Section: .. / 0512-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 82

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	Acidcat-bypass.txt
Description:	Several vulnerabilities in Acidcat CMS v 2.1.13 and below have been found which can be used to discover the admin credentials or download the database.
Author:	Hamid Network Security Team
Homepage:	http://hamid.ir
File Size:	1748
Last Modified:	Dec 28 21:46:38 2005
MD5 Checksum:	d683870ab3c64aa5edc3f729683b6aa5

/// File Name:	ACSSEC-2005-11-25-3.txt
Description:	FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to specially crafted XSS requests. A remote attacker could trick a user into viewing a vulnerable page which could then lead to remote compromise.
Author:	Tim Shelton
File Size:	1941
Last Modified:	Dec 28 06:25:00 2005
MD5 Checksum:	e008f66c82dc31ff0cacce9d393a4d6e

/// File Name:	AD20051202.txt
Description:	WinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
Author:	Sowhat
Homepage:	http://secway.org/
File Size:	3352
Last Modified:	Dec 3 06:40:55 2005
MD5 Checksum:	e2a03f701231a1f11975df0e44fadadb

/// File Name:	adpHashdisclose.txt
Description:	ADP Forum versions 2.0 through 2.0.3 suffers from a direct download flaw that discloses users' password hashes.
Author:	Liz0ziM
Homepage:	http://www.biyo.tk
File Size:	1194
Last Modified:	Dec 14 09:01:51 2005
MD5 Checksum:	3a4537af165b9812a28f6030875fd239

/// File Name:	ag22sql.txt
Description:	Advanced Guestbook version 2.2 suffers from a SQL injection flaw in the username variable. The SQL injection flaw for the password variable was discovered for this same version back in April of 2004.
Author:	BHST
Related Exploit:	advguest.txt"
File Size:	785
Last Modified:	Dec 26 19:50:00 2005
MD5 Checksum:	3cc8c772fdccc7a409005cb7a75c6eef

/// File Name:	alisveristrSQL.txt
Description:	Alisveristr E-Commerce is susceptible to SQL injection attacks during the login phase of usage.
Author:	B3g0k
File Size:	1018
Last Modified:	Dec 7 02:47:58 2005
MD5 Checksum:	9ba76e5ba7fdd0e4f2889d7965f9b150

/// File Name:	appfluent.txt
Description:	Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.
Author:	c0ntex
Homepage:	http://www.open-security.org
File Size:	6908
Last Modified:	Dec 14 05:21:23 2005
MD5 Checksum:	32c5b58d9d21114244ca445df9985b02

/// File Name:	AppScanQA-RemoteCodeExec-PoC.zip
Description:	Proof of concept exploit for AppScan QA versions 5.0.x that stages itself as a webserver and exploits a buffer overflow via the WWW-Authenticate header of a 401 HTTP response.
Author:	Mariano Nunez
Homepage:	http://www.cybsec.com
Related File:	cybsec-watchfire.txt
File Size:	1564
Last Modified:	Dec 18 10:56:06 2005
MD5 Checksum:	7f372648b79922c22ee027921f0bcb10

/// File Name:	arabPortalSQL.txt
Description:	Arab Portal System version 2 Beta 2 is susceptible to SQL injection attacks.
Author:	Devil-00
File Size:	2062
Last Modified:	Dec 14 08:12:40 2005
MD5 Checksum:	fb558b6b1217c312052d18162d60388d

/// File Name:	Bb_6.zip
Description:	Blackboard versions 6.3.1.424 and 6.2.3.23 (and possibly earlier versions) are susceptible to login bypass, spoofing of announcements, and proxying flaws.
Author:	dr_insane
File Size:	13454
Last Modified:	Dec 14 07:36:44 2005
MD5 Checksum:	7113f857a7b23c9e90395e557919c2c2

/// File Name:	bbs.c
Description:	SimpleBBS versions 1.1 and below remote command execution exploit.
Author:	unitedasia
File Size:	4424
Last Modified:	Dec 14 05:24:12 2005
MD5 Checksum:	153d8fadee80804f06dda5d29fad686a

/// File Name:	blog12SQL.txt
Description:	The Blog System version 1.2 is susceptible to SQL injection attacks.
Author:	vipsta
File Size:	267
Last Modified:	Dec 9 17:15:56 2005
MD5 Checksum:	9f22d03b751f8205fb13d1528e7da44e

/// File Name:	BluePIMped.diff
Description:	Patch for ussp-push that allows you to exploit the overflows discovered in the Widcomm BTStackServer.
Author:	Kevin Finisterre
Homepage:	http://www.digitalmunition.com
Related File:	BluePIMped.txt
File Size:	5992
Last Modified:	Dec 7 07:22:59 2005
MD5 Checksum:	8626543797f1b6290b90c1e8c0a180fc

/// File Name:	browserDoS.txt
Description:	Simple javascript related denial of service that primarily affects Internet Explorer. Version 6.0 was tested and stayed unresponsive for over 3 minutes. Firefox does not appear truly affected as it seems to recover although it may freeze for a short period of time.
Author:	Ziplock
File Size:	448
Last Modified:	Dec 14 06:43:26 2005
MD5 Checksum:	142b31ebaf4a6d1c5905efadfe640cc6

/// File Name:	BTGrup.txt
Description:	The BTGrup Admin WebController script is susceptible to a SQL injection attack.
Author:	khc
File Size:	172
Last Modified:	Dec 14 08:27:50 2005
MD5 Checksum:	b077a1a5be54dbc0ddd5f2155b17801d

/// File Name:	bypassXSSnuke.txt
Description:	PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
Author:	Maksymilian Arciemowicz
Homepage:	http://securityreason.com/
File Size:	6191
Last Modified:	Dec 15 07:43:20 2005
MD5 Checksum:	eb14def6f8b872d7c1f7296074010db0

/// File Name:	cerberusHelp.txt
Description:	Cerberus HelpDesk is susceptible to SQL injection and cross site scripting flaws. cerberus-gui 2.649 is affected. support-center 2.649 through 3.2.0pr2 is also affected. Full exploitation details provided.
Author:	A. Ramos
Homepage:	http://www.unsec.net
File Size:	5752
Last Modified:	Dec 27 09:31:57 2005
MD5 Checksum:	4e8068a82c40d05baeb62691157db870

/// File Name:	cijfer-ccxpl.pl.txt
Description:	Remote command execution exploit for CubeCart versions 3.0.6 and below that makes use of an input sanitization flaw in orderSuccess.inc.php.
Author:	cijfer
File Size:	3721
Last Modified:	Dec 31 10:02:57 2005
MD5 Checksum:	4657be8ac1e8639b13575ee1bf77e75c

/// File Name:	CounterDoS.c
Description:	Counter Strike 2D denial of service exploit that affects versions 0.1.0.1 and below.
Author:	Iman Karim
Homepage:	http://home.inf.fh-rhein-sieg.de/~ikarim2s/
File Size:	3615
Last Modified:	Dec 14 09:28:28 2005
MD5 Checksum:	d87083992aad727560be35d101326126

/// File Name:	dBpowerAMPv11.5.txt
Description:	BpowerAMP Music Converter v11.5 and prior local buffer overflow exploit.
Author:	fRoGGz SecuBox Labs
Homepage:	http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.html
File Size:	3420
Last Modified:	Dec 29 03:16:47 2005
MD5 Checksum:	07cdccb20d13c9120729756bbdc1d4ee

/// File Name:	Dev_15_sql_xpl.php.txt
Description:	Dev Web versions less than of equal to 1.5 'cat' SQL injection and admin MD5 password hash disclosure exploit.
Author:	rgod
Homepage:	http://rgod.altervista.org
File Size:	12762
Last Modified:	Dec 29 01:47:54 2005
MD5 Checksum:	4e8ecca6f99911710c2e7703c1042181

/// File Name:	DRZESHMS.txt
Description:	DRZES HMS is susceptible to cross site scripting and SQL injection vulnerabilities.
Author:	vipsta
File Size:	603
Last Modified:	Dec 14 05:09:35 2005
MD5 Checksum:	bcd5ac7dff7d91a3078343a35c127666

/// File Name:	EdgewallSQL.txt
Description:	Edgewall Trac version 0.9 is susceptible to a SQL injection attack due to a lack of sanity checking on the group variable.
Author:	David Maciejak
File Size:	800
Last Modified:	Dec 3 06:27:47 2005
MD5 Checksum:	7df147c2ac1998ed9869129658f50506

/// File Name:	envo.txt
Description:	eNvolution, the fork of PostNuke, is susceptible to cross site scripting and SQL injection attacks.
Author:	X1ngBox
File Size:	521
Last Modified:	Dec 14 05:43:12 2005
MD5 Checksum:	7e2a2c7faa2be90e8362a75604e36d5c

/// File Name:	excelBugs.tgz
Description:	Two Microsoft Excel xls files that demonstrate null pointer bugs.
Author:	ad
File Size:	2041
Last Modified:	Dec 28 05:56:46 2005
MD5 Checksum:	0564e730901ee39f705c3811eb423ef6