Section: .. / 0601-exploits /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 138

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	2005-23-12-brainsquad-team-cms.txt
Description:	The CMS system from brainsquad-team suffers from a cross site scripting vulnerability in the user profile section and also may be susceptible to SQL injection attacks.
Author:	yorn
File Size:	1353
Last Modified:	Jan 9 19:27:12 2006
MD5 Checksum:	b304061cc1e355228534d3d9cd8b9988

/// File Name:	20051228.ie_xp_pfv_metafile.pm
Description:	Perl module which exploits the WMF SetAbortProc in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code and was reported to the Bugtraq mailing list after being discovered in the wild at the following URL: http://unionseek[DOT]com/d/t1/wmf_exp.htm. Unofficial patch here.
Author:	H D Moore
Homepage:	http://www.metasploit.com
File Size:	50586
Last Modified:	Jan 4 20:50:37 2006
MD5 Checksum:	3260de4f252b0eff3a96c08dcbf37c99

/// File Name:	20051231.ie_xp_pfv_metafile.pm
Description:	Microsoft Windows Metafile (WMF) SetAbortProc remote code execution exploit which takes advantage of a vulnerability in the GDI library by using the 'Escape' metafile function to execute arbitrary code through the SetAbortProc procedure. Tested against Windows XP and 2003.
Author:	H D Moore, San, O600KO78RUS
Homepage:	http://www.metasploit.com
Related File:	WMFHotfix-1.4.msi
File Size:	6170
Last Modified:	Jan 4 20:35:47 2006
MD5 Checksum:	d3193306031cf79a65054de5ec58c6f7

/// File Name:	adv20060116.txt
Description:	phpXplorer version 0.9.33 is susceptible to a classic directory traversal attack.
Author:	Oriol Torrent Santiago
File Size:	1100
Last Modified:	Jan 22 00:52:49 2006
MD5 Checksum:	9409f34c07ef0adb602d6742c40dbcc0

/// File Name:	aimXSS.txt
Description:	Various America Online (AOL) Instant Messenger scripts are susceptible to cross site scripting attacks. Full details provided.
Author:	Simo Ben youssef
Homepage:	http://www.morx.org
File Size:	3898
Last Modified:	Jan 10 05:16:28 2006
MD5 Checksum:	0cae6bfe595f539866fb1e2ad8801e0d

/// File Name:	alstrasoftXSS.txt
Description:	AlstraSoft Template Seller Pro is susceptible to cross site scripting attacks.
Author:	Night_Warrior
File Size:	291
Last Modified:	Jan 21 07:19:33 2006
MD5 Checksum:	09bbcbb65ca8895a4a794ae450dc91ad

/// File Name:	aolXSS.txt
Description:	Various America Online (AOL) scripts are susceptible to cross site scripting attacks. Full details provided.
Author:	Simo Ben youssef
Homepage:	http://www.morx.org
File Size:	2814
Last Modified:	Jan 10 05:15:50 2006
MD5 Checksum:	7d3ea91b1319f5e39eac2a703642365b

/// File Name:	ar-blogv5.2.txt
Description:	ar-blog v 5.2 suffers from several XSS vulnerabilities.
Author:	SAUDI
Homepage:	http://www.lezr.com
File Size:	576
Last Modified:	Jan 25 08:34:47 2006
MD5 Checksum:	87c39c8b95c824b042532ce88fb64d1c

/// File Name:	ASPThaiSQL.txt
Description:	ASPThai Forums version 8.0 and below suffer from a SQL injection vulnerability.
Author:	iM4n
Homepage:	http://www.imanonline.com
File Size:	838
Last Modified:	Jan 29 23:12:02 2006
MD5 Checksum:	e8f7c37fa0929da667774c0643413fd7

/// File Name:	BitCometURI.c
Description:	A vulnerability in BitComet allows remote attackers to construct a special .torrent file and put it on any BitTorrent publishing web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary code on victims' host by specially crafted .torrent file.
Author:	nick58
File Size:	2441
Last Modified:	Jan 27 08:10:04 2006
MD5 Checksum:	14470abea96e7bf3ad397bff3fa16165

/// File Name:	CAN-2005-3187_exploit.pl.txt
Description:	Simple denial of service exploit for Blue Coat Systems Inc.'s WinProxy that will cause the server to crash when sent 32,768 bytes.
Author:	FistFuXXer
Related File:	01.05.06-1.txt
File Size:	729
Related CVE(s):	CAN-2005-3187
Last Modified:	Jan 8 06:52:13 2006
MD5 Checksum:	d3e9e76887d418de63793cc25b3632db

/// File Name:	CAN-2005-4085_exploit.pl.txt
Description:	Remote exploit that makes use of a buffer overflow vulnerability in the Host: string sent to Blue Coat Systems Inc.'s WinProxy. Successful exploitation binds a shell on tcp port 4444.
Author:	FistFuXXer
Related File:	01.05.06-2.txt
File Size:	2917
Related CVE(s):	CAN-2005-4085
Last Modified:	Jan 8 06:55:47 2006
MD5 Checksum:	f4d52f7a8622879b4bfb2f3b61a9c7a3

/// File Name:	cerberus_232_dos_remote_xpl.c
Description:	Cerberus FTP server versions 2.32 and below remote denial of service exploit.
Author:	tcvh, Pi3cH
Homepage:	http://www.kapda.ir
File Size:	4099
Last Modified:	Jan 21 21:49:52 2006
MD5 Checksum:	55ec6bbad1395822c916feace1ed71e7

/// File Name:	CheesyBlog-1.0.txt
Description:	CheesyBlog v1.0 does not properly sanitize user input leading to script injection bugs in archive.php
Author:	Aliaksandr Hartsuyeu
Homepage:	http://evuln.com/vulns/49/summary.html
File Size:	890
Last Modified:	Jan 26 11:18:18 2006
MD5 Checksum:	4aef61c6c3b655a60ee98ff2e932e064

/// File Name:	CheesyBlogXSS.txt
Description:	CheesyBlog v1.0 suffers from XSS POC included.
Author:	Aliaksandr Hartsuyeu
Homepage:	http://evuln.com/vulns/49/summary.html
File Size:	1051
Last Modified:	Jan 27 08:33:09 2006
MD5 Checksum:	4c99966395f822899bd2f9a275d6582e

/// File Name:	cijfer-cnxpl.pl.txt
Description:	CuteNews versions 1.4.1 and below remote command execution exploit.
Author:	cijfer
File Size:	4283
Last Modified:	Jan 3 04:00:19 2006
MD5 Checksum:	9cbbd77a8e6c1ac666176d216b180652

/// File Name:	cijfer-mnxpl.pl.txt
Description:	Magic News Plus versions 1.0.3 and below remote administrative password changing exploit.
Author:	cijfer
File Size:	2586
Last Modified:	Jan 10 06:19:06 2006
MD5 Checksum:	666a953c3a41152b27c593aa367262b4

/// File Name:	cijfer-vsczpl.pl.txt
Description:	Valdersoft Shopping Cart versions 3.0 and below remote command execution exploit.
Author:	cijfer
File Size:	3120
Last Modified:	Jan 4 06:14:35 2006
MD5 Checksum:	1334d876f1f971b86d5eeb002c43ead9

/// File Name:	CiscoPhoneDos.pl.txt
Description:	Cisco IP Phone 7940 remote denial of service exploit that causes it to reboot.
Author:	kokanin
File Size:	748
Last Modified:	Jan 11 07:22:42 2006
MD5 Checksum:	70757991e3add734d943889b6c0a6d52

/// File Name:	ciskill.c
Description:	Cisco Aironet wireless access point ARP replies remote denial of service exploit. Takes advantage of the flaw originally discovered by Eric Smith.
Author:	Pasv
Related File:	cisco-sa-20060112-wireless.txt
File Size:	2870
Last Modified:	Jan 30 09:56:00 2006
MD5 Checksum:	629b072695b012fb13d8be7b7386d0aa

/// File Name:	Critical-006.txt
Description:	Critical Security - 22:03 2006.01.19 - Tftpd32 2.81 Format String + DoS PoC
Author:	Critical Security
Homepage:	http://www.critical.lt
File Size:	1227
Last Modified:	Jan 25 09:17:13 2006
MD5 Checksum:	bf21480dd37e3cf8eacfc12738f2255a

/// File Name:	cubecartXSS.txt
Description:	CubeCart version 3.0.7-p11 is susceptible to multiple cross site scripting flaws.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	4230
Last Modified:	Jan 22 01:05:49 2006
MD5 Checksum:	2b95fbc1a0ca0c7303f48d0beaa41035

/// File Name:	cybershopSQL.txt
Description:	CyberShop is susceptible to SQL injection attacks via the login sequence.
Author:	Night_Warrior
File Size:	290
Last Modified:	Jan 8 06:04:34 2006
MD5 Checksum:	9709be0980f44d10901219d6ed7e7225

/// File Name:	dcpXSS.txt
Description:	DCP Portal is susceptible to cross site scripting.
Author:	Night_Warrior
File Size:	302
Last Modified:	Jan 21 08:16:24 2006
MD5 Checksum:	3c522eddab2a4bc31ba3e47ac879d5c1

/// File Name:	ddsnSQL.txt
Description:	DDSN is susceptible to SQL injection attacks via the login sequence.
Author:	khc
File Size:	739
Last Modified:	Jan 21 08:17:12 2006
MD5 Checksum:	f20b868cba46e9332a90e1c8e440d970