Section:  .. / 1010-exploits  /

Page 3 of 12
<< 1 2 3 4 5 6 7 8 9 10 11 12 >> Files 50 - 75 of 284
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: linuxwebshell-remoteroot.txt
Description:
Whitepaper discussing how to go from having a webshell to getting remote root using the GNU dynamic linker DSO vulnerability on Debian versions 5.0.6 and below and Ubuntu versions 10.04 and below.
Author:jmit
File Size:4845
Related CVE(s):CVE-2010-3856
Last Modified:Oct 28 07:25:09 2010
MD5 Checksum:b5d2edb70a3955504df2b49334ec19bf

 ///  File Name: snews-xss.txt
Description:
sNews version 1.7 suffers from a stored cross site scripting vulnerability.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4799
Last Modified:Oct 20 21:38:24 2010
MD5 Checksum:5de025e8946249d7ff19dd2855b210bb

 ///  File Name: xweblogarsiv-sql.txt
Description:
xWeblog version 2.2 remote SQL injection exploit that leverages arsiv.asp.
Author:ZoRLu
File Size:4778
Last Modified:Oct 11 00:52:49 2010
MD5 Checksum:28209b7304551bed8c6bc1c562c2fc1b

 ///  File Name: plesksbm-sqlxss.txt
Description:
Plesk Small Business Manager version 10.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
Author:sqlhacker
File Size:4735
Last Modified:Oct 24 19:14:12 2010
MD5 Checksum:57c5ba485c09dbcf82a0961aba8a0ce8

 ///  File Name: zomplog39-xssxsrf.txt
Description:
Zomplog version 3.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:4632
Last Modified:Oct 28 04:36:12 2010
MD5 Checksum:a7897b5bd7b1c231903b4936e71001d9

 ///  File Name: joomlaprojects-lfisql.txt
Description:
The Joomla Projects component suffers from local file inclusion and remote SQL injection vulnerabilities.
Author:jos_ali_joe
File Size:4529
Last Modified:Oct 27 02:04:52 2010
MD5 Checksum:98dd2711ddec9504dfa90b0a04c48211

 ///  File Name: oracle_vm_agent_utl.rb.txt
Description:
This Metasploit module exploits a command injection flaw within Oracle\\'s VM Server Virtual Server Agent (ovs-agent) service. By including shell meta characters within the second parameter to the 'utl_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. NOTE: Valid credentials are required to trigger this vulnerable. The username appears to be hardcoded as 'oracle', but the password is set by the administrator at installation time.
Author:jduck
Homepage:http://www.metasploit.com
File Size:4403
Related OSVDB(s):68797
Related CVE(s):CVE-2010-3585
Last Modified:Oct 25 23:28:32 2010
MD5 Checksum:9692d84c3b4a171ff24ef34f1b1769fb

 ///  File Name: bkahaber-disclose.txt
Description:
Bka Haber version 1.0 suffers from a file disclosure vulnerability.
Author:ZoRLu
File Size:4323
Last Modified:Oct 4 01:18:21 2010
MD5 Checksum:1aba5c19164697fcb01d54704330445e

 ///  File Name: pulsepro-xss.txt
Description:
Pulse Pro version 1.4.3 suffers from a persistent cross site scripting vulnerability.
Author:Th3 RDX
File Size:4300
Last Modified:Oct 24 20:21:11 2010
MD5 Checksum:6baf2a8035fecfaa5018651adace725a

 ///  File Name: mycart-execsqlxss.txt
Description:
MyCart version 2.0 suffers from cross site scripting, remote SQL injection and code execution vulnerabilities.
Author:Salvatore Fresta
File Size:4253
Last Modified:Oct 28 06:58:30 2010
MD5 Checksum:ed079679309869e074e643a520437e7d

 ///  File Name: adobe_shockwave_rcsl_corruption.rb...>
Description:
This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.
Author:David Kennedy
Homepage:http://www.metasploit.com
File Size:4233
Related OSVDB(s):68803
Related CVE(s):CVE-2010-3653
Last Modified:Oct 25 23:29:13 2010
MD5 Checksum:e1353828019e262cd8c405659a8396d2

 ///  File Name: abhimanyu-sql.txt
Description:
Abhimanyu Infotech SQL injection exploit that leverages show_news.php.
Author:ZoRLu
File Size:4149
Last Modified:Oct 4 23:25:04 2010
MD5 Checksum:7861d217b5b5e6db89a9c64cc5371f16

 ///  File Name: syncbreeze-overflow.txt
Description:
Sync Breeze Server version 2.2.30 remote buffer overflow exploit.
Author:xsploited Security
File Size:4143
Last Modified:Oct 11 05:24:57 2010
MD5 Checksum:c72847959a9f21054c7ef695540b2740

 ///  File Name: windowsmobile-dos.txt
Description:
Windows Mobile versions 6.1 and 6.5 suffer from a double free denial of service.
Author:Celil Unuver
File Size:4132
Last Modified:Oct 22 02:43:07 2010
MD5 Checksum:8d3e8f20bb50ef934646c26e88310766

 ///  File Name: fileapp-traversal.txt
Description:
FileApp versions below 2.0 for iPhone, iPad and iPod Touch suffers from a directory traversal vulnerability.
Author:m0ebiusc0de
File Size:3949
Last Modified:Oct 4 01:54:07 2010
MD5 Checksum:3aabf9679e30bc301ff44841a77158a2

 ///  File Name: nuance_pdf_launch_overflow.rb.txt
Description:
This Metasploit module exploits a stack buffer overflow in Nuance PDF Reader v6.0. The vulnerability is triggered when opening a malformed PDF file that contains an overly long string in a /Launch field. This results in overwriting a structured exception handler record. This exploit does not use javascript.
Author:Rick,corelanc0d3r
Homepage:http://www.metasploit.com
File Size:3870
Related OSVDB(s):68514
Last Modified:Oct 13 02:10:25 2010
MD5 Checksum:6f6a9fe2850fbbba68008f1135580e7e

 ///  File Name: chipmunkboard13-sql.txt
Description:
Chipmunk Board version 1.3 suffers from a remote SQL injection vulnerability.
Author:Shamus
File Size:3828
Last Modified:Oct 1 22:37:24 2010
MD5 Checksum:0c25b85efec2aa6856547d4ff75fc325

 ///  File Name: BONSAI-2010-0109.txt
Description:
Oracle Virtual Server Agent suffers from a command injection vulnerability. Oracle Virtual Server release 2.2.0 with Oracle VM Agent 2.3 is affected.
Author:N. Grisolia
Homepage:http://www.bonsai-sec.com/
File Size:3825
Last Modified:Oct 14 02:20:00 2010
MD5 Checksum:6eb37bf08586c799bd920d72f552351a

 ///  File Name: smartftp-dllhijack.txt
Description:
SmartFTP DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:3818
Last Modified:Oct 4 01:22:13 2010
MD5 Checksum:5f9725b6a8deb263ce44546381e59688

 ///  File Name: springsource-bypass.txt
Description:
Spring Security does not consider URL path parameters when processing security constraints. By adding an URL path parameter to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification (see below). Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed.
Author:SpringSource Security Team
File Size:3754
Related CVE(s):CVE-2010-3700
Last Modified:Oct 28 06:55:01 2010
MD5 Checksum:39d52137898c5484e3318915ce5f0839

 ///  File Name: diskpulseserver-overflow.txt
Description:
A vulnerability exists in the way Disk Pulse Server version 2.2.34 process a remote client's "GetServerInfo" request. The vulnerability is caused due to a boundary error in libpal.dll when handling network messages and can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 9120.
Author:xsploited Security
File Size:3584
Last Modified:Oct 13 02:05:17 2010
MD5 Checksum:e64c3bef71ba20d0d9c895745bfcc567

 ///  File Name: hpdpmo-dos.txt
Description:
HP Data Protector Media Operations version 6.11 HTTP server remote integer overflow denial of service exploit.
Author:d0lc3
File Size:3496
Last Modified:Oct 25 12:43:22 2010
MD5 Checksum:71be0cc939d7904ef320d5c25aa3f7d5

 ///  File Name: avastfree-dllhijack.txt
Description:
Avast Free Antivirus version 5.0.677 DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:3429
Last Modified:Oct 19 02:54:48 2010
MD5 Checksum:73e93bf059145ea5d8daa49cc34e9c58

 ///  File Name: avirapremium-dllhijack.txt
Description:
Avira Premium version 9.0.0.420 DLL hijacking exploit.
Author:anT!-Tr0J4n
File Size:3426
Last Modified:Oct 19 02:53:08 2010
MD5 Checksum:c261e3473a4cb7f84e1c3bd84b6f3cc4

 ///  File Name: evaria-disclose.txt
Description:
Evaria CMS version 1.1 suffers from a file disclosure vulnerability.
Author:khayeye shotor
File Size:3422
Last Modified:Oct 1 22:26:50 2010
MD5 Checksum:5ab6a3cbf930aef3afff0ecbd1eca6db