Local root exploit for BitchX. Note that BitchX is not normally setuid by default.
15287501f0909a92ceef2b952590a8030acdd609f74bc714559cd9bb0c867974OTRS versions 1.x and 2.x are susceptible to cross site scripting and blind SQL injection attacks.
29a93f181ca50c41c945c33f389fbc58031fd5070257f52be573f16df9624226VHCS version 2.x is susceptible to cross site scripting attacks.
a64c886730a27fa7f9e5d60cb54bd223035aa6ac5fd5675faa7317d401c18841PmWiki version 2.0.12 is susceptible to cross site scripting attacks.
bb96806a02efeecb8751569e66d53ea1c75ed55feba3ba0f94f4ddad337c08d4PHPP version 1.0 is susceptible to cross site scripting vulnerabilities. Exploitation details provided.
9f0b93533446c6334581e450749eed571af105c4644900f436f6f35f2981af5cRemote denial of service exploit that makes use of a blocking feature in Cisco PIX 515E OS version 6.3(3).
7c07d9ecb298f2f95f46e5e969afcb9cb1a27c7b2e68bc042e1e63fd45406c5cTorrential version 1.2 is susceptible to directory traversal attacks.
c7bf8e3081823b5976ffb184e97f79a21ce20602f215062939de5c7fbd892b2eProof of concept html that demonstrates the code execution flaw in the Microsoft Internet Explorer JavaScript Window() vulnerability previously considered to be simply a denial of service flaw.
617a8516e87cb9951f301659df5d7232892ba0344c9836a98fce3a000bf703efNuke ET version 3.2 is susceptible to a remote SQL injection vulnerability. Exploit details provided.
6e87a2b4b8c3d665df6e02aeb92a7b4544566df507f4204295d374396fedcca9The Google Search Appliance allows customization of the search interface through XSLT style sheets. Certain versions of the appliance allow a remote URL to be supplied as the path to the XSLT style sheet. This feature can be abused to perform cross-site scripting (XSS), file discovery, service enumeration, and arbitrary command execution.
37203d5c09bcf28fbbeab1859e32e21af017fb6069bd81867fadf9f42db4c6f1APBoard is susceptible to SQL injection attacks.
c4a8b432f7e2718cab35efefc1c337b2c82a91e0a896aec9b7cd4861e85ca252A flaw in Google's G-Mail system allowed anyone access to any mailbox.
13920fad28ecea1955b62c9880eee1f35a5562d14beb8983db8ccbe96c6896e5Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.
1604f67bacec514f508f5c7fc8b04b4dd59120438f0d160be0c7d0947450916dExponentCMS versions 0.96.3 and higher suffer from multiple vulnerabilities including cross site scripting and SQL injection flaws.
0e37e6100c4a811fd37043b68ef1990fb601a7fe98d28e1341cfc5d8a760dff6Almond Classifieds has a validation flaw that allows remote attacks to edit classifieds of other users.
c2ea57c499f9b5d4f1dfc11fed136b3d188aacf69abec3c897afadb9253456baExoPHPDesk version 1.2 is susceptible to remote code execution attacks. Exploitation details provided.
0fe620751940edd520eb7465d4674eb9fc92ce0c1f7953ab546c197a9ae44898e-Quick Cart is susceptible to multiple cross site scripting and SQL injection flaws. Exploitation details provided.
c0917d9be89c6bc5d4582e3cd2501515dc90fef1c4bbd7dc0cd3d650bec70897PHP-Fusion versions 6.00.206 and below suffer from SQL injection attacks.
5c759a854ef640ac086d20a4e6915f62b1f78fc833f667effd143990303e0ff0iDEFENSE Security Advisory 11.17.05 - Remote exploitation of a directory transversal vulnerability in Qualcomm WorldMail IMAP Server allows attackers to read any email stored on the system. Exploitation details provided. Tested against Qualcomm Worldmail server version 3.0. Other versions may be vulnerable.
01a2547672aa0a6bf533fe4063a9e2b47e5039c817eda96685045473de319554This Metasploit module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
7094ed083e302ef685862bc36e8a4e257722a626bc842428e2cb88d10634019dThis Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
82f85d75854b75afe8ab87082e0ea3e4d896a30bc0feaa556d1fd14f8dfcfc5eProof of concept exploit that generates a flash file able to produce a denial of service condition. Relates to Flash.ocx.
01789d31ef803e09d39f628f47de0dae1c6fc6b70fc2a37c64a85527961cbe23FreeFTPd remote USER buffer overflow exploit for versions 1.0.8 and below.
8da2a5f3da96fa0cafbeead497312b5e06fcdbd17ce4badd50add24f1c732a7cEKINboard version 1.0.3 suffers from SQL injection and remote command execution flaws. Exploit provided.
37aa21917625c66e3b965ff58b2a35944062c2cd2172cb40043662cf6e8ec5aeKAPDA Advisory - XMB version 1.9.3 Nexus (Final) and 1.9.2 Nexus are susceptible to cross site scripting and html injection flaws.
297f8291e00f8750c205028ac1f0e9e23651d985c7c5fbfc6d74a6faf8f0d6f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed