Twenty Year Anniversary
Showing 1 - 25 of 285 RSS Feed

Files

Packet Storm New Exploits For October, 2010
Posted Nov 1, 2010
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 284 exploits added to Packet Storm in October, 2010.

tags | exploit
MD5 | 5242452c69eadf41342d2690d76a683c
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite
Posted Oct 29, 2010
Authored by Kees Cook

Linux kernel arbitrary write memory write via v4l1 compat ioctl exploit.

tags | exploit, arbitrary, kernel
systems | linux
advisories | CVE-2010-2963
MD5 | e4406c49407ec6da26657b3fa7bbd5a9
Free Adult Script 2 SQL Injection
Posted Oct 29, 2010
Authored by HeRoTuRK

Free Adult Script version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8fdb30f112bf9bdc83784fb66bdcfcba
Joomla Jcars SQL Injection
Posted Oct 29, 2010
Authored by Fl0riX

The Joomla Jcars component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 168f1175402ee4df1cb11329bc1dc27f
Firefox Memory Corruption
Posted Oct 29, 2010

This is a simplified memory corruption proof of concept exploit for Firefox.

tags | exploit, proof of concept
advisories | CVE-2010-3765
MD5 | 8b26f4512456a230d56e2d6f845a78a2
mygamingladder MGL Combo System 7.5 SQL Injection
Posted Oct 29, 2010
Authored by Easy Laster

mygamingladder MGL Combo System versions 7.5 and below remote SQL injection exploit that leverages game.php.

tags | exploit, remote, php, sql injection
MD5 | 61579276895b10192aca384a888d59c3
PHPKit 1.6.1 R2 SQL Injection
Posted Oct 29, 2010
Authored by Easy Laster

PHPKit versions 1.6.1 R2 and below remote SQL injection exploit that leverages overview.php.

tags | exploit, remote, php, sql injection
MD5 | 673d8c4b911aed9e80fd11dee182db63
Feindura CMS 1.0rc Cross Site Scripting / Local File Inclusion
Posted Oct 29, 2010
Authored by Wireghoul | Site justanotherhacker.com

Feindura CMS versions 1.0rc and below suffer from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 5c6228b397defd3c0cac80c8df009bc4
Home FTP Server 1.10.3 / 1.11.1 Directory Traversal
Posted Oct 29, 2010
Authored by chr1x

Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a873431ae17f48835410c655973b0fa4
XBMC 9.04.1r20672 Buffer Overflow
Posted Oct 29, 2010
Authored by n00b

XBMC version 9.04.1r20672 soap_action_name post upnp sscanf buffer overflow exploit with windows bindshell code.

tags | exploit, overflow
systems | windows
MD5 | 121b43429b5d96e72da25f8f0482bb29
Firefox Interleaving Denial Of Service
Posted Oct 28, 2010
Authored by Dan Veditz

Firefox Interleaving document.write and appendChild denial of service exploit.

tags | exploit, denial of service
MD5 | 2bd5f2e7f0a067800337755ce6bb788a
Pub-Me CMS Blind SQL Injection
Posted Oct 28, 2010
Authored by H4f

Pub-Me CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 83247e1ea3ced509fe7b2dc5a1c951c5
TFTgallery 0.13.1 Local File Inclusion
Posted Oct 28, 2010
Authored by Havok

TFTgallery version 0.13.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 42e1e7280019945a59dccf3bc170af86
Firefox 3.6.8 Through 3.6.11 Interleaving Exploit
Posted Oct 28, 2010

Firefox versions 3.6.8 through 3.6.11 Interleaving document.write and appendChild exploit from the wild.

tags | exploit
MD5 | 95414e688d0d0e46201e2cc1053dd2ff
Debian 5.0.6 / Ubuntu 10.04 Webshell To Remote Root
Posted Oct 28, 2010
Authored by jmit

Whitepaper discussing how to go from having a webshell to getting remote root using the GNU dynamic linker DSO vulnerability on Debian versions 5.0.6 and below and Ubuntu versions 10.04 and below.

tags | exploit, remote, root
systems | linux, debian, ubuntu
advisories | CVE-2010-3856
MD5 | b5d2edb70a3955504df2b49334ec19bf
W-Agora 4.2.1 Cross Site Scripting / Local File Inclusion
Posted Oct 28, 2010
Authored by MustLive

W-Agora version 4.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | 157e2bdc6bbcef7db61c3d5521db6dd0
MyCart 2.0 Cross Site Scripting / SQL Injection / Code Execution
Posted Oct 28, 2010
Authored by Salvatore Fresta

MyCart version 2.0 suffers from cross site scripting, remote SQL injection and code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
MD5 | ed079679309869e074e643a520437e7d
Spring Security Security Constraint Bypass
Posted Oct 28, 2010
Authored by SpringSource Security Team

Spring Security does not consider URL path parameters when processing security constraints. By adding an URL path parameter to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification (see below). Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed.

tags | exploit, root, bypass
advisories | CVE-2010-3700
MD5 | 39d52137898c5484e3318915ce5f0839
Oracle BPEL Console 10.1.3.3.0 Cross Site Scripting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BPEL Console version 10.1.3.3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-3581
MD5 | d4b0e75bfbffdb2ae1a457793c3f4e08
DBHcms 1.1.4 SQL Injection
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

DBHcms version 1.1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2b084f313e03054528d4c912bbbd99f3
MinaliC Webserver 1.0 Source Disclosure / File Download
Posted Oct 28, 2010
Authored by Dr_IDE

MinaliC Webserver 1.0 suffers from remote source disclosure and file download vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
MD5 | 0f936d16876ea0c5e0f76ac9db1cfb3f
NinkoBB 1.3RC5 Cross Site Scripting
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

NinkoBB version 1.35RC5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cf14c1fa80946b5ee48f6e6f5d841186
Oracle BI Publisher HTTP Response Splitting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BI Publisher suffers from a HTTP response splitting vulnerability.

tags | exploit, web
MD5 | 91d3c190354d6032783de15d8392c521
phpLiterAdmin 1.0 RC1 Authentication Bypass
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

phpLiterAdmin version 1.0 RC1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 7dc835a573eae02fc119b0d19072e668
Alstrasoft E-Friends 4.96 Local File Inclusion / Shell Upload / SQL Injection
Posted Oct 28, 2010
Authored by Salvatore Fresta

Alstrasoft E-Friends version 4.96 suffers from local file inclusion, shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, sql injection, file inclusion
MD5 | f6dc046cc48d2419bb8a8ae6819ec7be
Page 1 of 12
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Yahoo! Fined $35 Million For Covering Up Security Breach
Posted Apr 25, 2018

tags | headline, hacker, government, privacy, usa, data loss, yahoo
Someone Is Trying To Extort iPhone Crackers GrayShift With Leaked Code
Posted Apr 25, 2018

tags | headline, hacker, phone, data loss, apple
1 Million US Children Affected By Identity Theft Last Year
Posted Apr 24, 2018

tags | headline, usa, cybercrime, fraud, identity theft
The Unpatchable Exploit That Makes Every Current Nintendo Switch Hackable
Posted Apr 24, 2018

tags | headline, hacker, flaw, nintendo
Police Visit Funeral Home To Unlock Dead Man's Phone
Posted Apr 24, 2018

tags | headline, government, privacy, usa, phone
Satan Ransomware Adds EternalBlue Exploit
Posted Apr 24, 2018

tags | headline, malware, microsoft, flaw, zero day, nsa
WikiLeaks, Russia, Trump Jr. Named In New DNC Hacking Lawsuit
Posted Apr 23, 2018

tags | headline, government, usa, russia, data loss, fraud, cyberwar
Quihoo 360 Finds Windows Zero Day, Stays Schtum On Specifics
Posted Apr 23, 2018

tags | headline, microsoft, china, flaw
Gmail Spam Mystery: Why Have Secure Accounts Started Spamming Themselves?
Posted Apr 23, 2018

tags | headline, email, spam, google
Iran's Banks Banned From Dealing In Crypto Currencies
Posted Apr 23, 2018

tags | headline, government, bank, iran, cryptography
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close