what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 78

Files

0509-exploits.tgz

Posted Oct 4, 2005

Authored by Todd J. | Site packetstormsecurity.com

New Packet Storm exploits for September, 2005.

tags | exploit

SHA-256 | 673fd938217e57d9b0a2f59c0ba2e5479e186dea5456eb1f4f54ca72e86f95d1

Download | Favorite | View

mantis-poc.tar.gz

Posted Sep 29, 2005

Authored by Joxean Koret

Mantis Bugtracker exploit scanner that looks for versions less than 1.0.0RC2 and greater than 0.18.3 which are vulnerable to XSS and variable poisoning attacks if register_globals is enabled.

tags | exploit

SHA-256 | 846b7601bdc63c621b48e9ed66d2964760dbc83607dfabd16ba2ee2080eb9cd3

Download | Favorite | View

phpfusion600109.txt

Posted Sep 29, 2005

Authored by rgod | Site retrogod.altervista.org

Exploit for PHP-Fusion v6.00.109 SQL Injection and admin credentials disclosure vulnerability.

tags | exploit, php, sql injection

SHA-256 | daf2583ef13b92c146b5f2ec2482196fb716fd13f45b7ee8a9e83eba71b8a70a

Download | Favorite | View

cubecart-3.0.3.txt

Posted Sep 29, 2005

Authored by Lostmon | Site lostmon.blogspot.com

CubeCart 3.0.3 contains a flaw that allows a remote cross site scripting attack. Exploitation provided.

tags | exploit, remote, xss

SHA-256 | daf62f753ab5e93ca8f1a204b23c6ef865d68a6375b29cb6ef28102bbb6e7c60

Download | Favorite | View

mantis-poc.txt

Posted Sep 29, 2005

Authored by Joxean Koret

Mantis Bugtracker versions less than 1.0.0RC2 and greater than 0.18.3 are vulnerable to XSS and variable poisoning attacks if register_globals is enabled.

tags | exploit

SHA-256 | 85dcfcb51f4250c4f8e9ac0aa699db2ed494373073674e22eaf7e532476d42ed

Download | Favorite | View

imap4d_FreeBSD_exploit.c

Posted Sep 29, 2005

Authored by Angelo Rosiello, Johnny Mast | Site rosiello.org

GNU Mailutils version 0.6 imap4d 'search' format string exploit. Written to be used against FreeBSD.

tags | exploit

systems | freebsd

SHA-256 | c56f13dd3e34ba53a2979730289d6e02fa4353b3feb9e642b5f3252d13dfd18a

Download | Favorite | View

lucidCMS.txt

Posted Sep 27, 2005

Authored by X1ngBox

lucidCMS version 1.0.11 is susceptible to a cross site scripting flaw. Exploitation details provided.

tags | exploit, xss

SHA-256 | 8e4f3ee107c1ac2457e5280d808f7db457b257b66a1ce1d10e54e391c9d57732

Download | Favorite | View

OSG_Advisory_13.txt

Posted Sep 27, 2005

Authored by c0ntex | Site open-security.org

RealPlayer and Helix Player remote format string exploit. This flaw makes use of the .rp and .rt file formats. Code tested on Debian 3.1 against RealPlayer 10 Gold's latest version.

tags | exploit, remote

systems | linux, debian

SHA-256 | 6328db676f993820bc2666d3bb3ed814c0ad55dcc1af7e473c92f8ec2ae10ef6

Download | Favorite | View

mtaboom.zip

Posted Sep 26, 2005

Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit for MultiTheftAuto versions 0.5 patch 1 and below. This causes Windows to crash.

tags | exploit, proof of concept

systems | windows

SHA-256 | 7e8041ad033eae6cd20f4d216e558d443dba998b302a4bdf4c6b46835fdf9ece

Download | Favorite | View

contentServ.txt

Posted Sep 26, 2005

Authored by qobaiashi

The ContentServ CMS allows for remote file disclosure. Exploitation details provided.

tags | exploit, remote

SHA-256 | 7f023ffca1207787da7967c8d5fbee488ab07f7b2629827e0b3f0fd32b87fb26

Download | Favorite | View

poppassd-lnx.sh.txt

Posted Sep 26, 2005

Authored by Kingcope

Linux Qpopper poppassd latest version local root exploit.

tags | exploit, local, root

systems | linux

SHA-256 | 359257daa77f9f0e2c89be1a887fb0aee80f2b97f3cb11af5a5f3c2e3e21073d

Download | Favorite | View

poppassd-freebsd.sh.txt

Posted Sep 26, 2005

Authored by Kingcope

FreeBSD Qpopper poppassd latest version local root exploit. Tested on FreeBSD 5.4-RELEASE.

tags | exploit, local, root

systems | freebsd

SHA-256 | ec9e82155213753b712f0aa73de5fe9e2ef20be39dbc88b2b8f9c0fc19bed853

Download | Favorite | View

wzdftpdwarez.pl.txt

Posted Sep 26, 2005

Authored by Kingcope

WzdFTPd versions 0.5.4 and below remote command execution exploit.

tags | exploit, remote

SHA-256 | f7f9963844c4f4bd7d1a8a49da8c384e861ff2cf0f68aaf1cb006cec8543227d

Download | Favorite | View

GeSHi.txt

Posted Sep 26, 2005

Authored by Maksymilian Arciemowicz | Site securityreason.com

GeSHi version 1.0.72 is susceptible to a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 1b769d2ceebbe29458133f77b4b4f3c635e125a1a866a8a371bdfc04f5cfe7df

Download | Favorite | View

cmsXSS.txt

Posted Sep 26, 2005

Authored by X1ngBox

CMS Made Simple 0.10 is susceptible to a cross site scripting attack.

tags | exploit, xss

SHA-256 | ef63f404102edc1137d3a52efae22ba5c90c46ae26e8aab7cf1e6a21d42a4e3e

Download | Favorite | View

maildisgust.txt

Posted Sep 26, 2005

Authored by rgod | Site retrogod.altervista.org

MailGust 1.9 is vulnerable to a SQL injection attack that allows for board takeover. Exploit provided.

tags | exploit, sql injection

SHA-256 | 28ab60a0500bfc5e64b00a09e3e5cfc960c5842cc91fd51bd3f9c015be26ab73

Download | Favorite | View

efriends.txt

Posted Sep 26, 2005

Authored by khc

AlstraSoft E-Friends is susceptible to a remote command execution flaw. Details provided.

tags | exploit, remote

SHA-256 | 04558972c962230e473329bbe394de586e275912854405ac5f3ace9b2e51a9bd

Download | Favorite | View

riverdarkXSS.txt

Posted Sep 24, 2005

Authored by X1ngBox

Riverdark RSS Syndicator version 2.17 is susceptible to cross site scripting attacks.

tags | exploit, xss

SHA-256 | 6088a27b40b8d5a5418660901ae75e2e548a229ca66a4042b59480a19e67bc68

Download | Favorite | View

jPortalSQL.txt

Posted Sep 24, 2005

Authored by krasza | Site krewniacy.pl

jPortal versions 2.2.1 through 2.3.1 suffer from a SQL injection vulnerability. Exploitation details provided.

tags | exploit, sql injection

SHA-256 | 0ba299252a5279ea725d0580269305521c10ef80d327e966584571381b79bb1f

Download | Favorite | View

phpmyfuck151.html

Posted Sep 23, 2005

Authored by rgod | Site retrogod.altervista.org

PhpMyFaq version 1.5.1 is susceptible to SQL injection, board takeover, user information disclosure, and remote code execution flaws. Detailed exploitation provided. Earlier versions are also possibly vulnerable.

tags | exploit, remote, code execution, sql injection, info disclosure

SHA-256 | ff2c0eb1e5ce104f2bbf34ecf0fad2a1b0def7e5f349f3033ec8cf1329d34db7

Download | Favorite | View

pwnzilla.txt

Posted Sep 23, 2005

Authored by SkyLined

PwnZilla 5 - Exploit for the IDN host name heap buffer overrun in Mozilla browsers such as Firefox, Mozilla, and Netscape.

tags | exploit, overflow

advisories | CVE-2005-2871

SHA-256 | 5fd84b75e862d1b3f6cac437ba7e571a8da0bd7fe4f45638c172f865b261d320

Download | Favorite | View

mall23.txt

Posted Sep 23, 2005

Authored by SmOk3

Mall23 is vulnerable to a SQL injection attack in AddItem.asp. Versions below 4.11 are susceptible.

tags | exploit, sql injection, asp

SHA-256 | fcacdb9af24ecc55c9cc26e48a19e53f97a1a239b9986890b7f7cdab5ecf1c30

Download | Favorite | View

mylittle15_16b.txt

Posted Sep 23, 2005

Authored by rgod | Site retrogod.altervista.org

My Little Forum 1.5 SQL injection exploit that retrieves an md5 password hash.

tags | exploit, sql injection

SHA-256 | b4b7674ec734bf8cf70343be51c54991e686bd863a170ca009fa39a32578a784

Download | Favorite | View

Exploit Labs Security Advisory 2005.14

Posted Sep 23, 2005

Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

Perldiver versions 1.x and 2.x suffer from cross site scripting flaws.

tags | exploit, xss

SHA-256 | c119c3422a6ce54a1acc8dfdade412bb0bdd52b52a6876f319a899bcea72823c

Download | Favorite | View

mercury_imap.c

Posted Sep 23, 2005

Authored by c0d3r | Site ihsteam.com

Mercury Mail IMAP server versions 4.01a and below remote buffer overflow exploit.

tags | exploit, remote, overflow, imap

SHA-256 | 6de1fce527298bff499ad54b23ba97800c58408ee63b9cf72ef653e5f389efe2

Download | Favorite | View