what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 207 RSS Feed

Files

WeBid 1.0.2 Cross Site Scripting / SQL Injection
Posted Jun 17, 2011
Authored by Saif El-Sherei

WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0bce39b5bffc7a4bc13046662ad8b39b8fab588076ace249f26f92528f70f715
MS11-050 IE mshtml!CObjectElement Use After Free
Posted Jun 17, 2011
Authored by d0c_s4vage | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed <object> and attempts to call a function on it, leading to the use-after-free.

tags | exploit
advisories | CVE-2011-1256, OSVDB-72948
SHA-256 | b32377ac3beaa1414985310c6140cd9cbefd81ce42b9a9337bf648771c0e9476
Catalog Builder Ecommerce Software Blind SQL Injection
Posted Jun 16, 2011
Authored by takeshix

Catalog Builder Ecommerce Software suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3df96bf5d62f699c6baa24fc854ff38e301e72d6f21d5b4ca4a33470d1ec10f4
German AD-Free Blog SQL Injection
Posted Jun 16, 2011
Authored by Bl4ck.Viper

German AD-Free suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2f32c4704950dcf266779f8c67db34ff86684399f3f12c1ae208702d54cbd686
Core Security Technologies Advisory 2010.1021
Posted Jun 16, 2011
Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - The administrative console of IBM WebSphere Application Server is vulnerable to Cross-Site Request Forgery (CSRF) attacks, which can be exploited by remote attackers to force a logged-in administrator to perform unwanted actions on the IBM WebSphere administrative console, by enticing him to visit a malicious web page. Versions 7.0.0.11 and 7.0.0.13 are confirmed vulnerable.

tags | exploit, remote, web, csrf
advisories | CVE-2010-3271
SHA-256 | c5935cba98df6fe3be07143a413aa1c7d1b1b171f7643b662db9f9dff22ce27e
Boybdream Shop SQL Injection
Posted Jun 16, 2011
Authored by Bl4ck.Viper

Boybdream Shop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3883c1aaeb4f120c3da6af09888136221af6724ffdeabf928c1e93621a7cdaf9
BeVivid WMS Blind SQL Injection
Posted Jun 16, 2011
Authored by RoAd_KiLlEr

BeVivid WMS suffers from remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 15b15b7f28474bb6603bb5e824386ef856f5d961e9818c0d9c7ce5608c1a94ab
Free Simple CMS 1.0 Cross Site Scripting / Local File Inclusion
Posted Jun 16, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Free Simple CMS version 1.0 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | fac147387be53cf36a5687dfa3256cc2c8681237448aa792693644fe4bd61c25
AMHSHOP 3.7.0 SQL Injection
Posted Jun 16, 2011
Authored by Yassin Aboukir

AMHSHOP version 3.7.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e0879ae255ea343ce1b420146ed2b5fbffb7b8a0820861b78b6199faa529d31e
Gogago YouTube Video Converter 1.1.6 Buffer Overflow
Posted Jun 16, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Gogago YouTube Video Converter version 1.1.6 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | a8e7476b1fa45772eef93c121c447ff805b723e82f590b95bf69176acd606937
Core Security Technologies Advisory 2011.0203
Posted Jun 14, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was found in the driver 'vmswitch.sys', associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. The impact is all guests on that host became non-responsive. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability.

tags | exploit, denial of service, local
systems | windows
advisories | CVE-2011-1872
SHA-256 | 91762eded6d6cb85d92e2b2d56180960888179b29b556d5094c71c5746715573
WordPress Wysi 0.0.2 Shell Upload
Posted Jun 14, 2011
Authored by Net.Edit0r

The WordPress Wysi plugin version 0.0.2 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 8d9e486111ef64c9e44b4735f860662342db16afdc037f7b4f8a2d7a59a04007
Infopublica Solutions SQL Injection
Posted Jun 14, 2011
Authored by RoAd_KiLlEr

Infopublica Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 96883a882fa9a9d86380171a96ad677d61721fa56762bf54a327ccd9d402bfe2
vBulletin 3.x.x vBTube 1.2.9 Cross Site Scripting
Posted Jun 14, 2011
Authored by Mr.ThieF

vBulletin version 3.x.x with the vBTube version 1.2.9 add-on suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e7f22f85242668c8be470d27ff17b6110ad159892ef6a775b8c5c662c0fc2ff9
Windows Media Player With K-Lite CODEC Pack Denial Of Service
Posted Jun 14, 2011
Authored by Nicolas Krassas

Proof of concept denial of service exploit for Windows Media Player with the K-Lite CODEC pack.

tags | exploit, denial of service, proof of concept
systems | linux, windows
SHA-256 | 26133347e03447d3d2e2d73f9d6939ab76ee3ad49c5cfc96136f6cbc5bc695f8
CubeCart 2.0.7 Cross Site Scripting / SQL Injection
Posted Jun 14, 2011
Authored by Shamus

CubeCart version 2.0.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 988a9c3a3598b0fae75a81847ac6d209b66747f1353950e522e2dca81f228937
Oracle HTTP Server Header Cross Site Scripting
Posted Jun 14, 2011
Authored by Yasser ABOUKIR

Oracle HTTP Server for Oracle Application Server 10g version 10.1.2.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2006-3918, CVE-2007-0275
SHA-256 | 5605a7900ae46fcd7c6417e203f5ed51d69bdc5e60c926f300ac380833c937aa
PHP Nuke 8.3 MT Shell Upload
Posted Jun 13, 2011
Authored by Pentesters.ir

PHP Nuke version 8.3 MT suffers from an arbitrary shell upload vulnerability.

tags | exploit, arbitrary, shell, php
SHA-256 | 181c0fcc602b1deb943f8fdeb52a8071760462be19ecfb091d5e21fce82afd2c
Vitaminedz Blind SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Vitaminedz suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b6e3107bd47facb38e4641043cac3190a5677f7807ed93479482b8529cb9bbf9
Microsoft Lync 4.0.7577.0 Javascript Injection
Posted Jun 13, 2011
Authored by Mark Lachniet | Site foofus.net

Microsoft Lync version 4.0.7577.0 suffers from a javascript insertion vulnerability.

tags | exploit, javascript
SHA-256 | 9acd1aca4807a7c979ac9855bff7008e1cc076bfe2053fcb09c6116d049ef43d
Technofact SQL Injection
Posted Jun 13, 2011
Authored by eXeSoul

Technofact suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35da100d665874f66ccdc76228dbfb685e6d20a5480848ce5fad0ee92c007c87
Web Application SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Web Application from Site By Wapps suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
SHA-256 | 0926f0d36a2e55d88c1da6d9d937205a25aa30e31c182361a61a3d848279507a
MGF SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

MGF suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 295783e50df681bff1aef24000e8ef3fec57383912b9bf79e07a36243c6d03a3
CyberScribe SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

CyberScribe suffers multiple remote SQL injection vulnerabilities one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 96d942971f20795194b658222aec09900cee4b458b7f27034bc4247c88aac75c
Athollsweb SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Athollsweb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e37d712df6637b966e55d2cf9e9a7d7853d6a66019e64af337a9117ea40ca378
Page 5 of 9
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close