Showing 1 - 25 of 423

Files

Packet Storm New Exploits For August, 2010: Posted Sep 1, 2010; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 422 exploits added to Packet Storm in August, 2010.; tags | exploit; SHA-256 | 697596a1adba8b6c24da7982ffa1b21cd6105089749948577f269282aac6534f; Download | Favorite | View

CartXpress Backup Related / File Disclosure / Shell Upload: Posted Aug 31, 2010; Authored by indoushka; CartXpress suffers from backup related, file disclosure and shell upload vulnerabilities.; tags | exploit, shell, vulnerability, info disclosure; SHA-256 | 6637f55bc566c82cf16fdfe5d5f556388117dfbb01841d832ef2393d72936653; Download | Favorite | View

KeePass Password Safe 2.12 DLL Hijack: Posted Aug 31, 2010; Authored by Aung Khant | Site yehg.net; KeePass Password Safe versions 2.12 and below suffer from a DLL hijacking vulnerability.; tags | exploit; SHA-256 | 27dbb2d7b1a90d919e1bb2569728ac3730bb4f93303001bce971cda7b0ccb700; Download | Favorite | View

WordPress 3.0.1 URL Redirection: Posted Aug 31, 2010; Authored by ItSecTeam; WordPress versions 3.0.1 and below suffer from an URL redirection bug.; tags | exploit; SHA-256 | 818645c1e23f450fea6cea2660c625b0ff9c7478a484a12a6949d2fed28619ca; Download | Favorite | View

Web-Ideas Web Shop Standard SQL Injection: Posted Aug 31, 2010; Authored by Ariko-Security; Web-Ideas Web Shop Standard suffers from a remote SQL injection vulnerability.; tags | exploit, remote, web, sql injection; SHA-256 | a7651507829dd54dda9a367e89e65463d9f40142716e22b30a0fb2b5bb26f1ea; Download | Favorite | View

NING Application Self Replicating Malware: Posted Aug 31, 2010; Authored by James Bercegay; This is a proof of concept, self replicating, social network based malware for NING.; tags | exploit, proof of concept; SHA-256 | de4f62f605510fd85d965fa28f6ecc9117079527689671ded2199c9061472bc2; Download | Favorite | View

Joomla JE FAQ Pro Blind SQL Injection: Posted Aug 31, 2010; Authored by Chip D3 Bi0s; The Joomla JE FAQ component suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4efb76783508ae2e5fc5547ba2be6993b0fda4cf388672d0f263879086b9b54e; Download | Favorite | View

Joomla PicSell Local File Disclosure: Posted Aug 31, 2010; Authored by Craw; The Joomla PicSell component suffers from a file disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | f104f0432e062b97ccdee2889a6ae50f8dda7b11c4129f72b9758f7561add987; Download | Favorite | View

Rapid7 Security Advisory 36: Posted Aug 30, 2010; Authored by H D Moore, Rapid7, Will Vandevanter | Site rapid7.com; Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.; tags | exploit, remote, code execution, asp; advisories | CVE-2009-4444; SHA-256 | d7ff7819bc5c1b9397d022f19065769fe00e58d1169b50c1ef3b83d03e7b2950; Download | Favorite | View

Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution: Posted Aug 30, 2010; Authored by Ruben Santamarta, jduck | Site metasploit.com; This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.; tags | exploit, arbitrary, code execution, activex; systems | windows, apple; advisories | CVE-2010-1818; SHA-256 | ad2a818e38de29a3d18064e2a155fb84222ea75ee5b000f0fd2526843600bd1b; Download | Favorite | View

Apple QuickTime _Marshaled_pUnk Backdoor Parameter Code Execution: Posted Aug 30, 2010; Authored by Ruben Santamarta | Site reversemode.com; Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.; tags | exploit, arbitrary, code execution; systems | apple; SHA-256 | 644b799b15a352ece2eb968a2fc1a39765068d3237f090e9e9ad901abdde450d; Download | Favorite | View

Safari For Windows SGV Denial Of Service: Posted Aug 30, 2010; Authored by Lostmon; Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll.; tags | exploit, denial of service; systems | windows; SHA-256 | e8a5b1311f426408047edca0da8c487d6d0d638b2dd706feca4f561119a2f731; Download | Favorite | View

Microsoft Office Property Code Execution: Posted Aug 30, 2010; Authored by Abhishek Lyall | Site aslitsecurity.com; Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.; tags | exploit, code execution; advisories | CVE-2006-2389; SHA-256 | 67133dc497539753267bc808925df732f7962b52ca82d47cc32471d4d61f8381; Download | Favorite | View

Seagull 0.6.7 Remote File Inclusion: Posted Aug 30, 2010; Authored by FoX HaCkEr; Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities.; tags | exploit, remote, vulnerability, code execution, file inclusion; SHA-256 | 3894dc1f951b61040f513ecb1490578469eca0b554740e2a24a940c336d2f1f9; Download | Favorite | View

CF Image Hosting Script 1.3 Database Disclosure: Posted Aug 30, 2010; Authored by Dr.Saudi; CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 1ad84f8b647c73ca975147161aeab601ff85c2f7bfae97069dfdc3cd0d431148; Download | Favorite | View

Virtual DJ 6.1.2 DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Classity Security Scans | Site classity.nl; Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.; tags | exploit; SHA-256 | dcd25bf9f4bf961d04adc02a8f0bbd62e6d4ff35423f5103c1e5fb84819b57d4; Download | Favorite | View

BS Player 2.56 DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Classity Security Scans | Site classity.nl; BS Player version 2.56 DLL hijacking exploit.; tags | exploit; SHA-256 | 1138e666e26d184783548561e62217e74722851cbc6da3b4fc0a1c1b81932324; Download | Favorite | View

Windows 7 / Vista Backup Utility sdclt.exe fveapi.dll DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Christian Heinrich; Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit.; tags | exploit; systems | windows; SHA-256 | e9a3f70c34d950830c001a7411b170513dad016f68fa1b229c110676f531a7d2; Download | Favorite | View

Daemon Tools Lite 4.35.6.0091 mfc80loc.dll DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Christian Heinrich; Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit.; tags | exploit; SHA-256 | 436b05330dd8f07f7a229810298f9d46708f1f4909e13c4868f11d90655ac9cd; Download | Favorite | View

GuestBookPlus HTML Injection / Comment Bypass: Posted Aug 30, 2010; Authored by MiND; GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities.; tags | exploit, vulnerability; SHA-256 | d04398881aabed711212520e586cce8ba19d2ed3c5f5da45745a3f94fb0bebfe; Download | Favorite | View

QtWeb Browser 3.3 Build 043 DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Aung Khant | Site yehg.net; QtWeb Browser version 3.3 build 043 DLL hijacking exploit.; tags | exploit; SHA-256 | 617db4e1c90c9939fbdbd8c5436f9e0e4902a383aed7ef5c648c7ffc3e984cb9; Download | Favorite | View

Maxthon Browser 2.5.15.1000 DLL Hijacking Exploit: Posted Aug 30, 2010; Authored by Aung Khant | Site yehg.net; Maxthon Browser version 2.5.15.1000 DLL hijacking exploit that leverages dwmapi.dll.; tags | exploit; SHA-256 | 9b1e8fa142f91871934e0a2d596ce588f859cfae3e3053541fc31d58440e123a; Download | Favorite | View

DiY-CMS 1.0 Remote File Inclusion: Posted Aug 30, 2010; Authored by LoSt.HaCkEr; DiY-CMS version 1.0 suffers from multiple remote file inclusion vulnerabilities.; tags | exploit, remote, vulnerability, code execution, file inclusion; SHA-256 | 6948917c7ab62f2632144152024a81ad2bc6d1c6e79cacf87e1734ab2b64b6be; Download | Favorite | View

Nginx 0.6.3.8 Heap Corruption: Posted Aug 30, 2010; Authored by aaron conole; Nginx version 0.6.38 heap corruption exploit.; tags | exploit; SHA-256 | f0e708878e2c5a4352a3ea3e827b14424c654e6bad3d69ea431626585786de0b; Download | Favorite | View

SnackAmp 3.1.2 SMP Buffer Overflow: Posted Aug 30, 2010; Authored by James Fitts; SnackAmp version 3.1.2 malicious .smp file buffer overflow SEH exploit.; tags | exploit, overflow; SHA-256 | 54208ececb82cce17b31786b18bae9ed8790a67e37a93bf876e49f5952ff193d; Download | Favorite | View

Page 1 of 17 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

Files

Top Authors In Last 30 Days

Recent News