Showing 51 - 75 of 253

Files

Pixprod SQL Injection: Posted May 26, 2011; Authored by Kalashinkov3; Pixprod suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4f14da5e2eba7ca7a8a87f39094df5b3d376593cf4a135c3881900789951bcc1; Download | Favorite | View

AWStats Totals 1.14 Remote Command Execution: Posted May 26, 2011; Authored by Patrick Webster | Site metasploit.com; This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.; tags | exploit, arbitrary, php; advisories | CVE-2008-3922, OSVDB-47807; SHA-256 | 5a5ef1d851e7541e28de7b53546932d0881adc18c9f19c4d8ea20156248a6ea5; Download | Favorite | View

Clipbucket 2.4 RC2 645 SQL Injection: Posted May 25, 2011; Authored by AutoSec Tools | Site autosectools.com; A SQL injection vulnerability in Clipbucket version 2.4 RC2 645 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.; tags | exploit, arbitrary, shell, php, sql injection; SHA-256 | 6f0d10f78695697be08aaad71f69ebf5932985db42e1fc464f2a06ce15f1d538; Download | Favorite | View

eGroupware 1.8.001.20110421 Local File Inclusion: Posted May 25, 2011; Authored by AutoSec Tools | Site autosectools.com; A local file inclusion vulnerability in eGroupware version 1.8.001.20110421 can be exploited to include arbitrary files.; tags | exploit, arbitrary, local, file inclusion; SHA-256 | 07ccc0d9a68de349319a1eceb37a6094b2810ad1e924bc4870669646a7b55753; Download | Favorite | View

eGroupware 1.8.001.20110421 Open Redirect: Posted May 25, 2011; Authored by AutoSec Tools | Site autosectools.com; An open redirect in eGroupware version 1.8.001.20110421 can be exploited to redirect users to an arbitrary URL.; tags | exploit, arbitrary; SHA-256 | b4a29e3964e1d7bd72995d10043cf6c74cf999a044fb3fe26884221a0473da93; Download | Favorite | View

PHP Socket connect() Stack Buffer Overflow: Posted May 25, 2011; Authored by Filip Palian, Marek Kroemeke, Mateusz Kocielski; PHP socket connect() stack buffer overflow proof of concept code.; tags | exploit, overflow, php, proof of concept; advisories | CVE-2011-1938; SHA-256 | 6abcba91bf7177e20f4ef770653563e589f25adaafe8dc216b107fff5b5e35b9; Download | Favorite | View

ExtCalendar 2.0b2 SQL Injection: Posted May 25, 2011; Authored by High-Tech Bridge SA | Site htbridge.com; ExtCalendar version 2.0b2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | a974fb64b525dccafa700ae21ce599ff3b55f0bc16632feaf5ecc4351c58d005; Download | Favorite | View

Joomla Shop SQL Injection: Posted May 25, 2011; Authored by ThunDEr HeaD; The Joomla Shop component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 5c1c7436095eb4f29d0aa7816ab894e560cc003e2fd802174240f3410ba875fc; Download | Favorite | View

Gadu-Gadu Code Execution / Cross Site Scripting: Posted May 25, 2011; Authored by Kacper Szczesniak; Gadu Gadu suffers from code execution and cross site scripting vulnerabilities.; tags | exploit, vulnerability, code execution, xss; SHA-256 | 612de9e01fb3921205f432c253275a1342b0c96c78cbdfaa821e87c81d36a69e; Download | Favorite | View

MidiCMS-WB 2011 Shell Upload / Local File Inclusion: Posted May 25, 2011; Authored by KedAns-Dz; MidiCMS-WB 2011 suffers from shell upload and local file inclusion vulnerabilities.; tags | exploit, shell, local, vulnerability, file inclusion; SHA-256 | 208ae1ecbeafba74477bec78c0fe421408df5ffb73b5d5c458d19fba8d13b108; Download | Favorite | View

phpScheduleIt 1.2.12 Cross Site Scripting: Posted May 25, 2011; Authored by High-Tech Bridge SA | Site htbridge.com; phpScheduleIt version 1.2.12 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 5db247863aca225f49b9243807c5dc59e5a3bc6b60f4f9d1fa36ad4b3787f23a; Download | Favorite | View

Ajax Chat 1 Cross Site Scripting: Posted May 25, 2011; Authored by High-Tech Bridge SA | Site htbridge.com; Ajax Chat version 1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 7c4c8b263ac25b470d2fcc65c9497d70fa344da56160fcef220629ef9e0be30c; Download | Favorite | View

VisiWave VWR File Parsing Buffer Overflow: Posted May 25, 2011; Authored by mr_me, TecR0c | Site metasploit.com; This Metasploit module exploits a vulnerability found in VisiWave's Site Survey Report application. When processing .VWR files, VisiWave.exe attempts to match a valid pointer based on the 'Type' property (valid ones include 'Properties', 'TitlePage', 'Details', 'Graph', 'Table', 'Text', 'Image'), but if a match isn't found, the function that's supposed to handle this routine ends up returning the input as a pointer, and later used in a CALL DWORD PTR [EDX+10] instruction. This allows attackers to overwrite it with any arbitrary value, and results code execution. This Metasploit module was built to bypass ASLR and DEP. NOTE: During installation, the application will register two file handle's, VWS and VWR and allows a victim user to 'double click' the malicious VWR file and execute code.; tags | exploit, arbitrary, code execution; advisories | OSVDB-72464; SHA-256 | 3771df4f4d30f18e8cb453cb8d601bc178761d31e4917dee0ed0a0b741354001; Download | Favorite | View

i-doIT 0.9.9-4 Local File Inclusion: Posted May 24, 2011; Authored by AutoSec Tools | Site autosectools.com; A local file inclusion vulnerability in i-doIT version 0.9.9-4 can be exploited to include arbitrary files.; tags | exploit, arbitrary, local, file inclusion; SHA-256 | 52a9b9169ca306d800de413e011278eb8a9c4f4505cb2feb9cfbf83548157563; Download | Favorite | View

Kryn.cms 0.9 Cross Site Scripting: Posted May 24, 2011; Authored by AutoSec Tools | Site autosectools.com; A reflected cross site scripting vulnerability in Kryn.cms version 0.9 can be exploited to execute arbitrary JavaScript.; tags | exploit, arbitrary, javascript, xss; SHA-256 | 213e1323be07a09911ac491c2a360c8e3bad5c1e89cd12449b9a1f9e958cfdb0; Download | Favorite | View

Mollify 1.8.0.1 Cross Site Scripting: Posted May 24, 2011; Authored by AutoSec Tools | Site autosectools.com; A reflected cross site scripting vulnerability in Mollify version 1.8.0.1 can be exploited to execute arbitrary JavaScript.; tags | exploit, arbitrary, javascript, xss; SHA-256 | bb09a4697999e438ef9324e2a4aa75ff6e9e12abebe784e104208832691a00c6; Download | Favorite | View

Tickets 2.13 SQL Injection: Posted May 24, 2011; Authored by AutoSec Tools | Site autosectools.com; A SQL injection vulnerability in Tickets version 2.13 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.; tags | exploit, arbitrary, shell, php, sql injection; SHA-256 | c431ef63087479c5f7cef25ab0f5c57198520d1f22a0d80a8bb9f499614666e5; Download | Favorite | View

Drupal With Webform Cross Site Scripting: Posted May 24, 2011; Authored by Justin C. Klein Keane; Drupal version 6.20 with Webform 6.x-2.10, Drupal version 7.0 with Webform 7.x-3.9, and Drupal with Webform 5.x-2.10 suffer from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 86969780e0c29c50c061717a7410ebf22550a712b72b091795725d2c804bfc1d; Download | Favorite | View

HP System Management Homepage Cross Site Scripting: Posted May 24, 2011; Authored by ProCheckUp, Richard Brain | Site procheckup.com; HP System Management Homepage suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2010-3283, CVE-2011-1537, CVE-2010-4112; SHA-256 | 99f2488279fb151519b0edb33eb7e2752234eacfbf392e7175fe011728ee9565; Download | Favorite | View

ChromeMedia SQL Injection: Posted May 24, 2011; Authored by Kalashinkov3; ChromeMedia suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 01493938394e0b17f9e89ff245a6bfa7e5bcfbd008998c2a913637a23baa26aa; Download | Favorite | View

DH Softwares SQL Injection: Posted May 24, 2011; Authored by Kalashinkov3; DH Softwares suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 410b2c17a9e708f0ba5f04f886bc84eb163b11c3129e8b82fc0d61d17b0fc02d; Download | Favorite | View

MyLittleForum 2.2.7 Cross Site Request Forgery: Posted May 24, 2011; Authored by Xecuti0N3r; MyLittleForum CMS version 2.2.7 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 14e6e66435a53833bcda7aa41eab9b80dd510a2288bbc2e34a9840ac5ba5d0fa; Download | Favorite | View

PHPortfolio SQL Injection: Posted May 24, 2011; Authored by lionaneesh; PHPortfolio suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 62dc4a80e02ffb18337e7b79c68167703140c2feff8678668e1f9ed4f374a26d; Download | Favorite | View

Ciphertek Systems SQL Injection: Posted May 24, 2011; Authored by eXeSoul; Ciphertek Systems suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 3258da923af890f689cd8b8f1db4a4d9d287ebe71e2675a290e4ffa4e84c938a; Download | Favorite | View

MODx Revolution 2.0.8-pl Cross Site Request Forgery: Posted May 24, 2011; Authored by Xecuti0N3r; MODx Revolution CMS version 2.0.8-pl suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 045fc5d2aee5d4ef3cf85cfc1b2dea4422aec2b42af4c158ad0506ddb66aa488; Download | Favorite | View

Page 3 of 11 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News