Section: .. / 0902-exploits /

Page 1 of 10
<< 1 2 3 4 5 6 7 8 9 10 >> Files 1 - 25 of 246

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	openxclient-xss.rar
Description:	OpenX version 2.6.3 clientid parameter cross site scripting vulnerability details with screen shots.
Author:	Vinod Sharma
File Size:	455332
Last Modified:	Feb 16 16:19:59 2009
MD5 Checksum:	f50403eabd97f35a33805cfcce0572b4

/// File Name:	openxorderdir-xss.rar
Description:	OpenX version 2.6.3 orderdirection and listorder parameter cross site scripting vulnerability details with screen shots.
Author:	Vinod Sharma
File Size:	334935
Last Modified:	Feb 16 16:20:00 2009
MD5 Checksum:	89954169073bd957c07d216727cddee7

/// File Name:	barracuda-xss.pdf
Description:	The Barracuda Load Balancer suffers from a cross site scripting vulnerability in the administrative login page.
Author:	Jan Skovgren
Homepage:	http://www.fortconsult.net/
File Size:	174379
Last Modified:	Feb 13 13:50:07 2009
MD5 Checksum:	7369ef6a44e90d589121bb9f3af20169

/// File Name:	kaspersky_klim5_plugin.zip
Description:	KIS 2008 and Kaspersky AntiVirus for Workstations local privilege escalation exploit for Klim5.sys.
Author:	Ruben Santamarta
Homepage:	http://www.wintercore.com/
Related File:	advisory_W020209.txt
File Size:	150671
Last Modified:	Feb 2 17:25:16 2009
MD5 Checksum:	8560d920fbeed67cfe99edaee9879e3a

/// File Name:	falt4-cms-xsrf.txt
Description:	Falt4 Extreme RC4,10.9.2007 CMS cross site request forgery exploit.
Author:	d14l,marcoj
File Size:	34126
Last Modified:	Feb 15 15:05:42 2009
MD5 Checksum:	5d1b7404c5adecf86f2a6fabef7b4c2d

/// File Name:	phpslash-exec.txt
Description:	phpslash versions 0.8.1.1 and below remote code execution exploit.
Author:	DarkFig
File Size:	19708
Last Modified:	Feb 2 17:35:04 2009
MD5 Checksum:	5bf054f40b42907a6bb958d33389c0e6

/// File Name:	w3bcms350-sql.txt
Description:	w3bcms versions 3.5.0 and below insecure cookie handling and multiple SQL injection vulnerabilities exploit.
Author:	DNX
File Size:	16301
Last Modified:	Feb 9 17:26:59 2009
MD5 Checksum:	cb85129d4696dbf4e4174f2fac7afe4c

/// File Name:	laniuscms-xsrf.txt
Description:	Lanius CMS version 0.5.1 cross site request forgery exploit.
Author:	d14l,marcoj
File Size:	15043
Last Modified:	Feb 10 14:29:49 2009
MD5 Checksum:	85e97b1e99559bda5aa54df579dfb1a6

/// File Name:	orbit_expl.c
Description:	Orbit Downloader version 2.8.5 malformed URL buffer overflow exploit that spawns calc.exe, can add a user, or binds a shell to port 4444.
Author:	fl0 fl0w
Homepage:	http://fl0-fl0w.docspages.com/
File Size:	14749
Last Modified:	Feb 6 15:14:38 2009
MD5 Checksum:	9976a6947102d797f095d9e2725bb481

/// File Name:	demiumcms-lfisqldisclose.txt
Description:	Demium CMS version 0.2.1 Beta suffers from local file inclusion, remote SQL injection, and file disclosure vulnerabilities. Full exploits included that perform local file inclusion and remote command execution leveraging both local file inclusion and SQL injection.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	12591
Last Modified:	Feb 27 13:32:53 2009
MD5 Checksum:	dedbbf1523962b4b8c21b7c057b3cca1

/// File Name:	simo36-dbpoweramp.c
Description:	dBpowerAMP Audio Player local buffer overflow exploit that spawns a shell on port 7777.
Author:	SimO-s0fT
Related Exploit:	dbpoweramp2-overflow.txt
File Size:	10890
Last Modified:	Feb 5 14:29:03 2009
MD5 Checksum:	db6fcad05c5152ed97685d2aedf84eea

/// File Name:	bloggeruniverse-sqlexec.txt
Description:	Remote exploit for Bloggeruniverse version 2Beta that uses SQL injection to extract administrative credentials, file disclosure, and remote command execution.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	9645
Last Modified:	Feb 11 15:32:59 2009
MD5 Checksum:	60e3afe8f1b475454c68d1ca1e5fe093

/// File Name:	cmsfaethon-sql.txt
Description:	CmsFaethon version 2.2.0 SQL injection and command execution exploit using info.php.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	9399
Last Modified:	Feb 13 17:38:02 2009
MD5 Checksum:	1f464817a8485f5ffed6af1699f8d0da

/// File Name:	fluorinecms-sqlexec.txt
Description:	Fluorine CMS version 0.1 RC 1 remote command execution exploit that makes use of SQL injection and file disclosure vulnerabilities.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	9358
Last Modified:	Feb 10 16:41:52 2009
MD5 Checksum:	68213bbc346ce20b7bff6b264fd70c12

/// File Name:	inselphoto-sql.txt
Description:	Remote exploit for InselPhoto version 1.1 that uses SQL injection to extract administrative credentials and perform file disclosure.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	8986
Last Modified:	Feb 11 19:12:42 2009
MD5 Checksum:	9485113303038cc26a5c486fd835a78d

/// File Name:	ppim-xssexecsql.txt
Description:	pPIM version 1.0 suffers from a large amount of security issues including cross site scripting, SQL injection, authentication bypass, password disclosure, and code execution vulnerabilities.
Author:	Justin C. Klein Keane
File Size:	8920
Last Modified:	Feb 24 20:04:36 2009
MD5 Checksum:	4d9df5cf8c5353a7a18b661ad0f7567e

/// File Name:	graugon-sql.txt
Description:	Graugon Forum version 1 remote SQL command injection exploit.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	8617
Last Modified:	Feb 20 14:18:40 2009
MD5 Checksum:	94358fc96abd672a3d5c83e715c4b74f

/// File Name:	pyrophobia-lfiexec.txt
Description:	Pyrophobia version 2.1.3.1 command execution exploit that leverages local file inclusion.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	8180
Last Modified:	Feb 23 16:54:32 2009
MD5 Checksum:	b08fed61f8a7c0df1e24a6b81124c292

/// File Name:	hedgedog-lfioverwrite.txt
Description:	Hedgedog CMS version 1.21 remote command execution exploit that performs an arbitrary overwrite. It also notes a local file inclusion vulnerability.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	7988
Last Modified:	Feb 9 19:22:33 2009
MD5 Checksum:	f337b7021a6a29104bf319ed7b6155d0

/// File Name:	fas-lfiexec.txt
Description:	Free Arcade Script version 1.0 command execution exploit that leverages local file inclusion.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	7954
Last Modified:	Feb 23 16:50:42 2009
MD5 Checksum:	ff27d0ddc50120ada1dd17fab69d5260

/// File Name:	blogwrite-sql.txt
Description:	BlogWrite version 0.91 remote file disclosure and remote SQL injection exploit.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	7859
Last Modified:	Feb 13 17:33:25 2009
MD5 Checksum:	21bc1d9325604ebea7901195a2df5345

/// File Name:	waraxe-2009-SA072.txt
Description:	RavenNuke version 2.3.0 suffers from multiple code execution and SQL injection vulnerabilities.
Author:	Janek Vind aka waraxe
Homepage:	http://www.waraxe.us/
File Size:	6947
Last Modified:	Feb 16 16:29:16 2009
MD5 Checksum:	ba986b0ac645ca6c541bcc20a131d516

/// File Name:	uwimap-format.txt
Description:	University of Washington IMAP c-client remote format string exploit.
Author:	Faryad Rahmany
Homepage:	http://rahmany.net/
File Size:	6667
Last Modified:	Feb 19 23:45:44 2009
MD5 Checksum:	54dfb315e6f5dccced2c4993303e4f44

/// File Name:	phpbbbook-lfi.txt
Description:	PHPbbBook version 1.3 local file inclusion exploit that leverages bbcode.php.
Author:	Osirys
Homepage:	http://osirys.org/
File Size:	6037
Last Modified:	Feb 4 13:43:52 2009
MD5 Checksum:	491da8eeaad69de9e1096d41075bc276

/// File Name:	fdm-overflow.txt
Description:	Free Download Manager versions 3.0 Build 844 and below buffer overflow exploit that creates a malicious .torrent file.
Author:	SkD
File Size:	5778
Last Modified:	Feb 3 16:11:10 2009
MD5 Checksum:	d4fecceb8d30b229fd1abce4e45ac911