Description:
|
Tuned Studios Templates suffer from a local file inclusion vulnerability in index.php.
| | Author: | Sh2kerr,Stas Svistunovich | | Homepage: | http://www.dsec.ru/ | | File Size: | 1967 | | Last Modified: | Jan 9 13:16:21 2008 |
| MD5 Checksum: | 6e988cba5c3d9e0dfdab65521a64f961 |
|
| /// File Name: |
weblaunch-insecure.txt |
Description:
|
Gateway Weblaunch ActiveX control insecure method exploit.
| | Author: | Elazar Broad | | File Size: | 908 | | Last Modified: | Jan 9 01:42:50 2008 |
| MD5 Checksum: | b3a117d32c0791f1cd5d75e16646e81e |
|
| /// File Name: |
move-overwrite.txt |
Description:
|
Move Networks Quantum Streaming player SEH overwrite exploit that spawns calc.exe.
| | Author: | Elazar Broad | | File Size: | 3119 | | Related CVE(s): | CVE-2007-4722 | | Last Modified: | Jan 9 01:41:32 2008 |
| MD5 Checksum: | 97e369f1acd1cf342ca475a18cbb3655 |
|
| /// File Name: |
sami-overflow.txt |
Description:
|
Microsoft DirectX SAMI file parsing remote stack overflow exploit that binds a shell to port 4444.
| | Author: | Matteo Memelli | | Homepage: | http://be4mind.com/ | | File Size: | 4246 | | Last Modified: | Jan 9 01:40:02 2008 |
| MD5 Checksum: | 868705bc90701375ac09387da9a96f8a |
|
| /// File Name: |
webquest-sql.txt |
Description:
|
PHP Webquest version 2.6 remote SQL injection exploit.
| | Author: | ka0x | | File Size: | 1503 | | Last Modified: | Jan 9 01:38:14 2008 |
| MD5 Checksum: | 3d3b136eccaaf3a5c2ca08b4898dfe21 |
|
| /// File Name: |
joomla1013-csrf.txt |
Description:
|
Joomla! versions 1.0.13 and below suffer form cross site request forgery vulnerabilities. Exploit included that will force an administrator to add a user upon a simple page view.
| | Author: | J. Carlos Nieto | | File Size: | 2933 | | Last Modified: | Jan 8 15:39:12 2008 |
| MD5 Checksum: | e1a7b37ae32dacb651466b3e5aac7ec3 |
|
| /// File Name: |
evilboard-sqlxss.txt |
Description:
|
EvilBoard version 0.1a suffers from remote SQL injection and cross site scripting vulnerabilities.
| | Author: | seaofglass | | File Size: | 815 | | Last Modified: | Jan 8 12:12:05 2008 |
| MD5 Checksum: | c529facaf09ea9c50efd4e755e7cfe4d |
|
| /// File Name: |
zerocms-sql.txt |
Description:
|
Zero CMS versions 1.0 Alpha and below suffer from arbitrary upload and remote SQL injection vulnerabilities.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 3841 | | Last Modified: | Jan 8 12:11:00 2008 |
| MD5 Checksum: | f800577c4ce58c64da79f108ee81bff0 |
|
| /// File Name: |
smallnuke-sql.txt |
Description:
|
SmallNuke versions 2.0.4 and below password recovery remote SQL injection exploit.
| | Author: | Eugene Minaev | | Homepage: | http://itdefence.ru/ | | File Size: | 5794 | | Last Modified: | Jan 8 12:09:10 2008 |
| MD5 Checksum: | c12f052e8e4031623f7a2262f4756f63 |
|
| /// File Name: |
syshotelonline-disclose.txt |
Description:
|
sysHotel Online suffers from a remote file disclosure vulnerability.
| | Author: | p4imi0 | | File Size: | 419 | | Last Modified: | Jan 8 12:04:15 2008 |
| MD5 Checksum: | c84e021c28bd1406ebb6e48cb8babf5c |
|
| /// File Name: |
levelone-root.txt |
Description:
|
The Level-One WBR-3460A firmware versions 1.00.11 and 1.00.12 suffer from a remote root compromise vulnerability due to unrestricted access via telnetd.
| | Author: | Anastasios Monachos | | File Size: | 6262 | | Last Modified: | Jan 8 11:54:52 2008 |
| MD5 Checksum: | e6cd692180e1b1c7473e52022086d9d9 |
|
| /// File Name: |
apache-mod-rewrite.rb.txt |
Description:
|
Apache mod_rewrite escape_absolute_uri() off-by-one buffer overflow Metasploit exploit module. This affects Apache versions 1.3.28 through 1.3.36, 2.0.46 through 2.0.58, and 2.2.1 through 2.2.2.
| | Author: | Marcin Kozlowski | | File Size: | 2052 | | Related OSVDB(s): | 27588 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Jan 7 18:37:17 2008 |
| MD5 Checksum: | e71e56d7bfd5e229f331137228932628 |
|
| /// File Name: |
CORE-2007-1106.txt |
Description:
|
Core Security Technologies Advisory - The vdccm daemon from SynCE version 0.92 is susceptible to a remote command injection vulnerability. Proof of concept code included.
| | Author: | Alfredo Ortega,Oren Isacson | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 5751 | | Last Modified: | Jan 7 16:02:07 2008 |
| MD5 Checksum: | 1655c1e06c6c7900d54c01c00c885bc4 |
|
| /// File Name: |
mds-disclose.txt |
Description:
|
Million Dollar Script version 2.0.14 suffers from a remote file disclosure vulnerability.
| | Author: | p4imi0 | | File Size: | 431 | | Last Modified: | Jan 7 14:37:34 2008 |
| MD5 Checksum: | 33d4b7f295af4c9fb4e21c85654740be |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
