exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 84 RSS Feed

Files

ag22sql.txt
Posted Dec 26, 2005
Authored by BHST

Advanced Guestbook version 2.2 suffers from a SQL injection flaw in the username variable. The SQL injection flaw for the password variable was discovered for this same version back in April of 2004.

tags | exploit, sql injection
SHA-256 | f61e489b60efad5c4eda08398798cbbdef01b872ac38d8958e369bbe80739c1a
hcXSS.txt
Posted Dec 26, 2005
Authored by Lone Rider Knight

Hosting Controller is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 9177f651653cd03b8f7050039aa7280d2dcd1416da8d49e0127f4f47d917a413
AppScanQA-RemoteCodeExec-PoC.zip
Posted Dec 18, 2005
Authored by Mariano Nunez Di Croce | Site cybsec.com

Proof of concept exploit for AppScan QA versions 5.0.x that stages itself as a webserver and exploits a buffer overflow via the WWW-Authenticate header of a 401 HTTP response.

tags | exploit, web, overflow, proof of concept
SHA-256 | 8e6c615c470e86daee1e69fc755f9f8e66eaf7382354ecd5c7fd8dc9c81e3cba
marmaraXSS.txt
Posted Dec 18, 2005
Authored by B3g0k

MarmaraWeb E-Commerce is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 130a2bb8c6d6b20e69d733c3c0bab05a1aea9a1cdc1bd7e972e738d868d97b69
limbo1042_xpl.txt
Posted Dec 15, 2005
Authored by rgod | Site retrogod.altervista.org

LIMBO CMS versions 1.0.4.2 and below suffer from blind SQL injection, cross site scripting, local file inclusion, remote code execution, and other fun flaws. Exploit provided.

tags | exploit, remote, local, code execution, xss, sql injection, file inclusion
SHA-256 | 4d7f73b2b9ce04212d8673ee53a09e830c0b56830ddc389c64f6db002b24cbb4
ibm_css.txt
Posted Dec 15, 2005
Authored by Dr. Insane

IBM Websphere 6 sample scripts are susceptible to cross site scripting vulnerabilities. Details provided.

tags | exploit, vulnerability, xss
SHA-256 | 9e09a3297b7ac63c5723f042e60e68336089ae1baa79a68fb8a0de87ed180f05
bypassXSSnuke.txt
Posted Dec 15, 2005
Authored by Maksymilian Arciemowicz | Site securityreason.com

PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.

tags | exploit, xss, bypass
SHA-256 | b822066411260c1bad7f9ab633bb20601f987a203ef129643115c960a7336b8c
MS05-053.c
Posted Dec 14, 2005
Authored by Winny Thomas

Microsoft Windows Metafile (WMF) remote exploit which takes advantage of the bug known as ms05-053. This program creates a special .wmf file which crashes IE by overflowing the "mtNoObjects" header.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 8a69e2857d794a4dbba1f6eb8fe50a28af6da1e116e413522bef8d7a68279195
CounterDoS.c
Posted Dec 14, 2005
Authored by Iman Karim | Site home.inf.fh-rhein-sieg.de

Counter Strike 2D denial of service exploit that affects versions 0.1.0.1 and below.

tags | exploit, denial of service
SHA-256 | cb1001e86d9a7f9bccd81b9253e0b87ff9acbce3407259d4304e537114d3c854
openview_connectednodes_exec.pm.txt
Posted Dec 14, 2005
Authored by Valerio Tesei

This Metasploit module exploits an arbitrary command execution vulnerability in the HP OpenView connectedNodes.ovpl CGI application. The results of the command will not be displayed to the screen.

tags | exploit, arbitrary, cgi
advisories | CVE-2005-2773
SHA-256 | d646fce74ad83e7e6272baf588f3dee72965b9ac4d3228c55902d45feeb20878
oracle9i_xdb_http.pm.txt
Posted Dec 14, 2005
Authored by y0

This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service.

tags | exploit, web, overflow
SHA-256 | 4f4b1da5eb055a4a7fb509da7b708e276fbf6eb7e21f623f4d5f462f7c6375a2
fireburn.txt
Posted Dec 14, 2005
Authored by Aviv Raff | Site aviv.raffon.net

Proof of concept exploit for Firefox 1.0.4 for the InstallVersion.compareTo() vulnerability. Needs functional shellcode to work.

tags | exploit, shellcode, proof of concept
SHA-256 | 1ee1c947181c895864e1192cc8eba3c0c8fee83ced31bcb342f003342522e9b7
adpHashdisclose.txt
Posted Dec 14, 2005
Authored by Liz0ziM | Site biyo.tk

ADP Forum versions 2.0 through 2.0.3 suffers from a direct download flaw that discloses users' password hashes.

tags | exploit
SHA-256 | 994153cca5049cdb9d666d542a704146567edfd41e3d7d5c0530e89ca29a65af
phpcoin_122_sql_xpl.html
Posted Dec 14, 2005
Authored by rgod | Site retrogod.altervista.org

PhpCOIN version 1.2.2 blind SQL injection and remote code execution exploit.

tags | exploit, remote, code execution, sql injection
SHA-256 | e6491b9115632445f1126b4ada53cf24b74da78938376be7c8910c4a2dd5712a
phpcoin_122_incl_xpl.html
Posted Dec 14, 2005
Authored by rgod | Site retrogod.altervista.org

PhpCOIN version 1.2.2 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 530d3b16ddc3460e10120364301c0eaa44d6ac142a89ea0f60a8aebd1f7a7f58
phpcoin122.html
Posted Dec 14, 2005
Authored by rgod | Site retrogod.altervista.org

PhpCOIN version 1.2.2 is susceptible to arbitrary file inclusion, blind SQL injection, and path disclosure attacks.

tags | exploit, arbitrary, sql injection, file inclusion
SHA-256 | ccf829e31e902456ba3a368066bf407b79e58fa4c14c4e4c4b37ec709e45bd34
BTGrup.txt
Posted Dec 14, 2005
Authored by khc

The BTGrup Admin WebController script is susceptible to a SQL injection attack.

tags | exploit, sql injection
SHA-256 | b719868fda75ccd00a066f7b0e6d235e7c927652ad88980c526e0c0fdd2c7e0a
imoelPassword.txt
Posted Dec 14, 2005
Authored by mehrtash mallahzadeh | Site ashiyane.com

Direct download access of the setting.php file in IMOEL CMS allows for disclosure of the SQL password.

tags | exploit, php
SHA-256 | 5a036ecf1cada1215eb1d1841f9db1825d1b5e76ddb379b1d75ba669e51bbb2b
SEC-20051211-0.txt
Posted Dec 14, 2005
Authored by Johannes Greil | Site sec-consult.com

SEC-CONSULT Security Advisory 20051211-0 - Horde versions 3.0.7 and below, Kronolith versions 2.0.5 and below, Mnemo version 2.0.2 and below, Nag versions 2.0.3 and below, and Turba versions 2.0.4 and below are susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | c971b6b1b86188e28d857b6287052b9a960d81bb8b8bd7a342c6654bae0023c5
arabPortalSQL.txt
Posted Dec 14, 2005
Authored by Devil-00

Arab Portal System version 2 Beta 2 is susceptible to SQL injection attacks.

tags | exploit, sql injection
SHA-256 | 8ed542c8bb2e68c258ca9db9f331286de134518d34e2f75051d1229618818683
mkportalXSS.txt
Posted Dec 14, 2005
Authored by spyMASter | Site cyber-warrior.org

MkPortal with smf forum is susceptible to a cross site scripting flaw.

tags | exploit, xss
SHA-256 | 07ddae4cf44667caee7686ee02625360231af132193d53ab07005122af6fcff2
Bb_6.zip
Posted Dec 14, 2005
Authored by Dr. Insane

Blackboard versions 6.3.1.424 and 6.2.3.23 (and possibly earlier versions) are susceptible to login bypass, spoofing of announcements, and proxying flaws.

tags | exploit, spoof
SHA-256 | 331a49af627787883419c0c9e4460b5e8ad05d06e93206251a257c4c6560b7f4
flatnuke256_xpl.txt
Posted Dec 14, 2005
Authored by rgod | Site retrogod.altervista.org

Flatnuke version 2.5.6 privilege escalation and remote command execution exploit.

tags | exploit, remote
SHA-256 | 25dc4a2e2a4d20de1336f594f2ac821a8a7f71669a46f73405a64777584cc7e2
MilliScripts14.txt
Posted Dec 14, 2005
Authored by Luis Cortes, Vicente Perez | Site securitynation.com

MilliScripts version 1.4 is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | e231cd1c693f770d8da728ef294316ce1786e3778a07d6a5e8e480fd07fe33f8
SMF11SQL.txt
Posted Dec 14, 2005
Authored by trueend5 | Site KAPDA.ir

Simple Machines Forum version 1.1 rc1 is susceptible to SQL injection attacks.

tags | exploit, sql injection
SHA-256 | fd048e492eda40c3d6301b7ec2d684adefb8d1c98ef0a539b0d176e3ac246fc0
Page 2 of 4
Back1234Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
APT Lazarus Targets Engineers With macOS Malware
Posted Aug 18, 2022

tags | headline, hacker, malware, apple
Update Chrome Now To Patch Actively Exploited Zero Day
Posted Aug 18, 2022

tags | headline, flaw, google, patch, zero day, chrome
How A Third Party SMS Service Was Used To Take Over Signal Accounts
Posted Aug 18, 2022

tags | headline, hacker, phone, flaw, password, cryptography
Russian Military Uses Chinese Drones And Bots In Combat
Posted Aug 17, 2022

tags | headline, government, russia, china, botnet, cyberwar, spyware, military
Vulnerability Wholesaler Cuts Disclosure Times Over Poor Quality Patches
Posted Aug 17, 2022

tags | headline, hacker, flaw
Mozilla Finds 18 Of 25 Popular Reproductive Health Apps Leak Data
Posted Aug 17, 2022

tags | headline, privacy, phone, data loss, mozilla
SEC Says Brokerage Accounts Hijacked For $1.3m Scam
Posted Aug 17, 2022

tags | headline, government, usa, cybercrime, fraud, password
Users Of Zoom On Macs Told To Update App As Company Issues Security Fix
Posted Aug 17, 2022

tags | headline, flaw, apple
Lawmakers Accuse DHS Watchdog Of Obstruction In Probe Of Secret Service Texts
Posted Aug 17, 2022

tags | headline, government, usa, phone, data loss, fraud
U.K. Water Supplier Hit With Clop Ransomware Attack
Posted Aug 16, 2022

tags | headline, malware, britain
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close