Section: .. / 0509-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 77

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	2005.1.txt
Description:	The Barracuda Spam Firewall Appliance firmware versions 3.1.17 and below suffer from directory traversal, remote command execution, and password retrieval vulnerabilities.
Author:	Francois Harvey
Homepage:	http://www.securiweb.net/wiki/Ressources/AvisDeSecurite/2005.1
File Size:	4453
Last Modified:	Sep 5 08:46:34 2005
MD5 Checksum:	b0000488614fe541cc3161be683560c0

/// File Name:	20050917-vbulletin-3.0.8.txt
Description:	vBulletin versions 3.0.9 and below suffer from multiple SQL injection, cross site scripting, and arbitrary file upload vulnerabilities. Detailed exploitation provided.
Author:	deluxe, Thomas Waldegger
File Size:	6137
Last Modified:	Sep 22 08:50:47 2005
MD5 Checksum:	a55c483d1d473d27f073633e4bc8d781

/// File Name:	aMemberPro234.txt
Description:	aMember Pro 2.3.4 is susceptible to a remote PHP file include vulnerability.
Author:	NewAngels Team
File Size:	2323
Last Modified:	Sep 7 08:22:41 2005
MD5 Checksum:	e63a88a6ec724c8692573a397772918d

/// File Name:	atutor-151.txt
Description:	ATutor 1.5.1 is susceptible to SQL injection, credential disclosure, user impersonation, and remote code execution attacks.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	4705
Last Modified:	Sep 15 05:30:49 2005
MD5 Checksum:	3fb019435285fba2fabf0dcd960c1594

/// File Name:	azdg.html
Description:	AzDGDatingLite version 2.1.3 suffers from a remote code execution flaw due to a directory traversal.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	19312
Last Modified:	Sep 13 10:46:42 2005
MD5 Checksum:	240dc062a583983bde341cf9a5bff488

/// File Name:	chitchat.html
Description:	Cyber-Cats ChitChat 2.0 permits cross site scripting attacks, allows for user launched attacks, permits insecure file deletion, and suffers from other vulnerabilities.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	2953
Last Modified:	Sep 5 09:17:13 2005
MD5 Checksum:	f266a7158672df8a2cac3d031bd26c58

/// File Name:	cirt-37-advisory.pdf
Description:	TAC Vista version 3.0 is susceptible to a directory traversal vulnerability. Exploitation details provided.
Author:	Dennis Rand
Homepage:	http://www.cirt.dk/
File Size:	268783
Last Modified:	Sep 22 08:44:26 2005
MD5 Checksum:	0d5c93a833de403288cd99c2d07eafff

/// File Name:	cjXSS.txt
Description:	CjTagBoard 3.0, CjLinkOut 1.0, and CjWeb2Mail 3.0 all suffer from an excessive amount of cross site scripting flaws. Example exploitation provided.
Author:	Psymera
File Size:	5357
Last Modified:	Sep 13 09:40:16 2005
MD5 Checksum:	7d1b9d785f7d758fb684fbace584702b

/// File Name:	class1.html
Description:	Class-1 Forum version 0.24.4 SQL injection and remote code execution proof of concept exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	17670
Last Modified:	Sep 8 09:46:26 2005
MD5 Checksum:	f905604086859d4e72ea47fb9568dbaa

/// File Name:	CMS010.txt
Description:	CMS Made Simple versions 0.10 and below suffer from a PHP injection vulnerability.
Author:	Filip Groszynski
File Size:	1809
Last Modified:	Sep 1 08:48:55 2005
MD5 Checksum:	f97d86241624e32246c09b339bd09cd6

/// File Name:	cmsXSS.txt
Description:	CMS Made Simple 0.10 is susceptible to a cross site scripting attack.
Author:	x1ng
File Size:	434
Last Modified:	Sep 26 07:07:55 2005
MD5 Checksum:	af9cd509dd4e0c9de4f5b49ce90ecd54

/// File Name:	commbankXSS.txt
Description:	A cross site scripting flaw exists in the Commonwealth Bank of Australia's web site.
Author:	Calum Power
File Size:	3995
Last Modified:	Sep 14 09:01:49 2005
MD5 Checksum:	2896835c00a1efef82aba36e33f51662

/// File Name:	contentServ.txt
Description:	The ContentServ CMS allows for remote file disclosure. Exploitation details provided.
Author:	qobaiashi
File Size:	1559
Last Modified:	Sep 26 07:32:52 2005
MD5 Checksum:	932b8ac4713feab27795b6e0420a24f4

/// File Name:	cpanel-9x_RCE.c
Description:	Exploit for cPanel versions below and equal to 9x that takes advantage of a remote command execution vulnerability.
Author:	lympex
Homepage:	http://l-bytes.ne
File Size:	2660
Last Modified:	Sep 1 08:14:21 2005
MD5 Checksum:	b3cb28851cd689683bd079e8f6b054e4

/// File Name:	cubecart-3.0.3.txt
Description:	CubeCart 3.0.3 contains a flaw that allows a remote cross site scripting attack. Exploitation provided.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/2005/09/
File Size:	7126
Last Modified:	Sep 29 05:43:04 2005
MD5 Checksum:	d724af0688649985edd7703faad60ed9

/// File Name:	cutenxpl.php.txt
Description:	CuteNews version 1.4.0 remote code execution exploit. Earlier versions may also be susceptible. Flaw makes use of a lack of user input sanitization.
Author:	rgod
Homepage:	http://rgod.altervista.org/
File Size:	10303
Last Modified:	Sep 22 08:47:34 2005
MD5 Checksum:	7847b9e293a7818da7fa661313f9ec6e

/// File Name:	cybsecApps.txt
Description:	Multiple vendor web scanning utilities suffer from script injection vulnerabilities. These include N-Stealth Commercial Edition versions below 5.8.0.38, N-Stealth Free Edition versions below 5.8.1.03, and Nikto versions 1.35 and below.
Author:	mnunez
Homepage:	http://www.cybsec.com
File Size:	3079
Last Modified:	Sep 5 08:48:37 2005
MD5 Checksum:	7d45be9fc959f3bd67d24fc2fd803a96

/// File Name:	dl-cups.c
Description:	CUPs 1.x denial of service exploit.
Author:	tracewar
File Size:	1979
Last Modified:	Sep 7 09:06:03 2005
MD5 Checksum:	b650d33eba4a186d7579dee6006ffd21

/// File Name:	dl-mancgi.c
Description:	Man-cgi/Man2web/ManView remote command execution exploit. Tested against Man-cgi 1.11. All versions are affected.
Author:	tracewar
File Size:	4900
Last Modified:	Sep 7 09:07:32 2005
MD5 Checksum:	85812cee9ec0565cb9e394e09991259d

/// File Name:	dscribe14.txt
Description:	Digital Scribe version 1.4 is susceptible to login bypass, SQL injection, and remote code execution attacks. Exploitation details provided.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	1136
Last Modified:	Sep 22 07:51:33 2005
MD5 Checksum:	c63d5f2b1a2f1b12dbceb514c02f086b

/// File Name:	efriends.txt
Description:	AlstraSoft E-Friends is susceptible to a remote command execution flaw. Details provided.
Author:	khc
File Size:	1299
Last Modified:	Sep 26 06:48:33 2005
MD5 Checksum:	c44bd751fc3d504fe3d73034311b7bad

/// File Name:	EXPL-A-2005-014.txt
Description:	Perldiver versions 1.x and 2.x suffer from cross site scripting flaws.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	2167
Last Modified:	Sep 23 08:29:49 2005
MD5 Checksum:	f972471c8c7a2fe83c55efcb0fab0724

/// File Name:	filezillaWeak.txt
Description:	The FileZilla client stores passwords using a weak XOR 'encryption'. The value of the cipher key is static and can be found in the source code. This vulnerability has been successfully tested on versions 2.2.14b and 2.2.15. However, it is suspected that most previous versions are also affected.
Author:	Adrian Pastor
Homepage:	http://www.ikwt.com
File Size:	7849
Last Modified:	Sep 5 09:01:17 2005
MD5 Checksum:	b691adde53fbe91eb1abc1c237557b2d

/// File Name:	flat256enENa2.txt
Description:	Flatnuke 2.5.6 enENa2 and possibly prior versions suffer from an information disclosure vulnerability allowing a malicious user to monitor forum traffic and gather information about other users.
Author:	rgod
Homepage:	http://rgod.altervista.org/flat256enENa2.html
File Size:	1808
Last Modified:	Sep 1 05:02:25 2005
MD5 Checksum:	568d58fe1ec06625d99233a0b838e4f5

/// File Name:	flatnuke256.txt
Description:	FlatNuke version 2.5.6 suffers from directory traversal, cross site scripting, and path disclosure flaws. Detailed exploitation provided.
Author:	rgod
Homepage:	http://www.rgod.altervista.org/
File Size:	1094
Last Modified:	Sep 1 08:18:47 2005
MD5 Checksum:	ef2acec961bba663e45f93a3be00e275