Section:  .. / 1009-exploits  /

Page 5 of 13
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 >> Files 100 - 125 of 305
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: acousticaacp-overflow.txt
Description:
Acoustica Audio Converter Pro version 1.1 suffers from a heap overflow vulnerability.
Author:Carlos Hollmann
File Size:4090
Last Modified:Sep 21 19:48:55 2010
MD5 Checksum:5be5cb42b79b25e93aaba678eb290e95

 ///  File Name: websuite-sql.txt
Description:
WebSuite suffers from a remote SQL injection vulnerability.
Author:jos_ali_joe
File Size:1205
Last Modified:Sep 21 19:33:49 2010
MD5 Checksum:a688832f2068989f49ac3eaadd6eda98

 ///  File Name: atmailwebmail-xss.txt
Description:
Atmail Webmail suffers from a cross site scripting vulnerability. Versions prior to 6.2.0 are affected.
Author:Vicente Aguilera Diaz
File Size:4124
Last Modified:Sep 21 19:32:18 2010
MD5 Checksum:6269664e25f288c80b1c27ac1706590f

 ///  File Name: tuenti-access.txt
Description:
Tuenti.com suffers from an insecure direct object reference vulnerability allowing anyone to read arbitrary blog posts.
Author:Vicente Aguilera Diaz
File Size:3978
Last Modified:Sep 21 19:30:38 2010
MD5 Checksum:85d8ff22e0e8fa88a47d5a589d279db8

 ///  File Name: snowfoxtvc-dllhijack.txt
Description:
SnowFox Total Video Converter DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:862
Last Modified:Sep 21 19:13:28 2010
MD5 Checksum:80c294ada1144897a6bb580ff188b66d

 ///  File Name: ZSL-2010-4965.txt
Description:
Softek Barcode Reader Toolkit version 7.1.4.14 Active-X related buffer overflow proof of concept exploit.
Author:LiquidWorm
Homepage:http://www.zeroscience.mk/
File Size:3416
Last Modified:Sep 21 19:07:07 2010
MD5 Checksum:8aa99dc0ba8a0fc008402b9f2de625cc

 ///  File Name: wpquiz27-sql.txt
Description:
wpQuiz version 2.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:KnocKout
File Size:707
Last Modified:Sep 21 19:05:23 2010
MD5 Checksum:b95a0267ec3254d2181cca903235ce41

 ///  File Name: ibphotohost-sql.txt
Description:
ibPhotohost version 1.1.2 suffers from a remote SQL injection vulnerability.
Author:fred777
File Size:1102
Last Modified:Sep 21 19:02:07 2010
MD5 Checksum:e461d1dc666787bbdbe1c1912a630c3c

 ///  File Name: moaub21-excel.tgz
Description:
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a WOPT record parsing heap memory corruption vulnerability. Proof of concept included.
Author:Abysssec,Shahin
Homepage:http://www.abysssec.com/
File Size:624448
Related CVE(s):CVE-2010-0824
Last Modified:Sep 21 18:59:01 2010
MD5 Checksum:312e375131ffd5c847ea5ffed7b32309

 ///  File Name: moaub-personalnet.txt
Description:
Month Of Abysssec Undisclosed Bugs - Personal.Net Portal version 2.8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:Abysssec
Homepage:http://www.abysssec.com/
File Size:6722
Last Modified:Sep 21 18:47:40 2010
MD5 Checksum:5130c835c14bff57dbe9bae50467f6dd

 ///  File Name: novelliprint_callbackurl.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in Novell iPrint Client 5.42. When sending an overly long string to the 'call-back-url' parameter in an op-client-interface-version action of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:Trancer
Homepage:http://www.metasploit.com
File Size:5440
Related OSVDB(s):67411
Related CVE(s):CVE-2010-1527
Last Modified:Sep 21 18:46:34 2010
MD5 Checksum:80269d9e5705e85962cc7e26d8957a01

 ///  File Name: novelliprint_executerequest_dbg.rb...>
Description:
This Metasploit module exploits a stack-based buffer overflow in Novell iPrint Client 5.40. When sending an overly long string to the 'debug' parameter in ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Author:Trancer
Homepage:http://www.metasploit.com
File Size:5695
Related OSVDB(s):66960
Related CVE(s):CVE-2010-3106
Last Modified:Sep 21 18:45:05 2010
MD5 Checksum:4c82e48d18c60cbb339bae8863c7b2e3

 ///  File Name: ms10_061_spoolss.rb.txt
Description:
This Metasploit module exploits the RPC service impersonation vulnerability detailed in Microsoft Bulletin MS10-061. By making a specific DCE RPC request to the StartDocPrinter procedure, an attacker can impersonate the Printer Spooler service to create a file. The working directory at the time is %SystemRoot%\\\\system32. An attacker can specify any file name, including directory traversal or full paths. By sending WritePrinter requests, an attacker can fully control the content of the created file. In order to gain code execution, this module writes an EXE and then (ab)uses the impersonation vulnerability a second time to create a secondary RPC connection to the \\\\PIPE\\\\ATSVC named pipe. We then proceed to create a remote AT job using a blind NetrJobAdd RPC call.
Author:hdm,jduck
Homepage:http://www.metasploit.com
File Size:13690
Related OSVDB(s):67988
Related CVE(s):CVE-2010-2729
Last Modified:Sep 21 14:32:51 2010
MD5 Checksum:0580f4d44dd64fd3314f7ef5a0b654d1

 ///  File Name: ibpromotion-xss.txt
Description:
IB Promotion Advanced Business Web Suite suffers from a cross site scripting vulnerability.
Author:MustLive
File Size:1104
Last Modified:Sep 21 00:53:56 2010
MD5 Checksum:0257fb75668e7c06518966721e1c6963

 ///  File Name: bifrost-dllhijack.txt
Description:
BifrosT DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:807
Last Modified:Sep 21 00:48:01 2010
MD5 Checksum:4da02dd48e7bdd3eaf62a990e2abf098

 ///  File Name: usn985-1local.txt
Description:
Local proof of concept exploit that demonstrates a vulnerability with mountall where a udev rule is created with world-writable permissions.
Author:fuzz
Related File:USN-985-1.txt
File Size:851
Related CVE(s):CVE-2010-2961
Last Modified:Sep 20 21:23:11 2010
MD5 Checksum:ae2972ba5af4ed1176f2f3bacf6c2eda

 ///  File Name: joomlaspain-sql.txt
Description:
The Joomla Spain component suffers from a remote SQL injection vulnerability.
Author:Fl0riX
File Size:1221
Last Modified:Sep 20 21:21:46 2010
MD5 Checksum:193849dc55688bffac2043cf28828b7c

 ///  File Name: e1070723-sql.txt
Description:
e107 version 0.7.23 suffers from multiple remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:2183
Last Modified:Sep 20 21:20:35 2010
MD5 Checksum:73f05268f1c3c57fd1313bd5c7f0c32b

 ///  File Name: swishmax-dllhijack.txt
Description:
SWiSHmax DLL hijacking exploit that leverages swishmaxres.dll.
Author:anT!-Tr0J4n
File Size:824
Last Modified:Sep 20 21:18:17 2010
MD5 Checksum:659a7c7f61b374ae6d6145c80118d721

 ///  File Name: basicwebserver10-traversal.txt
Description:
Basic Web Server version 1.0 suffers from a directory traversal vulnerability.
Author:John Leitch
File Size:812
Last Modified:Sep 20 21:16:48 2010
MD5 Checksum:e1a5f96dbc19da308d12b23dac842e6c

 ///  File Name: basicwebserver-dos.py.txt
Description:
Basic Web Server version 1.0 suffers from a denial of service vulnerability.
Author:John Leitch
File Size:1503
Last Modified:Sep 20 21:16:06 2010
MD5 Checksum:ae3d2a138a9cc23764217da57c8ae956

 ///  File Name: smartermail-traversal.txt
Description:
SmarterMail version 7.1.3876 suffers from a directory traversal vulnerability.
Author:sqlhacker
File Size:2235
Last Modified:Sep 20 21:13:14 2010
MD5 Checksum:198a340c0462c2c61592a8c59c2dfe5a

 ///  File Name: pinky10-traversal.txt
Description:
Pinky version 1.0 suffers from a directory traversal vulnerability.
Author:John Leitch
File Size:911
Last Modified:Sep 20 21:12:16 2010
MD5 Checksum:dbe31b077aa6c02b1e5e1f245577f28c

 ///  File Name: primitive-sqlxss.txt
Description:
Primitive CMS version 1.0.9 suffers from html and remote blind SQL injection vulnerabilities.
Author:Stephan Sattler
File Size:1578
Last Modified:Sep 20 21:09:45 2010
MD5 Checksum:95341ffee52a8a6a78866eb18beead7f

 ///  File Name: lightneasy-sql.txt
Description:
LightNEasy CMS version 3.2.1 suffers from a remote blind SQL injection vulnerability.
Author:Stephan Sattler
File Size:1416
Last Modified:Sep 20 21:08:41 2010
MD5 Checksum:780f59ba7fcae9936fc0fdd06203097d