Section:  .. / 1010-exploits  /

Page 2 of 12
<< 1 2 3 4 5 6 7 8 9 10 11 12 >> Files 25 - 50 of 284
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: wwbcms-xss.txt
Description:
Wiccle Web Builder CMS and iWiccle CMS Community Builder both suffer from multiple cross site scripting vulnerabilities.
Author:Veerendra G.G
Homepage:http://www.secpod.com/
File Size:9397
Last Modified:Oct 22 02:53:43 2010
MD5 Checksum:6519f6058d267e0a8b8ca19e282d11ab

 ///  File Name: elxiscms-sqlxss.txt
Description:
Elxis CMS version 2009.2 electra rev2631 suffers from SQL injection and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:9355
Last Modified:Oct 5 21:09:56 2010
MD5 Checksum:abed57d0bbf72d38d688f521b8495644

 ///  File Name: homeftp1103-traversal.txt
Description:
Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.
Author:chr1x
Related Exploit:homeftp-traversal.txt
File Size:9329
Last Modified:Oct 29 14:39:33 2010
MD5 Checksum:a873431ae17f48835410c655973b0fa4

 ///  File Name: soliddb_1.tgz
Description:
IBM solidDB versions 6.5.0.3 and below suffer from a remote denial of service vulnerability when receiving a malformed packet.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:9060
Last Modified:Oct 16 02:05:17 2010
MD5 Checksum:f17d35a8a61c8b3e16805d984c1b3c8b

 ///  File Name: SA-20101021-0.txt
Description:
Sawmill Enterprise versions prior to 8.1.7.3 suffers from arbitrary code execution, cross site request forgery, cross site scripting and various other vulnerabilities. suffers from buffer overflow, cross site request forgery, cross site scripting and file disclosure vulnerabilities.
Author:Johannes Greil
Homepage:http://www.sec-consult.com
File Size:8863
Last Modified:Oct 22 02:49:26 2010
MD5 Checksum:84dae5ff07d76b46a06710399212b1ff

 ///  File Name: firefoxappend-wild.txt
Description:
Firefox versions 3.6.8 through 3.6.11 Interleaving document.write and appendChild exploit from the wild.
File Size:8337
Last Modified:Oct 28 12:12:22 2010
MD5 Checksum:95414e688d0d0e46201e2cc1053dd2ff

 ///  File Name: facebook-xssxsrf.txt
Description:
Facebook.com suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:John Jean
Homepage:http://www.wargan.com/
File Size:7722
Last Modified:Oct 4 23:44:30 2010
MD5 Checksum:6b43f99573634f84a8df88ce1f5bfeeb

 ///  File Name: java_docbase_bof.rb.txt
Description:
This Metasploit module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp" parameter, it will copy the contents of the "docbase" parameter to a stack-buffer using the "sprintf" function. A string of 396 bytes is enough to overflow the 256 byte stack buffer and overwrite some local variables as well as the saved return address. NOTE: The string being copied is first passed through the "WideCharToMultiByte". Due to this, only characters which have a valid localized multibyte representation are allowed. Invalid characters will be replaced with question marks ('?'). This vulnerability was originally discovered independently by both Stephen Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't been done, all versions since version 6 Update 10 are believed to be affected by this vulnerability. This vulnerability was patched as part of the October 2010 Oracle Patch release.
Author:jduck
Homepage:http://www.metasploit.com
File Size:7565
Related CVE(s):CVE-2010-3552
Last Modified:Oct 25 23:32:04 2010
MD5 Checksum:a6f93012454e9ce1c3620cde6ac34d81

 ///  File Name: linux-rds-exploit.c
Description:
Linux kernel versions 2.6.36-rc8 and below RDS privilege escalation exploit.
Author:Dan Rosenberg
Homepage:http://www.vsecurity.com/
File Size:6804
Related CVE(s):CVE-2010-3904
Last Modified:Oct 19 23:53:20 2010
MD5 Checksum:54ff3c68fb1a6ff5120c84c765210789

 ///  File Name: PoC_EasyFTP_1.7.0.X_Crash.txt
Description:
EasyFTP version 1.7.0.x denial of service crash exploit.
Author:Inj3cti0n P4ck3t
File Size:6769
Last Modified:Oct 17 22:15:44 2010
MD5 Checksum:72b69300240e5861bff86a2ea0114d05

 ///  File Name: pluxml-xss.txt
Description:
PluXml version 5.0.1 suffers from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:6551
Last Modified:Oct 14 03:11:51 2010
MD5 Checksum:dae65f184e0e915dabcb0cceee3933a6

 ///  File Name: ZSL-2010-4971.txt
Description:
The Altova DatabaseSpy 2011 Enterprise Edition suffers from a buffer overflow / memory corruption vulnerability when handling project files (.qprj).
Author:LiquidWorm
Homepage:http://www.zeroscience.mk/
File Size:6026
Last Modified:Oct 22 02:41:39 2010
MD5 Checksum:37b3b58679dd764547c2e26c5e824833

 ///  File Name: JAHx104.txt
Description:
Feindura CMS versions 1.0rc and below suffer from cross site scripting and local file inclusion vulnerabilities.
Author:Wireghoul
Homepage:http://www.justanotherhacker.com/
File Size:5971
Last Modified:Oct 29 15:18:57 2010
MD5 Checksum:5c6228b397defd3c0cac80c8df009bc4

 ///  File Name: jamb-xsrf.txt
Description:
Jamb suffers from a cross site request forgery vulnerability.
Author:stoke
File Size:5951
Last Modified:Oct 25 12:12:12 2010
MD5 Checksum:6c641c9513cfc750badb356b2d74de26

 ///  File Name: snackamp313b-overflow.txt
Description:
SnackAmp version 3.1.3B malicious SMP buffer overflow exploit with DEP bypass.
Author:Muhamad Fadzil Ramli
File Size:5776
Last Modified:Oct 4 23:38:59 2010
MD5 Checksum:6e264c512e514cfe071b629c254140b2

 ///  File Name: DSECRG-09-029.txt
Description:
Oracle BI Publisher suffers from a HTTP response splitting vulnerability.
Author:Sh2kerr
Homepage:http://www.dsec.ru/
File Size:5500
Last Modified:Oct 28 05:18:29 2010
MD5 Checksum:91d3c190354d6032783de15d8392c521

 ///  File Name: ronnycms-xss.txt
Description:
Ronny CMS version 1.1 r935 suffers from multiple cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:5477
Last Modified:Oct 14 02:35:13 2010
MD5 Checksum:d7026ed6855618cfbdadd5a2ec930776

 ///  File Name: exponentcms-lfidisclosexss.txt
Description:
Exponent CMS version 0.97 suffers from cross site scripting, file disclosure, local file inclusion and shell upload vulnerabilities.
Author:LiquidWorm
Homepage:http://www.zeroscience.mk/
File Size:5430
Last Modified:Oct 14 02:36:47 2010
MD5 Checksum:12bdcac2185754b4b644f251092e1c9b

 ///  File Name: ms09_053_ftpd_nlst.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).
Author:H D Moore,Kingcope
Homepage:http://www.metasploit.com
File Size:5309
Related OSVDB(s):57589
Related CVE(s):CVE-2009-3023
Last Modified:Oct 6 21:16:03 2010
MD5 Checksum:2d7090cb831b8a36bb2070fb81db4f50

 ///  File Name: trendmicro_extsetowner.rb.txt
Description:
This Metasploit module exploits a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX. When sending an invalid pointer to the extSetOwner() function of UfPBCtrl.dll an attacker may be able to execute arbitrary code.
Author:Trancer
Homepage:http://www.metasploit.com
File Size:5305
Related OSVDB(s):67561
Related CVE(s):CVE-2010-3189
Last Modified:Oct 1 22:39:19 2010
MD5 Checksum:f0527cd0b6ef2cbe5f80f07f5f209ee6

 ///  File Name: phpkitoverview-sql.txt
Description:
PHPKit versions 1.6.1 R2 and below remote SQL injection exploit that leverages overview.php.
Author:Easy Laster
File Size:5159
Last Modified:Oct 29 15:43:29 2010
MD5 Checksum:673d8c4b911aed9e80fd11dee182db63

 ///  File Name: ioctl-overwrite.txt
Description:
Linux kernel arbitrary write memory write via v4l1 compat ioctl exploit.
Author:Kees Cook
File Size:5157
Related CVE(s):CVE-2010-2963
Last Modified:Oct 29 16:42:56 2010
MD5 Checksum:e4406c49407ec6da26657b3fa7bbd5a9

 ///  File Name: cagcms-sqlxss.txt
Description:
Cag CMS versions 0.2 and below suffer from cross site scripting and remote blind SQL injection vulnerabilities.
Author:Shamus
File Size:4898
Last Modified:Oct 5 21:07:45 2010
MD5 Checksum:dda01932ed38fc48ff38d1fc72d1ae89

 ///  File Name: phphostingdirectory-disclose.txt
Description:
PHP Hosting Directory version 2.0 database disclosure exploit.
Author:ZoRLu
File Size:4873
Last Modified:Oct 17 22:19:37 2010
MD5 Checksum:cfbf42442dea4968879f55b3349904d7

 ///  File Name: mygamingladder-sql.txt
Description:
mygamingladder MGL Combo System versions 7.5 and below remote SQL injection exploit that leverages game.php.
Author:Easy Laster
File Size:4856
Last Modified:Oct 29 15:45:46 2010
MD5 Checksum:61579276895b10192aca384a888d59c3