Section:  .. / 1007-exploits  /

Page 1 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 1 - 25 of 378
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: uplusftp-overflow.txt
Description:
UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.
Author:Karn Ganeshen,corelanc0d3r
File Size:2777
Last Modified:Jul 28 18:34:54 2010
MD5 Checksum:60a3b2b94f3545e1846005844320d4f2

 ///  File Name: symantecams-flaw.txt
Description:
Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.
Author:Spider
Related File:foofus-20100726.txt
File Size:5229
Last Modified:Jul 28 14:20:54 2010
MD5 Checksum:99af1c5cdd484a0a3d2744bc9ee6a38d

 ///  File Name: jira-xss.txt
Description:
Jira version 4.0.1 suffers from a cross site scripting vulnerability.
Author:MaXe
File Size:2336
Last Modified:Jul 28 14:19:27 2010
MD5 Checksum:bd54a2222350829abde01d653c24d6a4

 ///  File Name: zemana-escalate.txt
Description:
Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability.
Author:th_decoder
File Size:2802
Last Modified:Jul 28 14:10:54 2010
MD5 Checksum:3c52a66eb2c31dd73df27b7a44faf0b1

 ///  File Name: ceteraecommerce-sqlxss.txt
Description:
Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
Author:MustLive
File Size:2951
Last Modified:Jul 28 14:08:24 2010
MD5 Checksum:2eaa26eb1f22884df3d3167bc069e4b0

 ///  File Name: apachetomcat-traversal.txt
Description:
UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18.
Author:Simon Ryeo,mywisdom
File Size:3544
Related OSVDB(s):47464
Related CVE(s):CVE-2008-2938
Last Modified:Jul 28 13:52:44 2010
MD5 Checksum:be0f85711288d99a26465aac5493aec3

 ///  File Name: joomlaphotomapgallery-sql.txt
Description:
Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities.
Author:Salvatore Fresta
File Size:3585
Last Modified:Jul 28 13:46:30 2010
MD5 Checksum:929ef26fbab0a2d1e5aa1b95348554d7

 ///  File Name: avarcade-insecure.txt
Description:
AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities.
Author:saudi0hacker
File Size:905
Last Modified:Jul 28 13:44:53 2010
MD5 Checksum:e24295757afa6e9f6b4a25d30a5fe4e7

 ///  File Name: nubuilder-rfi.txt
Description:
nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability.
Author:Ahlspiess
File Size:1276
Last Modified:Jul 28 13:43:14 2010
MD5 Checksum:d451eae5886197e24dccb93485ece7ea

 ///  File Name: punbbpunpm-sql.txt
Description:
PunBB versions 1.3.x and below with Pun_PM versions 1.2.6 and below remote blind SQL injection exploit.
Author:Dante90
File Size:7628
Last Modified:Jul 27 21:16:23 2010
MD5 Checksum:6e2c0f3eee120f9b20dfae1d6ecb8956

 ///  File Name: joomlattvideo-sql.txt
Description:
Joomla TTVideo component version 1.0 suffers from a remote SQL injection vulnerability.
Author:Salvatore Fresta
File Size:1779
Last Modified:Jul 27 21:15:13 2010
MD5 Checksum:804159f3c6ff44c128962d760a3b3e00

 ///  File Name: msvisualstudio-overflow
Description:
Microsoft Visual Studio version 6.0 VCMUTL.dll unicode Active-X buffer overflow exploit.
Author:MadjiX
File Size:3534
Last Modified:Jul 27 21:14:11 2010
MD5 Checksum:d97606695742264600bae5e755755fa4

 ///  File Name: ie67-dos.txt
Description:
Microsoft Internet Explorer versions 6 and 7 suffers from a denial of service vulnerability.
Author:Richard Leahy
File Size:560
Last Modified:Jul 27 21:06:52 2010
MD5 Checksum:2752a461ecb310dd0db37c67b478c81e

 ///  File Name: socialmedia-lfi.txt
Description:
Social Media version 2.0.0 suffers from a local file inclusion vulnerability.
Author:OoN_Boy
File Size:2761
Last Modified:Jul 27 20:24:54 2010
MD5 Checksum:cfecac432433c100c61e1b5bd2b280fd

 ///  File Name: major_rls78.txt
Description:
PHPKIT WCMS vesion 1.6.5 suffers from a reflected cross site scripting vulnerability.
Author:David "Aesthetico" Vieira-Kurz
Homepage:http://www.majorsecurity.de
File Size:1513
Last Modified:Jul 27 20:23:27 2010
MD5 Checksum:1878fc386e65ab060cd9593ef9dd476c

 ///  File Name: theetacms-sqlxss.txt
Description:
Theeta CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4821
Last Modified:Jul 27 20:10:58 2010
MD5 Checksum:dbfc07930d0e37e7ee46e6f86ff96744

 ///  File Name: joomlaappointinator-sql.txt
Description:
The Joomla Appointinator component version 1.0.1 suffers from remote SQL injection vulnerabilities.
Author:Salvatore Fresta
File Size:1678
Last Modified:Jul 27 20:08:27 2010
MD5 Checksum:f3ba06cfcb83632d05900d500338dc58

 ///  File Name: syndeocms-xss.txt
Description:
SyndeoCMS versions 2.9.0 and below suffer from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:8190
Last Modified:Jul 27 20:04:21 2010
MD5 Checksum:7968a477727cac0314791654ba903d9f

 ///  File Name: major_rls79.txt
Description:
PHPKIT WCMS version 1.6.5 suffers from multiple cross site scripting vulnerabilities.
Author:David "Aesthetico" Vieira-Kurz
Homepage:http://www.majorsecurity.de
File Size:1624
Last Modified:Jul 27 19:48:15 2010
MD5 Checksum:0703add159aebb090826a24794228dde

 ///  File Name: easyftp_mkd_fixret.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing 'MKD' commands, which leads to a stack based buffer overflow. NOTE: EasyFTP allows anonymous access by default. However, in order to access the 'MKD' command, you must have access to an account that can create directories. After version 1.7.0.12, this package was renamed "UplusFtp". This exploit utilizes a small piece of code that I\\'ve referred to as 'fixRet'. This code allows us to inject of payload of ~500 bytes into a 264 byte buffer by 'fixing' the return address post-exploitation. See references for more information.
Author:jduck,x90c
Homepage:http://www.metasploit.com
File Size:4353
Related OSVDB(s):62134
Last Modified:Jul 27 19:13:55 2010
MD5 Checksum:a31ab6edcdb29318cc3ec1bcff1a522d

 ///  File Name: easyftp_list_fixret.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11. credit goes to Karn Ganeshan. NOTE: Although, this is likely to exploit the same vulnerability as the 'easyftp_cwd_fixret' exploit, it uses a slightly different vector.
Author:Karn Ganeshan,MFR,jduck
Homepage:http://www.metasploit.com
File Size:3401
Related OSVDB(s):62134
Last Modified:Jul 27 19:11:36 2010
MD5 Checksum:dd1158c4d3c385cf313352a66803a9f8

 ///  File Name: easyftp_list.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing the 'path' parameter supplied to an HTTP GET request, which leads to a stack based buffer overflow. EasyFTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability. After version 1.7.0.12, this package was renamed "UplusFtp". Due to limited space, as well as difficulties using an egghunter, the use of staged, ORD, and/or shell payloads is recommended.
Author:ThE g0bL!N,jduck
Homepage:http://www.metasploit.com
File Size:3667
Related OSVDB(s):66614
Last Modified:Jul 27 19:11:13 2010
MD5 Checksum:e8e1ba35a15a4cce0d46cd0b3dd34996

 ///  File Name: hyleos_chemviewx_activex.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow within version 1.9.5.1 of Hyleos ChemView (HyleosChemView.ocx). By calling the 'SaveAsMolFile' or 'ReadMolFile' methods with an overly long first argument, an attacker can overrun a buffer and execute arbitrary code.
Author:Dz_attacker,Paul Craig,jduck
Homepage:http://www.metasploit.com
File Size:4474
Related OSVDB(s):62276
Related CVE(s):CVE-2010-0679
Last Modified:Jul 27 19:09:47 2010
MD5 Checksum:ba64d10e2eab24164863d5807b3b8829

 ///  File Name: qqplayersmi-overflow.txt
Description:
QQplayer versions 2.3.696.400p1 and below .smi file processing local buffer overflow exploit.
Author:Lufeng Li
File Size:3191
Last Modified:Jul 26 18:29:06 2010
MD5 Checksum:406fce05161dd97728004e5127e74900

 ///  File Name: oscommercemax-backup.txt
Description:
Oscommerce Max version 2.0.25 suffers from a backup creation and download vulnerability.
Author:indoushka
File Size:3111
Last Modified:Jul 26 18:26:27 2010
MD5 Checksum:cc921370448d96ff05e985cba88687e9