accept no compromises
Showing 1 - 25 of 285 RSS Feed

Files

Packet Storm New Exploits For October, 2010
Posted Nov 1, 2010
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 284 exploits added to Packet Storm in October, 2010.

tags | exploit
MD5 | 5242452c69eadf41342d2690d76a683c
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite
Posted Oct 29, 2010
Authored by Kees Cook

Linux kernel arbitrary write memory write via v4l1 compat ioctl exploit.

tags | exploit, arbitrary, kernel
systems | linux
advisories | CVE-2010-2963
MD5 | e4406c49407ec6da26657b3fa7bbd5a9
Free Adult Script 2 SQL Injection
Posted Oct 29, 2010
Authored by HeRoTuRK

Free Adult Script version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8fdb30f112bf9bdc83784fb66bdcfcba
Joomla Jcars SQL Injection
Posted Oct 29, 2010
Authored by Fl0riX

The Joomla Jcars component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 168f1175402ee4df1cb11329bc1dc27f
Firefox Memory Corruption
Posted Oct 29, 2010

This is a simplified memory corruption proof of concept exploit for Firefox.

tags | exploit, proof of concept
advisories | CVE-2010-3765
MD5 | 8b26f4512456a230d56e2d6f845a78a2
mygamingladder MGL Combo System 7.5 SQL Injection
Posted Oct 29, 2010
Authored by Easy Laster

mygamingladder MGL Combo System versions 7.5 and below remote SQL injection exploit that leverages game.php.

tags | exploit, remote, php, sql injection
MD5 | 61579276895b10192aca384a888d59c3
PHPKit 1.6.1 R2 SQL Injection
Posted Oct 29, 2010
Authored by Easy Laster

PHPKit versions 1.6.1 R2 and below remote SQL injection exploit that leverages overview.php.

tags | exploit, remote, php, sql injection
MD5 | 673d8c4b911aed9e80fd11dee182db63
Feindura CMS 1.0rc Cross Site Scripting / Local File Inclusion
Posted Oct 29, 2010
Authored by Wireghoul | Site justanotherhacker.com

Feindura CMS versions 1.0rc and below suffer from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 5c6228b397defd3c0cac80c8df009bc4
Home FTP Server 1.10.3 / 1.11.1 Directory Traversal
Posted Oct 29, 2010
Authored by chr1x

Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a873431ae17f48835410c655973b0fa4
XBMC 9.04.1r20672 Buffer Overflow
Posted Oct 29, 2010
Authored by n00b

XBMC version 9.04.1r20672 soap_action_name post upnp sscanf buffer overflow exploit with windows bindshell code.

tags | exploit, overflow
systems | windows
MD5 | 121b43429b5d96e72da25f8f0482bb29
Firefox Interleaving Denial Of Service
Posted Oct 28, 2010
Authored by Dan Veditz

Firefox Interleaving document.write and appendChild denial of service exploit.

tags | exploit, denial of service
MD5 | 2bd5f2e7f0a067800337755ce6bb788a
Pub-Me CMS Blind SQL Injection
Posted Oct 28, 2010
Authored by H4f

Pub-Me CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 83247e1ea3ced509fe7b2dc5a1c951c5
TFTgallery 0.13.1 Local File Inclusion
Posted Oct 28, 2010
Authored by Havok

TFTgallery version 0.13.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 42e1e7280019945a59dccf3bc170af86
Firefox 3.6.8 Through 3.6.11 Interleaving Exploit
Posted Oct 28, 2010

Firefox versions 3.6.8 through 3.6.11 Interleaving document.write and appendChild exploit from the wild.

tags | exploit
MD5 | 95414e688d0d0e46201e2cc1053dd2ff
Debian 5.0.6 / Ubuntu 10.04 Webshell To Remote Root
Posted Oct 28, 2010
Authored by jmit

Whitepaper discussing how to go from having a webshell to getting remote root using the GNU dynamic linker DSO vulnerability on Debian versions 5.0.6 and below and Ubuntu versions 10.04 and below.

tags | exploit, remote, root
systems | linux, debian, ubuntu
advisories | CVE-2010-3856
MD5 | b5d2edb70a3955504df2b49334ec19bf
W-Agora 4.2.1 Cross Site Scripting / Local File Inclusion
Posted Oct 28, 2010
Authored by MustLive

W-Agora version 4.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 157e2bdc6bbcef7db61c3d5521db6dd0
MyCart 2.0 Cross Site Scripting / SQL Injection / Code Execution
Posted Oct 28, 2010
Authored by Salvatore Fresta

MyCart version 2.0 suffers from cross site scripting, remote SQL injection and code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
MD5 | ed079679309869e074e643a520437e7d
Spring Security Security Constraint Bypass
Posted Oct 28, 2010
Authored by SpringSource Security Team

Spring Security does not consider URL path parameters when processing security constraints. By adding an URL path parameter to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification (see below). Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed.

tags | exploit, root, bypass
advisories | CVE-2010-3700
MD5 | 39d52137898c5484e3318915ce5f0839
Oracle BPEL Console 10.1.3.3.0 Cross Site Scripting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BPEL Console version 10.1.3.3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-3581
MD5 | d4b0e75bfbffdb2ae1a457793c3f4e08
DBHcms 1.1.4 SQL Injection
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

DBHcms version 1.1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2b084f313e03054528d4c912bbbd99f3
MinaliC Webserver 1.0 Source Disclosure / File Download
Posted Oct 28, 2010
Authored by Dr_IDE

MinaliC Webserver 1.0 suffers from remote source disclosure and file download vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
MD5 | 0f936d16876ea0c5e0f76ac9db1cfb3f
NinkoBB 1.3RC5 Cross Site Scripting
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

NinkoBB version 1.35RC5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cf14c1fa80946b5ee48f6e6f5d841186
Oracle BI Publisher HTTP Response Splitting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BI Publisher suffers from a HTTP response splitting vulnerability.

tags | exploit, web
MD5 | 91d3c190354d6032783de15d8392c521
phpLiterAdmin 1.0 RC1 Authentication Bypass
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

phpLiterAdmin version 1.0 RC1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 7dc835a573eae02fc119b0d19072e668
Alstrasoft E-Friends 4.96 Local File Inclusion / Shell Upload / SQL Injection
Posted Oct 28, 2010
Authored by Salvatore Fresta

Alstrasoft E-Friends version 4.96 suffers from local file inclusion, shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, sql injection, file inclusion
MD5 | f6dc046cc48d2419bb8a8ae6819ec7be
Page 1 of 12
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close