ignore security and it'll go away
Showing 1 - 25 of 335 RSS Feed

Files

Packet Storm New Exploits For April, 2011
Posted May 2, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 334 exploits added to Packet Storm in April, 2011.

tags | exploit
systems | linux
MD5 | f0a75b6f63bb645afc5b5e96c74f6cae
MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow
Posted Apr 30, 2011
Authored by Rick, corelanc0d3r | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 (Multi-target exploit). When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows, 7
MD5 | 26923cb503840c5307da191b999e0d76
MJM Core Player 2011 .s3m Stack Buffer Overflow
Posted Apr 30, 2011
Authored by Rick, corelanc0d3r | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 When opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows, 7
MD5 | 20bedf4e31c1f9ca93bc6df99db159c9
Microsoft Office Excel Buffer Overflow
Posted Apr 29, 2011
Authored by webDEViL

Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

tags | exploit, overflow, proof of concept
advisories | CVE-2011-0978
MD5 | 4f5360a8806ec726349e3b14dde3a712
SOOP Portal Raven 1.0b SQL Injection
Posted Apr 29, 2011
Authored by Evil-Thinker

SOOP Portal Raven version 1.0b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4de5194c23210bcbaab62a4339fae57b
Joomla 1.6.0 SQL Injection / PHP Execution
Posted Apr 29, 2011
Authored by James Bercegay | Site metasploit.com

A vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and use those credentials to execute arbitrary PHP code against the target. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.

tags | exploit, arbitrary, php, sql injection
advisories | CVE-2011-1151
MD5 | 1ad33dfea9c4661343e83233196f0d96
phpGraphy 0.9.13b Cross Site Request Forgery / Cross Site Scripting
Posted Apr 29, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpGraphy version 0.9.13b suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 761375171156f440cdf983d309ad40a4
Linksys WRT54G Cross Site Scripting
Posted Apr 29, 2011
Authored by Justin C. Klein Keane

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
MD5 | aa5edbdd4aa13e436f9c2ffc6695daaa
xMatters AlarmPoint APClient 3.2.0 Heap Buffer Overflow
Posted Apr 29, 2011
Authored by Juan Sacco

xMatters AlarmPoint APClient version 3.2.0 suffers from a heap buffer overflow vulnerability.

tags | exploit, overflow
MD5 | e13e698bda246f85641a24baae0b325a
NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 Buffer Overflow
Posted Apr 29, 2011
Authored by chap0

NetOp Remote Control versions 8.0, 9.1, 9.2, and 9.5 buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | d9310f98ea6f926dfae34ee399458140
Kusaba X 0.9.1 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 29, 2011
Authored by Emilio Pinna

Kusaba X versions 0.9.1 and below suffers from a cross site scripting vulnerability and a cross site request forgery vulnerability that allows for arbitrary SQL statement execution.

tags | exploit, arbitrary, xss, csrf
MD5 | c657b34e03f675cf70b98daaa0a66b7c
EMC HomeBase Server Directory Traversal Remote Code Execution
Posted Apr 28, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.

tags | exploit, remote, code execution
systems | windows, xp
advisories | CVE-2010-0620
MD5 | 665a99f652864b621a656a91306656af
Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow
Posted Apr 28, 2011
Authored by sinn3r, Brandon Murphy | Site metasploit.com

This Metasploit module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH overwritten, allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
MD5 | 8a330e0bce7b325ce0bad5d75ca70679
Cook Media Web Development Group SQL Injection
Posted Apr 28, 2011
Authored by Xecuti0N3r

Cook Media Web Development Group suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 19b935bfc74f9a7d3c7b69a458c5b145
Daily Maui Photo Widget WordPress Plugin 0.2 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Daily Maui Photo Widget WordPress plugin version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5b966dd4b2653812e30b3be441a6bae2
WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c6096b11f0c3042f45a9cc68ea45bcf5
PixelGems Remote File Disclosure
Posted Apr 28, 2011
Authored by KnocKout

PixelGems remote file disclosure exploit that leverages a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
MD5 | b7db0ff9d2cc8c63b68ebdfdece32966
eyeOS 1.9.0.2 Cross Site Scripting
Posted Apr 28, 2011
Authored by Alberto Ortega

eyeOS versions 1.9.0.2 and below suffer from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1c6d64cfb48c85f77568faa9d02d2cdc
Shackleton Rollin Remote File Disclosure
Posted Apr 28, 2011
Authored by KnocKout

Shackleton Rollin suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 9a526c002f8c43f6cab8995d096cf33d
BackupPC 3.1.0 Cross Site Scripting
Posted Apr 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

BackupPC version 3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7eb3c187b977517365ec12f67b08dc89
SE Software Technologies SQL Injection
Posted Apr 28, 2011
Authored by Xecuti0N3r

SE Software Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cdba1aaf5f315558c2afeb2a401eb578
libmodplug 0.8.8.2 Buffer Overflow
Posted Apr 28, 2011
Authored by epiphant

libmodplug versions 0.8.8.2 and below .abc stack based buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | 60828e0af6a2e605f3ad080f56be3dc4
xMatters AlarmPoint Java Web Server API 3.2.1 Cross Site Scripting
Posted Apr 28, 2011
Authored by Juan Sacco

xMatters AlarmPoint Java Web Server API version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, java, web, xss
MD5 | 0573456a01d3ebfa74aeffaa9f585535
CMS Made Simple 1.9.4.1 Shell Upload
Posted Apr 28, 2011
Authored by KedAns-Dz

CMS Made Simple versions 1.9.4.1 and below remote shell upload exploit.

tags | exploit, remote, shell
MD5 | d85d49995a75ff06c5341e98e78fc24e
ClanSphere 2011.0 Shell Upload / Local File Inclusion
Posted Apr 28, 2011
Authored by KedAns-Dz

ClanSphere version 2011.0 suffers from shell upload and local file inclusion vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
MD5 | 257fe458dd5b530ad0237d998edef124
Page 1 of 14
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close