Showing 1 - 25 of 285

Files

Packet Storm New Exploits For October, 2010: Posted Nov 1, 2010; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 284 exploits added to Packet Storm in October, 2010.; tags | exploit; SHA-256 | 109c7f81b0e2739d5ebe2f11c94eee497c45746c5c5de1adbd277418fd305e40; Download | Favorite | View

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite: Posted Oct 29, 2010; Authored by Kees Cook; Linux kernel arbitrary write memory write via v4l1 compat ioctl exploit.; tags | exploit, arbitrary, kernel; systems | linux; advisories | CVE-2010-2963; SHA-256 | 0fb3fe6114ef493e4fab7053e8a06ac577d72940a2bdde07d3c8602f119bf555; Download | Favorite | View

Free Adult Script 2 SQL Injection: Posted Oct 29, 2010; Authored by HeRoTuRK; Free Adult Script version 2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 81fac11dffeb02afbb8b0750c18da13d04fd1eb4279664c0e05eb7e7e54980c8; Download | Favorite | View

Joomla Jcars SQL Injection: Posted Oct 29, 2010; Authored by Fl0riX; The Joomla Jcars component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 65c3bc4dc09d59cb0feb75ac4a731007657b09eb9a143ff1fa451bc83d47ffb6; Download | Favorite | View

Firefox Memory Corruption: Posted Oct 29, 2010; This is a simplified memory corruption proof of concept exploit for Firefox.; tags | exploit, proof of concept; advisories | CVE-2010-3765; SHA-256 | 84f1b73f392b7d5cac24e6fbbd2c87adfae94e7b77462a12739e5959d7c4e4e3; Download | Favorite | View

mygamingladder MGL Combo System 7.5 SQL Injection: Posted Oct 29, 2010; Authored by Easy Laster; mygamingladder MGL Combo System versions 7.5 and below remote SQL injection exploit that leverages game.php.; tags | exploit, remote, php, sql injection; SHA-256 | 692212f64021295c87957567cdc84aeef8aedd138fe9c25560ff5921bfc6d989; Download | Favorite | View

PHPKit 1.6.1 R2 SQL Injection: Posted Oct 29, 2010; Authored by Easy Laster; PHPKit versions 1.6.1 R2 and below remote SQL injection exploit that leverages overview.php.; tags | exploit, remote, php, sql injection; SHA-256 | 60f29fc5837355fd5ef838e4225260e314c73abe5d8f82833f62aba28fcff37f; Download | Favorite | View

Feindura CMS 1.0rc Cross Site Scripting / Local File Inclusion: Posted Oct 29, 2010; Authored by Wireghoul | Site justanotherhacker.com; Feindura CMS versions 1.0rc and below suffer from cross site scripting and local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, xss, file inclusion; SHA-256 | 364e10b51df7e626af9e31c02f0fd1b74762c2df9327f0e6c321824c0b173d53; Download | Favorite | View

Home FTP Server 1.10.3 / 1.11.1 Directory Traversal: Posted Oct 29, 2010; Authored by chr1x; Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 9d81ecb61b5e435a53bf11a418f751e73163b649c341f2fb52a0397841218a0e; Download | Favorite | View

XBMC 9.04.1r20672 Buffer Overflow: Posted Oct 29, 2010; Authored by n00b; XBMC version 9.04.1r20672 soap_action_name post upnp sscanf buffer overflow exploit with windows bindshell code.; tags | exploit, overflow; systems | windows; SHA-256 | 216d6860483a52a2efb4bf88bcd4db93daea540f99880b822a68ceaf94f00786; Download | Favorite | View

Firefox Interleaving Denial Of Service: Posted Oct 28, 2010; Authored by Dan Veditz; Firefox Interleaving document.write and appendChild denial of service exploit.; tags | exploit, denial of service; SHA-256 | 4727d96639dd01ea7d34a8043ef6ba030fec88e8c059e0c06387cafeff334b33; Download | Favorite | View

Pub-Me CMS Blind SQL Injection: Posted Oct 28, 2010; Authored by H4f; Pub-Me CMS suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | c69038e6e913874877ba93de02fbb84a7c1c5266124d084c884ce4519a295083; Download | Favorite | View

TFTgallery 0.13.1 Local File Inclusion: Posted Oct 28, 2010; Authored by Havok; TFTgallery version 0.13.1 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; SHA-256 | f09b64e225e3c5868a573117b7677aa62586f97a4423d22572b6da257862ec9b; Download | Favorite | View

Firefox 3.6.8 Through 3.6.11 Interleaving Exploit: Posted Oct 28, 2010; Firefox versions 3.6.8 through 3.6.11 Interleaving document.write and appendChild exploit from the wild.; tags | exploit; SHA-256 | 68ab654a50c12d46b98a4ef24765f97eb2f6199811379c01b9d09ee60f3de211; Download | Favorite | View

Debian 5.0.6 / Ubuntu 10.04 Webshell To Remote Root: Posted Oct 28, 2010; Authored by jmit; Whitepaper discussing how to go from having a webshell to getting remote root using the GNU dynamic linker DSO vulnerability on Debian versions 5.0.6 and below and Ubuntu versions 10.04 and below.; tags | exploit, remote, root; systems | linux, debian, ubuntu; advisories | CVE-2010-3856; SHA-256 | ae6f799792df2bc63f6efc669e1ba990189cb2b0e37eae9470cd60171c0c72ba; Download | Favorite | View

W-Agora 4.2.1 Cross Site Scripting / Local File Inclusion: Posted Oct 28, 2010; Authored by MustLive; W-Agora version 4.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, xss, file inclusion; SHA-256 | f09e2101de46d7518db6f13e155068cd8d2ff4818c7dac303925148c547871c7; Download | Favorite | View

MyCart 2.0 Cross Site Scripting / SQL Injection / Code Execution: Posted Oct 28, 2010; Authored by Salvatore Fresta; MyCart version 2.0 suffers from cross site scripting, remote SQL injection and code execution vulnerabilities.; tags | exploit, remote, vulnerability, code execution, xss, sql injection; SHA-256 | 643dc205d08e124429bd249200227cf4bbd7bf161761b5cb5bfe7223bc7f4e64; Download | Favorite | View

Spring Security Security Constraint Bypass: Posted Oct 28, 2010; Authored by SpringSource Security Team; Spring Security does not consider URL path parameters when processing security constraints. By adding an URL path parameter to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification (see below). Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed.; tags | exploit, root, bypass; advisories | CVE-2010-3700; SHA-256 | 429e4cf5e844ee3703c922909bb8c267c6740efb53e7fb37de08a3f14ccacd09; Download | Favorite | View

Oracle BPEL Console 10.1.3.3.0 Cross Site Scripting: Posted Oct 28, 2010; Authored by Sh2kerr | Site dsecrg.com; Oracle BPEL Console version 10.1.3.3.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2010-3581; SHA-256 | 8b80837fd9c12c060f51e80f3ef5cf3cb1543ef6936db9fd039e3765f60d152d; Download | Favorite | View

DBHcms 1.1.4 SQL Injection: Posted Oct 28, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; DBHcms version 1.1.4 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | d2dd6e9058c56ff1c12384d40daeb049e5b1faa996a5d530244f174b5ae927a4; Download | Favorite | View

MinaliC Webserver 1.0 Source Disclosure / File Download: Posted Oct 28, 2010; Authored by Dr_IDE; MinaliC Webserver 1.0 suffers from remote source disclosure and file download vulnerabilities.; tags | exploit, remote, vulnerability, info disclosure; SHA-256 | 8057d058681edb872b0ede38d6a1581786fdc2fcf4af38d0137bf955075c6321; Download | Favorite | View

NinkoBB 1.3RC5 Cross Site Scripting: Posted Oct 28, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; NinkoBB version 1.35RC5 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 5f17224c535b3e365f37fcaaef25df946cebc430ee5f7e8408c5691d819be76d; Download | Favorite | View

Oracle BI Publisher HTTP Response Splitting: Posted Oct 28, 2010; Authored by Sh2kerr | Site dsecrg.com; Oracle BI Publisher suffers from a HTTP response splitting vulnerability.; tags | exploit, web; SHA-256 | a16b4a5d2e42764c015a89ca8d14b3e7d1594fc9ccef544177abbde6f3759df3; Download | Favorite | View

phpLiterAdmin 1.0 RC1 Authentication Bypass: Posted Oct 28, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; phpLiterAdmin version 1.0 RC1 suffers from an authentication bypass vulnerability.; tags | exploit, bypass; SHA-256 | f1d430adf9f4a44baf102108163205360dc773aafc1aa7a2ae8eeecd65e8d038; Download | Favorite | View

Alstrasoft E-Friends 4.96 Local File Inclusion / Shell Upload / SQL Injection: Posted Oct 28, 2010; Authored by Salvatore Fresta; Alstrasoft E-Friends version 4.96 suffers from local file inclusion, shell upload and remote SQL injection vulnerabilities.; tags | exploit, remote, shell, local, vulnerability, sql injection, file inclusion; SHA-256 | 3f7c78cec9a527c7d099e788ad41efa89efbd352edf3f4d1674bf8a4003f378f; Download | Favorite | View

Page 1 of 12 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

Files

Top Authors In Last 30 Days

Recent News