Section:  .. / 1010-exploits  /

Page 2 of 12
<< 1 2 3 4 5 6 7 8 9 10 11 12 >> Files 25 - 50 of 284
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: dzcp-lfi.txt
Description:
DZCP version 1.5.4 suffers from a local file inclusion vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:698
Last Modified:Oct 28 05:03:57 2010
MD5 Checksum:05b96349581acf66b2f3daf3013efcac

 ///  File Name: accimoveis-sql.txt
Description:
ACC IMoveis version 4.0 suffers from a remote SQL injection vulnerability.
Author:EraGoN
File Size:752
Last Modified:Oct 28 04:57:20 2010
MD5 Checksum:e95a3028e72ec80eafe30e81f6bb06d5

 ///  File Name: firefoxappend-dos.txt
Description:
Firefox Interleaving document.write and appendChild denial of service exploit.
File Size:894
Related CVE(s):CVE-2010-3765
Last Modified:Oct 28 04:47:51 2010
MD5 Checksum:9f2a08ee5839137a43eae7ff25a58ad4

 ///  File Name: datacrealwin-overflow.txt
Description:
DATAC RealWin SCADA version 1.06 buffer overflow exploit.
Author:Blake
File Size:3020
Last Modified:Oct 28 04:46:07 2010
MD5 Checksum:321171e772eccf17dd492abee272a3d0

 ///  File Name: novaboard114-lfi.txt
Description:
Novaboard version 1.1.4 suffers from a local file inclusion vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
Related Exploit:novaboard-lfi.txt
File Size:779
Last Modified:Oct 28 04:43:56 2010
MD5 Checksum:edc9109b2c369e4a1eb5d3f0025afad0

 ///  File Name: bloofoxcms-disclose.txt
Description:
BloofoxCMS version 0.3.5 suffers from information disclosure vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:1859
Last Modified:Oct 28 04:41:17 2010
MD5 Checksum:a3473fda45b826f62425194356e06284

 ///  File Name: blogbird-xss.txt
Description:
BlogBird suffers from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:3355
Last Modified:Oct 28 04:38:41 2010
MD5 Checksum:568d008ed7479bc856653e15d5eeafde

 ///  File Name: zomplog39-xssxsrf.txt
Description:
Zomplog version 3.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4632
Last Modified:Oct 28 04:36:12 2010
MD5 Checksum:a7897b5bd7b1c231903b4936e71001d9

 ///  File Name: energine-sql.txt
Description:
Energine CMS suffers from a remote SQL injection vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:895
Last Modified:Oct 28 04:33:52 2010
MD5 Checksum:7b32d1418283edafa347e899f9adac20

 ///  File Name: bloofoxcms-sql.txt
Description:
BloofoxCMS version 0.3.5 suffers from a remote SQL injection vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:1078
Last Modified:Oct 28 04:32:33 2010
MD5 Checksum:ba3f94acf26ea42d42db8b3905693950

 ///  File Name: zomplog39settings-xss.txt
Description:
Zomplog version 3.9 suffers from a cross site scripting vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:2442
Last Modified:Oct 28 04:31:06 2010
MD5 Checksum:e0b40bbdd4e5006e49cb312be5c9b308

 ///  File Name: lespacks-sql.txt
Description:
14H28.com LES PACKS suffers from a remote SQL injection vulnerability.
Author:Cru3l.b0y
File Size:1434
Last Modified:Oct 27 02:08:27 2010
MD5 Checksum:19cf79069905ce0d465ed2fb6c91020b

 ///  File Name: bigace-xsrf.txt
Description:
Bigace version 2.7.3 suffers from a cross site request forgery vulnerability.
Author:Sweet
File Size:2408
Last Modified:Oct 27 02:07:00 2010
MD5 Checksum:9877b30e5aea019ee35c8fe458155c75

 ///  File Name: joomlaprojects-lfisql.txt
Description:
The Joomla Projects component suffers from local file inclusion and remote SQL injection vulnerabilities.
Author:jos_ali_joe
File Size:4529
Last Modified:Oct 27 02:04:52 2010
MD5 Checksum:98dd2711ddec9504dfa90b0a04c48211

 ///  File Name: multisoft-dllhijack.txt
Description:
SmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:19016
Last Modified:Oct 27 01:53:22 2010
MD5 Checksum:c118c7246cd7c320e8d8391e21902f12

 ///  File Name: lpksetup-dllhijack.txt
Description:
Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.
Author:TurboBorland
File Size:1909
Last Modified:Oct 27 01:49:35 2010
MD5 Checksum:7e4c34d2de94b275886a6a3f08e0c3f5

 ///  File Name: apache22-dos.txt
Description:
Apache 2.2 suffers from a local denial of service issue on Windows.
Author:FB1H2S
File Size:1208
Last Modified:Oct 27 01:48:41 2010
MD5 Checksum:d075adc26d259837eed0933ba09f86de

 ///  File Name: nitrosecurityesm-exec.txt
Description:
NitroSecurity ESM version 8.4.0a suffers from a remote code execution vulnerability.
Author:Filip Palian
File Size:2132
Last Modified:Oct 27 01:29:35 2010
MD5 Checksum:db7aea918b88fbcbc8cf6fab57ae636b

 ///  File Name: java_docbase_bof.rb.txt
Description:
This Metasploit module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp" parameter, it will copy the contents of the "docbase" parameter to a stack-buffer using the "sprintf" function. A string of 396 bytes is enough to overflow the 256 byte stack buffer and overwrite some local variables as well as the saved return address. NOTE: The string being copied is first passed through the "WideCharToMultiByte". Due to this, only characters which have a valid localized multibyte representation are allowed. Invalid characters will be replaced with question marks ('?'). This vulnerability was originally discovered independently by both Stephen Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't been done, all versions since version 6 Update 10 are believed to be affected by this vulnerability. This vulnerability was patched as part of the October 2010 Oracle Patch release.
Author:jduck
Homepage:http://www.metasploit.com
File Size:7565
Related CVE(s):CVE-2010-3552
Last Modified:Oct 25 23:32:04 2010
MD5 Checksum:a6f93012454e9ce1c3620cde6ac34d81

 ///  File Name: adobe_shockwave_rcsl_corruption.rb...>
Description:
This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.
Author:David Kennedy
Homepage:http://www.metasploit.com
File Size:4233
Related OSVDB(s):68803
Related CVE(s):CVE-2010-3653
Last Modified:Oct 25 23:29:13 2010
MD5 Checksum:e1353828019e262cd8c405659a8396d2

 ///  File Name: oracle_vm_agent_utl.rb.txt
Description:
This Metasploit module exploits a command injection flaw within Oracle\\'s VM Server Virtual Server Agent (ovs-agent) service. By including shell meta characters within the second parameter to the 'utl_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. NOTE: Valid credentials are required to trigger this vulnerable. The username appears to be hardcoded as 'oracle', but the password is set by the administrator at installation time.
Author:jduck
Homepage:http://www.metasploit.com
File Size:4403
Related OSVDB(s):68797
Related CVE(s):CVE-2010-3585
Last Modified:Oct 25 23:28:32 2010
MD5 Checksum:9692d84c3b4a171ff24ef34f1b1769fb

 ///  File Name: minalic10-dos.py.txt
Description:
MinaliC Webserver version 1.0 suffers from a denial of service vulnerability.
Author:John Leitch
File Size:911
Last Modified:Oct 25 15:44:44 2010
MD5 Checksum:26dfc86d55deb994bf7abebb912ab139

 ///  File Name: minalic10-traversal.txt
Description:
MinaliC Webserver version 1.0 suffers from a directory traversal vulnerability.
Author:John Leitch
File Size:899
Last Modified:Oct 25 15:12:12 2010
MD5 Checksum:2aaef84104b4d0d8af11f4c4ea14182e

 ///  File Name: hpdpmo-dos.txt
Description:
HP Data Protector Media Operations version 6.11 HTTP server remote integer overflow denial of service exploit.
Author:d0lc3
File Size:3496
Last Modified:Oct 25 12:43:22 2010
MD5 Checksum:71be0cc939d7904ef320d5c25aa3f7d5

 ///  File Name: jamb-xsrf.txt
Description:
Jamb suffers from a cross site request forgery vulnerability.
Author:stoke
File Size:5951
Last Modified:Oct 25 12:12:12 2010
MD5 Checksum:6c641c9513cfc750badb356b2d74de26