what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 335 RSS Feed

Files

Packet Storm New Exploits For April, 2011
Posted May 2, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 334 exploits added to Packet Storm in April, 2011.

tags | exploit
systems | linux
SHA-256 | 743f38c3c668eb2c1cfdc703d384f8c4faebedfd6246d72d48323a87341337ef
MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow
Posted Apr 30, 2011
Authored by Rick, corelanc0d3r | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 (Multi-target exploit). When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows
SHA-256 | 40169fda292d731fa83423db95f72a9157b704f1e0c735313549ab77c3e54b4e
MJM Core Player 2011 .s3m Stack Buffer Overflow
Posted Apr 30, 2011
Authored by Rick, corelanc0d3r | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 When opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows
SHA-256 | b34af7c1a1ed7cf2711905e10f913bce6d4781228c221060be316b6715a150a5
Microsoft Office Excel Buffer Overflow
Posted Apr 29, 2011
Authored by webDEViL

Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

tags | exploit, overflow, proof of concept
advisories | CVE-2011-0978
SHA-256 | e2b8a20317fcb2c65a108738183b164cb42f48896b69cc8d703724161298a74a
SOOP Portal Raven 1.0b SQL Injection
Posted Apr 29, 2011
Authored by Evil-Thinker

SOOP Portal Raven version 1.0b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 705187530713b62e4422e4a4b7cc4b3e15ab53f6245be6f4069d6c04b129a08d
Joomla 1.6.0 SQL Injection / PHP Execution
Posted Apr 29, 2011
Authored by James Bercegay | Site metasploit.com

A vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and use those credentials to execute arbitrary PHP code against the target. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.

tags | exploit, arbitrary, php, sql injection
advisories | CVE-2011-1151
SHA-256 | 28c21a2ec7d950cbd9d0976d7cd73119b9bed67f6d2b34e15cc02ba5fdbc2d93
phpGraphy 0.9.13b Cross Site Request Forgery / Cross Site Scripting
Posted Apr 29, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpGraphy version 0.9.13b suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | fbdabfd29694fefa57ed099cd4597225a08e5e9e1707ccfbdac1e7569375e383
Linksys WRT54G Cross Site Scripting
Posted Apr 29, 2011
Authored by Justin C. Klein Keane

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
SHA-256 | 33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7
xMatters AlarmPoint APClient 3.2.0 Heap Buffer Overflow
Posted Apr 29, 2011
Authored by Juan Sacco

xMatters AlarmPoint APClient version 3.2.0 suffers from a heap buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | dfe1f17a4b315b9eb567317dec5b4f68396be1e0dc312bac7ad5cb3869ad68fa
NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 Buffer Overflow
Posted Apr 29, 2011
Authored by chap0

NetOp Remote Control versions 8.0, 9.1, 9.2, and 9.5 buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 51071e988c3edf11b4a9923524b79005ace98aab816f01362592f4042d07a58c
Kusaba X 0.9.1 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 29, 2011
Authored by Emilio Pinna

Kusaba X versions 0.9.1 and below suffers from a cross site scripting vulnerability and a cross site request forgery vulnerability that allows for arbitrary SQL statement execution.

tags | exploit, arbitrary, xss, csrf
SHA-256 | 64e2bd26377186de93fea5e171b4925473cc45a08142ff4fd3e932681827e225
EMC HomeBase Server Directory Traversal Remote Code Execution
Posted Apr 28, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2010-0620
SHA-256 | e1157c518d84a4ffe3868bae4edb8772e80255a4824a34ca07799e7a7f517728
Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow
Posted Apr 28, 2011
Authored by sinn3r, Brandon Murphy | Site metasploit.com

This Metasploit module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH overwritten, allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
SHA-256 | 26d612333618be29098a0672577a27e3c6d14fed9fd3745d7b80c96b8ea7a1fe
Cook Media Web Development Group SQL Injection
Posted Apr 28, 2011
Authored by Xecuti0N3r

Cook Media Web Development Group suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 5753e094098a7bd0379bc7e35773a8de8aea4d191a595d330ac7d23d48640417
Daily Maui Photo Widget WordPress Plugin 0.2 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Daily Maui Photo Widget WordPress plugin version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3ce415536de4b96ee4985b66cd8380f457622bc1f8badc312859ee148a0f2531
WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a8836eafacba3a9faa51ea0de462b5618a7fb80f46ff27f72fde7b2339bd4e16
PixelGems Remote File Disclosure
Posted Apr 28, 2011
Authored by KnocKout

PixelGems remote file disclosure exploit that leverages a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
SHA-256 | 2e7facf90aaaa0bcdd0ef29248ec91a52c246136d5645ad8eaf30961b54ddecf
eyeOS 1.9.0.2 Cross Site Scripting
Posted Apr 28, 2011
Authored by Alberto Ortega

eyeOS versions 1.9.0.2 and below suffer from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7d4a4e68d121c5860bc7375739b43d9371bb170bdaea8915ae59210fcafb7f60
Shackleton Rollin Remote File Disclosure
Posted Apr 28, 2011
Authored by KnocKout

Shackleton Rollin suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 8a4b30a459bf89489b49464052951aba45564c8d22f8d0c574a62823ada4d336
BackupPC 3.1.0 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

BackupPC version 3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 94caa59ee7f687031cb378f80893959ed9e17654456f0bc3c46700cb4648a125
SE Software Technologies SQL Injection
Posted Apr 28, 2011
Authored by Xecuti0N3r

SE Software Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 55e2527e04b3dd937b6c340e1c1d15332b0a0cd8c58364aa23c1e143136b0a4c
libmodplug 0.8.8.2 Buffer Overflow
Posted Apr 28, 2011
Authored by epiphant

libmodplug versions 0.8.8.2 and below .abc stack based buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | dbfed6a7a58ca7e45c3fb022dda6012d48c3db31b77600aca3592fc6e32e19c4
xMatters AlarmPoint Java Web Server API 3.2.1 Cross Site Scripting
Posted Apr 28, 2011
Authored by Juan Sacco

xMatters AlarmPoint Java Web Server API version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, java, web, xss
SHA-256 | 4d18669ab73ab6d9de1600f56c01ff07b87a8ca67c7effa5cd907e1b5db3d0a5
CMS Made Simple 1.9.4.1 Shell Upload
Posted Apr 28, 2011
Authored by KedAns-Dz

CMS Made Simple versions 1.9.4.1 and below remote shell upload exploit.

tags | exploit, remote, shell
SHA-256 | 92049434cb2bd8f6a583baeff7f79abf85cc49fb49fe0162f4718be889ed112e
ClanSphere 2011.0 Shell Upload / Local File Inclusion
Posted Apr 28, 2011
Authored by KedAns-Dz

ClanSphere version 2011.0 suffers from shell upload and local file inclusion vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
SHA-256 | 4d1a95b9a80050f14fb1622f4741629ba579c1e41dbf79ffe972075e3ddf73e6
Page 1 of 14
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close