exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2008-02-04

bcoosexoops-xss.txt
Posted Feb 4, 2008
Authored by Lostmon | Site lostmon.blogspot.com

Both the bcoos and E-xoops DevTracker modules are susceptible to cross site scripting vulnerabilities. This affects bcoos versions 1.1.11 and below and E-xoops versions 1.0.8 and below.

tags | exploit, vulnerability, xss
SHA-256 | 56a4017c3ed128a7c52f8d1156b3dbe6dfd8db53e3a8f49bc12d1f2bc0a0032f
DSECRG-08-011.txt
Posted Feb 4, 2008
Authored by Sh2kerr, Stas Svistunovich | Site dsecrg.com

The Astrosoft HelpDesk suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 00aaa7003b5c87c0f4cfeb8ed2f7c57eb1e3b09425bf786fa2a121fa15dd964d
DSECRG-08-010.txt
Posted Feb 4, 2008
Authored by Sh2kerr, Stas Svistunovich | Site dsecrg.com

The VHD Web Pack version 2.0 suffers from a local file inclusion vulnerability.

tags | exploit, web, local, file inclusion
SHA-256 | 107242477b6b45e261592199e221ddc424dec6d7d5de2b30d2a4db308bea3c5a
DSECRG-08-009.txt
Posted Feb 4, 2008
Authored by Sh2kerr, Stas Svistunovich | Site dsecrg.com

XOOPS version 2.0.18 suffers from local file inclusion and URL redirection vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 8f42f84a90e90b1cae89742c4acbc0a7a2ba57af29dc3d16398f81bae0c7f29e
DSECRG-08-008.txt
Posted Feb 4, 2008
Authored by Sh2kerr, Stas Svistunovich | Site dsecrg.com

Txp CMS version 4.0.5 suffers from denial of service and cross site scripting vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
SHA-256 | 2fdd84f0f08dccc171b4b663b4751aba2d0763cf7b9d357f90d9a9c425e23b32
Secunia Security Advisory 28774
Posted Feb 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Crackers_Child has reported a vulnerability in Domain Trader, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 8c7fa91464b57e6e3ba54aa31a4c8218a0e2259fcbc75b449257a440503d9302
iDEFENSE Security Advisory 2008-01-31.2
Posted Feb 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. The set-uid root "onedcu" command requires six parameters to be specified when it is executed. The second parameter is a "Trace" file that this program will open and write to with elevated privileges.

tags | advisory, local, root
advisories | CVE-2008-0368
SHA-256 | 08217f2a8fc5c50d43f66264243c431eefac2ede9e8e0b4d147be9d0edb86f3e
iDEFENSE Security Advisory 2008-01-31.1
Posted Feb 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. When the SQLIDEBUG environment variable is set, several set-uid binaries will log debugging information to the specified file. iDefense confirmed the existence of this vulnerability in IBM Corp.'s Informix Dynamic Server version 10.00 UC6TL installed on a Linux system. Other versions are also suspected as vulnerable. Versions for other supported Unix systems should also be considered vulnerable.

tags | advisory, local, root
systems | linux, unix
advisories | CVE-2008-0369
SHA-256 | f2864fc19e93a164fbc79f6bd51e58cf26ac30861f82d244ac1f12a20cee48e9
Core Security Technologies Advisory 2007.1218
Posted Feb 4, 2008
Authored by Core Security Technologies, Damian Frizza, Alfredo Ortego | Site coresecurity.com

Core Security Technologies Advisory - The MPlayer package is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers. The vulnerability is due to MPlayer not properly sanitizing certain tags on a FLAC file before using them to index an array on the stack. This can be exploited to execute arbitrary commands by opening a specially crafted file.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-0486
SHA-256 | 4f26f825d9d87a14dfee920c490ae23831e4808a1935ecb75aa6972cd2fc2274
CORE-2008-122.txt
Posted Feb 4, 2008
Authored by Felipe Manzano, Anibal Sacco | Site coresecurity.com

Core Security Technologies Advisory - The MPlayer package is vulnerable to an arbitrary pointer dereference vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. The vulnerability is caused by the MPlayer libmpdemux ('demux_mov.c') library not properly sanitizing certain tags on a MOV file before using them to index an array on the heap. This can be exploited to execute arbitrary commands by opening a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2008-0485
SHA-256 | c3dbdf2e8f7ae8c5db2507b176551c4a741b53e50ee9905fe4920754fdc7507c
OPENADS-SA-2008-001.txt
Posted Feb 4, 2008
Authored by Matteo Beccati | Site openads.org

Openads versions prior to 2.4.3 suffer from a PHP code injection and execution vulnerability.

tags | advisory, php
SHA-256 | 3b8e9656dab62e6fe6a16d9ba5b32ecb9895b49a521e943ff12d6cf3cda618ee
Ubuntu Security Notice 574-1
Posted Feb 4, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 574-1 - A massive slew of vulnerabilities relating to the linux-source-2.6.17/20/22 packages have been addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-6058, CVE-2007-3107, CVE-2007-4567, CVE-2007-4849, CVE-2007-4997, CVE-2007-5093, CVE-2007-5500, CVE-2007-5501, CVE-2007-5966, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206, CVE-2007-6417, CVE-2008-0001
SHA-256 | 4791c2975b392758be35d2399e875fa6e7ae9cf6c243dde7c9208ac6888d87f0
microtik-dos.txt
Posted Feb 4, 2008
Authored by ShadOS | Site hellknights.void.ru

MicroTik RouterOS version 3.2 and below SNMPd denial of service exploit.

tags | exploit, denial of service
SHA-256 | deec328f872606cc602045ba08ceea2a7516fe053d90c1dd3fc9c4a1277392b7
joomlamarket-sql.txt
Posted Feb 4, 2008
Authored by SoSo H H

The Joomla component Marketplace version 1.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 686e153b1578666e4ba4af4dc09291614b3d05f889cbacf274d242fa406e195b
ablog-sqlxss.txt
Posted Feb 4, 2008
Authored by IRCRASH | Site ircrash.com

A-Blog version 0.2 remote SQL injection exploit along with cross site scripting vulnerability details.

tags | exploit, remote, xss, sql injection
SHA-256 | 922bf4173c518085e823debf3ad84ecc57159438ae9398e2bfb398d029a0ecf5
joomlamosdir-sql.txt
Posted Feb 4, 2008
Authored by GolD_M | Site tryag.cc

The Joomla component mosDirectory version 2.3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 37805967da811e0b19ed66de77c8ef31a9ffa943fc3031da2bd7eb9e9e2ee1ab
blogphp-sql.txt
Posted Feb 4, 2008
Authored by IRCRASH | Site ircrash.com

BlogPHP version 0.2 remote SQL injection exploit along with cross site scripting vulnerability details.

tags | exploit, remote, xss, sql injection
SHA-256 | 95f01f12bf124722fa39346748ea9142c02379baafd96611ad611cb561b4cae6
sejoon-overflow.txt
Posted Feb 4, 2008
Site Plan-S.cn

Sejoong Namo ActiveSquare 6 ActiveX buffer overflow exploit that makes use of NamoInstaller.dll.

tags | exploit, overflow, activex
SHA-256 | 8d978eb225a560ed7d9d1214029afb86ffb9d024fb978d9e284bad1e86281c9f
facebook-overflow.txt
Posted Feb 4, 2008
Authored by Elazar Broad

FaceBook PhotoUploader buffer overflow exploit that takes advantage of ImageUploader4.ocx version 4.5.57.0.

tags | exploit, overflow
SHA-256 | 42fb0f9d6161ea73e9064b8284554afa3a1f7b7af22a5e77cc3700b89c59e5d0
joomlashambo2-sql.txt
Posted Feb 4, 2008
Authored by S@BUN | Site hackturkiye.com

The Joomla com_shambo2 component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 590177924d3973249ad8107726e4d6ca7fbdf62705925cfaa758523751436454
joomlaawesom-sql.txt
Posted Feb 4, 2008
Authored by S@BUN | Site hackturkiye.com

The Joomla com_awesom component versions 0.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f45385b0c5578f27e13d5afbf0a351c33bfab07412bbfd70e88c30094bcc9544
itechbids-sql.txt
Posted Feb 4, 2008
Authored by QTRinux | Site root-qtr.com

ITechBids version 5.0 suffers from a remote SQL injection vulnerability in bidhistory.php.

tags | exploit, remote, php, sql injection
SHA-256 | 6f26a364d06a34a357aa9df1201e1a64c3ce83fcb9b8f8c644de381ae7f1038f
aps-overflow.txt
Posted Feb 4, 2008
Authored by L4teral

Anon Proxy Server version 0.102 and below suffer from a remote buffer overflow vulnerability.

tags | advisory, remote, overflow
SHA-256 | 97fd7c6664457be72eb3c3a669e934a94f42cf05ec105a6f48c9e3c174e07f54
phpshop-sql.txt
Posted Feb 4, 2008
Authored by theredc0ders

PHPShop version 0.8.1 suffers from a bypass vulnerability that allows for SQL injection attacks.

tags | exploit, sql injection, bypass
SHA-256 | 7309c78610fd7fd6493e7bed3f885c7a2c18a9b5f66070b89fabdf279a7aa29c
yahoomusic-overflow4.txt
Posted Feb 4, 2008
Authored by Elazar Broad

Yahoo! Music Jukebox AddButton() ActiveX buffer overflow exploit.

tags | exploit, overflow, activex
SHA-256 | a3419039c882d33450d5327b6f52f73c0e91ae33be3c254256fa434a0d6d2d77
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close