Section:  .. / 1005-exploits  /

Page 2 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 25 - 50 of 489
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: MOPS-2010-008.pdf
Description:
Month Of PHP Security - PHP chunk_split() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65618
Last Modified:May 10 22:04:52 2010
MD5 Checksum:29d9359ecdd70478318838df4b8af8d0

 ///  File Name: MOPS-2010-039.pdf
Description:
Month Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65427
Last Modified:May 25 23:22:40 2010
MD5 Checksum:c86bdd33424d949ac003fcd1c6a53485

 ///  File Name: MOPS-2010-036.pdf
Description:
Month Of PHP Security - PHP’s htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65167
Last Modified:May 25 18:22:01 2010
MD5 Checksum:58a2282704682891d8a123b19550f836

 ///  File Name: MOPS-2010-037.pdf
Description:
Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:64804
Last Modified:May 25 23:14:29 2010
MD5 Checksum:388e0fd4bb12bfa8dc6af2aafb30c88b

 ///  File Name: MOPS-2010-006.pdf
Description:
Month Of PHP Security - PHP addcslashes() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:64388
Last Modified:May 10 22:04:51 2010
MD5 Checksum:f62c44baa1d6cb8f468ca81c08415b0b

 ///  File Name: MOPS-2010-010.pdf
Description:
Month Of PHP Security - PHP html_entity_decode() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:63507
Last Modified:May 10 22:04:54 2010
MD5 Checksum:8622faf6f0e2d481b8b0bc01d56782ee

 ///  File Name: MOPS-2010-003.pdf
Description:
Month Of PHP Security - PHP dechunk Filter Signed Comparison Vulnerability. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:63231
Last Modified:May 10 22:04:49 2010
MD5 Checksum:96c6636eacb9fe0a295138fc4bbdb3a2

 ///  File Name: MOPS-2010-029.pdf
Description:
Month Of PHP Security - An SQL Injection vulnerability was discovered in CMSQlite that allows to retrieve all data from the database. Versions 1.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:61899
Last Modified:May 25 17:24:10 2010
MD5 Checksum:755198535b782ed8d177a7e4be7a107a

 ///  File Name: MOPS-2010-018.pdf
Description:
Month Of PHP Security - EFront ask_chat chatrooms_ID SQL Injection Vulnerability. Versions 3.6.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:61880
Last Modified:May 10 22:05:01 2010
MD5 Checksum:0fb51d2842143fb87b9000f345ff093f

 ///  File Name: MOPS-2010-001.pdf
Description:
Month Of PHP Security - PHP hash_update_file() Already Freed Resource Access Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:61612
Last Modified:May 10 22:04:48 2010
MD5 Checksum:20d3267b0d877f9a360ba7b10603048d

 ///  File Name: MOPS-2010-002.pdf
Description:
Month Of PHP Security - Campsite TinyMCE Article Attachment SQL Injection Vulnerability. Campsite versions 3.3.5 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:60151
Last Modified:May 10 22:04:48 2010
MD5 Checksum:65df31f1522213ed13963d2f16beee11

 ///  File Name: ZSL-2010-4937.txt
Description:
Shockwave Player versions 11.5.6.606 and below from Adobe suffer from memory consumption / corruption and buffer overflow vulnerabilities that can aid the attacker in causing a denial of service scenario and arbitrary code execution. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers.
Author:LiquidWorm
File Size:58822
Related CVE(s):CVE-2010-1280
Last Modified:May 11 22:53:20 2010
MD5 Checksum:a090cda0e032c90843afe4228326bafc

 ///  File Name: MOPS-2010-030.pdf
Description:
Month Of PHP Security - A local file inclusion vulnerability was discovered in CMSQlite that might allow remote PHP code execution. Versions 1.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:58820
Last Modified:May 25 17:29:57 2010
MD5 Checksum:2a2002bbe18931001acb66cd137d308c

 ///  File Name: MOPS-2010-011.pdf
Description:
Month Of PHP Security - DeluxeBB newthread SQL Injection Vulnerability. Versions 1.3 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:58336
Last Modified:May 10 22:04:55 2010
MD5 Checksum:f8a200383e38fc41e6d7871242077f01

 ///  File Name: MOPS-2010-022.pdf
Description:
Month Of PHP Security - PHP uses the stream context during stream destruction, although it was already freed in the request shutdown before. PHP versions 5.2 through 5.2.13 and 5.3 through 5.3.2 are affected.
Author:Mateusz Kocielski
Homepage:http://www.php-security.org/
File Size:54243
Last Modified:May 25 00:18:56 2010
MD5 Checksum:f8dd2cb8eb88afece683c7f92716aed1

 ///  File Name: MOPS-2010-021.pdf
Description:
Month Of PHP Security - PHP's fnmatch() function can be used to crash PHP through a stack exhaustion attack. PHP versions 5.2 through 5.2.13 and 5.3 through 5.3.2 are affected.
Author:Mateusz Kocielski
Homepage:http://www.php-security.org/
File Size:52437
Last Modified:May 25 00:13:44 2010
MD5 Checksum:14fdb7ec9fab761a0dd650031d3a37a6

 ///  File Name: psbrush-overflow.txt
Description:
Adobe Photoshop CS4 Extended suffers from a buffer overflow vulnerability when dealing with .ABR (brushes) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service. Version CS4 Extended 11.0.0.0 is affected.
Author:LiquidWorm
File Size:46226
Related CVE(s):CVE-2010-1296
Last Modified:May 26 20:42:25 2010
MD5 Checksum:076d8776c6a71fddcfced90feeecd0da

 ///  File Name: filethingee-bypass.tgz
Description:
File Thingee version 2.5.5 suffers from a file security bypass vulnerability that allows for a php shell upload.
Author:Jeremiah Talamantes
File Size:42770
Last Modified:May 18 18:54:46 2010
MD5 Checksum:4467512b21d45dfd71de15c060a3a485

 ///  File Name: psgradient-overflow.txt
Description:
Adobe Photoshop CS4 Extended suffers from a buffer overflow vulnerability when dealing with .GRD (gradients) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service. Version CS4 Extended 11.0.0.0 is affected.
Author:LiquidWorm
File Size:32488
Related CVE(s):CVE-2010-1296
Last Modified:May 26 20:41:19 2010
MD5 Checksum:28b31067d1a424a11e0fd6405d811319

 ///  File Name: phpnukeworm-exec.txt
Description:
PHP-Nuke versions 7.0, 8.1 and 8.1.35 wormable remote code execution exploit.
Author:Michael Brooks
File Size:26263
Last Modified:May 4 20:53:06 2010
MD5 Checksum:eb272c6ff1c00e0c3cdc8c49150c4be4

 ///  File Name: eset_lzh.zip
Description:
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 .lzh archive parsing proof of concept exploit.
Author:eSage Lab
File Size:16123
Last Modified:May 9 13:16:01 2010
MD5 Checksum:6e66b37dc56653e0311e326ae3ee84ef

 ///  File Name: ipb301-sql.txt
Description:
IPB version 3.0.1 remote SQL injection exploit.
Author:Cryptovirus
Homepage:http://de.crypt.in/
File Size:14407
Last Modified:May 14 12:44:34 2010
MD5 Checksum:12e1b3f15792e1112e64b9818655715f

 ///  File Name: solaris10ftpd-xsrf.txt
Description:
Sun Solaris 10 ftpd suffers from a cross site request forgery vulnerability.
Author:Maksymilian Arciemowicz
File Size:14003
Last Modified:May 22 13:38:30 2010
MD5 Checksum:7234a5fffc857a3c6e88a6409cbd9b3c

 ///  File Name: fbsd80ftpd-poc.txt
Description:
FreeBSD version 8.0 ftpd off-by-one proof of concept exploit.
Author:Adam Zabrocki,Maksymilian Arciemowicz
Related File:FreeBSD-SA-10-05.opie.txt
File Size:13598
Related CVE(s):CVE-2010-1938
Last Modified:May 27 20:20:20 2010
MD5 Checksum:4845b71e03017fec5daa8ac8408c5e4d

 ///  File Name: solaris10libc-overflow.txt
Description:
Sun Solaris 10 libc/*convert (*cvt) suffers from a buffer overflow vulnerability.
Author:Maksymilian Arciemowicz
File Size:11527
Last Modified:May 22 13:41:25 2010
MD5 Checksum:54ce074f34d152ddc5a7f87d4cc902d2