Proof of concept exploit for the locally exploitable buffer overflow in Exim version 4.41.
a3703739ac743a76f5e34f4b14e40e5c169129e1431122ee072a0597ad2ba497Siteman version 1.1.9 is susceptible to cross site scripting attacks.
e80dd8eb12e76829443ea47b0ca233d7382c4328f5d33c7d4206955bd26662b5MPM Guestbook Pro 1.05 is susceptible to file inclusion and directory traversal attacks.
bd873c882571bb58ef6d64418f8f55cbf92793860c9f7d62816db4ac2fa81055Remote denial of service proof of concept exploit for the Breed game server that crashes upon accepting an empty UDP packet.
90b331b9e3b1f4f07df307eb710d50ccf1aa56a88ebdb3f89d780cf9049f0898ITA Forum 1.49 SQL injection exploit with one character bruteforce.
2e1f9c9d8e1c7b34aa1a3cd45aac2108339a478a3d27ff0ed4012a4e18b82d51Microsoft Internet Explorer 6 is susceptible to a flaw that allows for malicious file download via manipulation of the File Download Information bar functionality.
9819de7846ae70cadf20f378c91cc61117a83847a9ab9ea1767507c8b371ec78forumKIT 1.0 suffers from a cross site scripting vulnerability.
6838b682b5f32e1beb7f6200c5cdac9786c241115776b6c8d1e6fe8a36c72614STG Security Advisory: An input validation flaw in ZeroBoard can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
0c9e35a9c275bc19120772f641e5b82ca15d9b4c4e3661ccf564440202b8c080Horde 3.0 contains two XSS attacks that can be exploited through GET requests. Once exploited, these requests could be used to execute any javascript commands in the context of that user, potentially including but not limited to reading and deleting email, and stealing authentication tokens.
74a66b7743cd681267539641ac2b61777f2dca3586fbe4f9c385f6dd94d19edfProof of concept exploit for the Windows ANI File Parsing vulnerability along with a complete detailed paper describing the process of creating it.
ffba59f6dfec03389c5e1d961d4a05a3a53fc3cbbf541367bf3885c7b77566d2SGallery version 1.01 suffers from path disclosure, file inclusion, and SQL injection bugs.
63e83634fdc1f28b76fb5d6c48aae1837f5ddd74bbe1b90923816331b5dbc867Arkeia versions 4.2.x, 5.2.x, and 5.3.x all have blank default root passwords and various other flaws.
7d5be354b29fc5701ad583c134c26444425e523e05d233ff9ea5ff438ba0f3f2InternetExploiter 3, .ANI-file Animation header length stack based buffer overflow exploit for Internet Explorer. Uses Cascading Style Sheets to load a malicious animated cursor. Runs a bindshell on port 28876.
2c241ffbbd01971af65ed38f537c9d5cc267d13e058013c5e7fd39635abbc94cexpand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
d3d25f66960b33f304bf4382ad16d8f3fcd86d9c63cf0fd47c4257c388fa98d0Remote buffer overflow exploit for the w3who.dll in Microsoft Windows 2000. Drops to a command shell.
791c811f7b49febb9fa1bb40a85b1ab1d9f1f2712120f52a797cf5c3770e9942Remote Microsoft Windows WINS exploit created by the Metasploit Framework.
389f409a7d45860686e46e3506c07570873310d3c58abcf4654df37406bd247eLSS Security Advisory #LSS-2005-01-03 - There is a privilege escalation and arbitrary file read vulnerability in ftpfile, the Squirrelmail Vacation plugin. Version 0.15 is affected. Detailed exploitation provided.
7688f4089c87f00981c0f9d4b007b41913c9605ad778a2cfa060942962b562f8Remote stack overflow exploit for Veritas Backup Exec. Works for versions 9.1.4691.SP1, 9.1.4691.SP0, and 8.5.3572. Allows for a shell to be bound to port 101 or it spawn a reverse shell as well.
66d099090c243e36b9f7564b05d434f6f4b2b0d4406b819eb60322f646d6b2fcLocal privilege escalation exploit for the improper token validation vulnerability discovered in Microsoft Windows 2000/2003/XP.
ff2667276d645551dbd24afe95ca5f4631323cfd8b7dd7ffb5bbb7cb99e91911Portcullis Security Advisory - The Emotion MediaPartner Web Server version 5.0 suffers from a classic directory traversal attack.
6be621a00b4ac12f30f5e4697e1024e0eab7f2133fbd8e721232b10ea90de2e7The Invision Community Blog system is susceptible to a SQL injection attack on the eid variable.
36265105588ccc92584f9456a31f92502a12abd1b33d0faae8566e5fc2d61e61Woltlab Burning Board Lite version 1.0.0 and 1.0.1e are susceptible to a cross site scripting flaw.
6de24017e17875d943c41277f135a9f35263b691c2126505a2cfda4256449ff4SPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
e36068983fcd00d46f6dcd628206297051c8060e3793ed88228add5b177e6284Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected. Exploit included.
dc8912477cabd4620eccb9621b77afc571d533b90b200dfc6fc0b9d16173ee04Proof of concept denial of service exploit for the Amp II 3D game engine that is susceptible to attack when receiving UDP datagrams of zero bytes.
80d677ae8b10d22ddbe0c994296c32782336b61e029dcafac8acdd83a4c4290d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed