Section:  .. / 1005-exploits  /

Page 13 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 300 - 325 of 489
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: MOPS-2010-032.pdf
Description:
Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65929
Last Modified:May 25 17:42:04 2010
MD5 Checksum:8f24b17078f4235b786eab6a5ba37659

 ///  File Name: MOPS-2010-033.pdf
Description:
Month Of PHP Security - PHP’s iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:66362
Last Modified:May 25 18:05:07 2010
MD5 Checksum:1a1045191cfaa946584ed44708cbb48c

 ///  File Name: MOPS-2010-034.pdf
Description:
Month Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:67606
Last Modified:May 25 18:10:05 2010
MD5 Checksum:9867aef6cb0e23eb7e1c90501a688b87

 ///  File Name: MOPS-2010-035.pdf
Description:
Month Of PHP Security - It was discovered that access control to the [php] bbcode which allows executing PHP code is wrongly implemented in e107. This allows unauthenticated users to execute arbitrary PHP code easily. e107 versions 0.7.20 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:73511
Last Modified:May 25 18:15:53 2010
MD5 Checksum:4346bfb6d6ada1280a974af5e3c38c10

 ///  File Name: MOPS-2010-036.pdf
Description:
Month Of PHP Security - PHP’s htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65167
Last Modified:May 25 18:22:01 2010
MD5 Checksum:58a2282704682891d8a123b19550f836

 ///  File Name: MOPS-2010-037.pdf
Description:
Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:64804
Last Modified:May 25 23:14:29 2010
MD5 Checksum:388e0fd4bb12bfa8dc6af2aafb30c88b

 ///  File Name: MOPS-2010-038.pdf
Description:
Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:68257
Last Modified:May 25 23:19:30 2010
MD5 Checksum:174e7f2d708eed382f8512559f3fbdad

 ///  File Name: MOPS-2010-039.pdf
Description:
Month Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65427
Last Modified:May 25 23:22:40 2010
MD5 Checksum:c86bdd33424d949ac003fcd1c6a53485

 ///  File Name: MOPS-2010-040.pdf
Description:
Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:66939
Last Modified:May 25 23:25:13 2010
MD5 Checksum:07349a70c2ec4dae56e786408452609f

 ///  File Name: ms01_026_dbldecode.rb.txt
Description:
This Metasploit module will execute an arbitrary payload on a Microsoft IIS installation that is vulnerable to the CGI double-decode vulnerability of 2001. NOTE: This Metasploit module will leave a metasploit payload in the IIS scripts directory.
Author:jduck
Homepage:http://www.metasploit.com
File Size:4074
Related OSVDB(s):556
Related CVE(s):CVE-2001-0333
Last Modified:May 26 19:28:52 2010
MD5 Checksum:d8cc76c987e3da3d8b69e025a0767453

 ///  File Name: ms10_004_textbytesatom.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow vulnerability in the handling of the TextBytesAtom records by Microsoft PowerPoint Viewer. According to Microsoft, the PowerPoint Viewer distributed with Office 2003 SP3 and earlier, as well as Office 2004 for Mac, are vulnerable. NOTE: The vulnerable code path is not reachable on versions of Windows prior to Windows Vista.
Author:SkD,Snake
Homepage:http://www.metasploit.com
File Size:7548
Related OSVDB(s):62241
Related CVE(s):CVE-2010-0033
Last Modified:May 14 10:44:02 2010
MD5 Checksum:7bb93b9e40ea4005796927bb1b961a45

 ///  File Name: mspaint-dos.txt
Description:
Microsoft Paint version 5.1.2600.218 integer overflow denial of service exploit.
Author:unsign
File Size:3314
Related CVE(s):CVE-2010-0028
Last Modified:May 6 22:14:51 2010
MD5 Checksum:e1042d51a929ba222ab47336ddbf7e58

 ///  File Name: multivendormail-sql.txt
Description:
Multi Vendor Mail suffers from a remote SQL injection vulnerability.
Author:Newbie_Campuz
File Size:1871
Last Modified:May 26 20:38:13 2010
MD5 Checksum:9c8dcdd7a3a735aeb02adbe02ef40f49

 ///  File Name: mvm-sql.txt
Description:
Multi Vendor Mail suffers from a remote SQL injection vulnerability in itemdetail.php and shop.php.
Author:CoBRa_21
File Size:1196
Last Modified:May 26 20:44:35 2010
MD5 Checksum:1b7b0486c8cb62379a09a0659b52f46d

 ///  File Name: mynews-sqllfixss.txt
Description:
MyNews CMS version 1.0 suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.
Author:mr_me
Homepage:http://www.corelan.be/
File Size:2039
Last Modified:May 18 23:53:19 2010
MD5 Checksum:2d4b9fba7e243bd2d6c86bfc1f4d11bd

 ///  File Name: ncpsolutions-sql.txt
Description:
NCP Solutions version 3.1 suffers from a remote SQL injection vulnerability.
Author:Mr.P3rfekT
File Size:913
Last Modified:May 28 15:14:46 2010
MD5 Checksum:1f5ada850686bbe723ceecc4bba33466

 ///  File Name: netricks-sql.txt
Description:
Website Design and Hosting By Netricks, Inc suffers from a remote SQL injection vulnerability.
Author:Dr.SiLnT HilL
File Size:2436
Last Modified:May 25 23:41:54 2010
MD5 Checksum:43783256ff87793b1c53bfd0c2911438

 ///  File Name: netvidade-sql.txt
Description:
Netvidade Engine version 1.0 suffers from multiple remote SQL injection vulnerabilities.
Author:pwndomina
File Size:8938
Last Modified:May 10 18:12:17 2010
MD5 Checksum:2661902e0d796e9a05d37f0f80165bd1

 ///  File Name: nfs_mount_ex.c
Description:
Local kernel exploit for nfs_mount() on FreeBSD versions 8.0, 7.3 and 7.2. It escalates privileges on versions 7.2 and 7.3 and causes a denial of service on 8.0.
Author:Patroklos Argyroudis
Homepage:http://census-labs.com/
Related File:census-2010-001.txt
File Size:4437
Related CVE(s):CVE-2010-2020
Last Modified:May 28 16:36:27 2010
MD5 Checksum:a3d080507e85c1716e34ca309e2f0f1f

 ///  File Name: nginx-disclose.txt
Description:
Nginx version 0.8.35 suffers from a source code disclosure vulnerability.
Author:Pouya Daneshmand
File Size:770
Last Modified:May 30 18:49:31 2010
MD5 Checksum:263b62b4701f8cfffea1075eae36bb97

 ///  File Name: nginx0636-traversal.txt
Description:
Nginx web server versions 0.6.36 and below suffers from a path traversal vulnerability.
Author:cp77fk4r
File Size:1067
Last Modified:May 27 20:54:26 2010
MD5 Checksum:40bf6929d6ec6c7a546087a34b644476

 ///  File Name: nitro-sql.txt
Description:
Nitro Web Gallery suffers from a remote SQL injection vulnerability.
Author:cyberlog
File Size:2269
Last Modified:May 25 23:47:50 2010
MD5 Checksum:2e17d5f1532aa8c830ddd71370579359

 ///  File Name: npds-sql.txt
Description:
NPDS REvolution version 10.02 suffers from a remote blind SQL injection vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:1944
Last Modified:May 14 13:17:04 2010
MD5 Checksum:f1e18637656479cf9ab74050bfd8722b

 ///  File Name: npds-xsrf.txt
Description:
NPDS REvolution version 10.02 suffers from a cross site request forgery vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:966
Last Modified:May 21 19:23:32 2010
MD5 Checksum:d5505bade9a9414e992ede46a8058df5

 ///  File Name: npds-xss.txt
Description:
NPDS REvolution version 10.02 suffers from a cross site scripting vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:1030
Last Modified:May 14 13:18:12 2010
MD5 Checksum:bc8c20da65128a84edc93942c0c664b7