Exploit the possiblities
Showing 1 - 25 of 311 RSS Feed

Files

Packet Storm New Exploits For July, 2011
Posted Aug 1, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 310 exploits added to Packet Storm in July, 2011.

tags | exploit
systems | linux
MD5 | 470d0eab00b86ad8f001e9e2528f9e5a
Actfax FTP Server 4.27 USER Command Stack Buffer Overflow
Posted Jul 31, 2011
Authored by mr_me | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Actfax FTP Server versions 4.27 and earlier. Actfax fails to check input size when parsing 'USER' command. This vulnerability results in arbitrary code execution. This Metasploit module has been designed to bypass DEP under Windows Server 2003 SP2/R2.

tags | exploit, overflow, arbitrary, code execution
systems | windows
advisories | OSVDB-72520
MD5 | 96b332c42a81990ce381082e243afd07
Hong Kong Firms Internet Services CMS SQL Injection
Posted Jul 31, 2011
Authored by Netrondoank

Hong Kong Firms Internet Services CMS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 9f5c95e6ef87c00624833c9a88d14e5a
Digital Scribe 1.5 Cross Site Scripting
Posted Jul 31, 2011
Authored by LiquidWorm | Site zeroscience.mk

Digital Scribe version 1.5 suffers from multiple post cross site scripting vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized allowing the attacker to execute HTML code into user's browser session on the affected site.

tags | exploit, php, vulnerability, xss
MD5 | 06f72ee6189d18849ce8c40b4cd30f27
Rebound SQL Injection / Local File Inclusion
Posted Jul 31, 2011
Authored by Kalashinkov3

Rebound suffers from local file inclusion and remote SQL injection vulnerabilities. A SQL injection vulnerability allows for authentication bypass.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | ae1ecd057924c7d7ba9e4845a6fd4446
Elgg 1.7.9 Cross Site Scripting
Posted Jul 31, 2011
Authored by Aung Khant | Site yehg.net

Elgg versions 1.7.9 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 63406cabc3d6dfdbf17b2bc8ae96c723
cgCraft LLC Cross Site Scripting
Posted Jul 31, 2011
Authored by Ehsan_Hp200

Websites by cgCraft LLC suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b53c53179b4ce7d7b86c1ba4a5b4ef69
Nginx 0.7.65 Shell Upload
Posted Jul 31, 2011
Authored by Sysmox

Nginx version 0.7.65 suffers from a configuration vulnerability that may allow for a shell upload.

tags | exploit, shell
MD5 | 045bd2c8b3368e18fbfcae2069cf84a2
Joomla obSuggest Local File Inclusion
Posted Jul 31, 2011
Authored by v3n0m

The Joomla obSuggest component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 8db60aa7e2ececdf47c0cd2cc4f495aa
cFTP 0.1 r80 Shell Upload
Posted Jul 30, 2011
Authored by leviathan

cFTP versions 0.1 r80 and below suffer from a shell upload vulnerability.

tags | exploit, shell
MD5 | 937df870641baeb39fb62a78c5fadc07
Link Station Pro SQL Injection / Cross Site Scripting
Posted Jul 30, 2011
Authored by r007k17-w

Link Station Pro suffers from cross site scripting and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 0f023397b69990e3bfe359ce87ef6956
Sitecore CMS 6.4 Open Redirect
Posted Jul 30, 2011
Authored by Tom Neaves

Sitecore CMS versions 6.4 and below suffer from an open redirect vulnerability.

tags | exploit
MD5 | fae49bc63993af7c724ba11b1a713f74
cgCraft LLC SQL Injection
Posted Jul 30, 2011
Authored by Ehsan_Hp200

Websites by cgCraft LLC suffer from multiple remote SQL injection vulnerabilities in info.php and news_item.php.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | f3a4e241773df61719c25b550904b1d0
XenApp / XenDesktop Heap Corruption
Posted Jul 29, 2011
Authored by Moritz Jodeit, Alexios Fakos | Site nruns.com

A heap corruption vulnerability has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.

tags | exploit, arbitrary, code execution
MD5 | 323189e6294969992f91333bf86e3f58
Joomla 1.5 VirtueMart 1.1.7 Blind SQL Injection
Posted Jul 29, 2011
Authored by mr_me, TecR0c | Site metasploit.com

A vulnerability was discovered by Rocco Calvi and Steve Seeley which identifies unauthenticated time-based blind SQL injection in the "page" variable of the virtuemart component. This vulnerability allows an attacker to gain information from the database with specially crafted URLs taking advantage of the MySQL benchmark. This issue was patched in version 1.1.7a.

tags | exploit, sql injection
MD5 | 426ac2c03c6c7e51d370d76153569d7e
MyWebServer 1.0.3 Denial Of Service
Posted Jul 29, 2011
Authored by X-h4ck

MyWebServer version 1.0.3 suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 93a7b73e2f73b85b9359c62fe32e0e9b
MyWebServer 1.0.3 Arbitrary File Download
Posted Jul 29, 2011
Authored by X-h4ck

MyWebServer version 1.0.3 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 632e8526a4ef6868ed6335e066805d6d
ICQ 7.5 Denial Of Service
Posted Jul 29, 2011
Authored by noptrix | Site nullsecurity.net

ICQ versions 7.5 and below for Windows remote denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
MD5 | e7faa01a01811d3b19255cd2a4345961
ManageEngine ServiceDesk Plus 8.0 Cross Site Scripting
Posted Jul 29, 2011
Authored by Narendra Shinde

ManageEngine ServiceDesk Plus version 8.0 build 8013 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | badf8b14aea76a0dc1fa3211797f4f9f
XenApp / XenDesktop Buffer Overflow
Posted Jul 29, 2011
Authored by Moritz Jodeit | Site nruns.com

A stack-based buffer overflow has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.

tags | exploit, overflow, arbitrary, code execution
MD5 | dba4d051e569439aee38b39fb932a013
Midori Browser 0.3.2 Denial Of Service
Posted Jul 29, 2011
Authored by t3rm!n4t0r

Midori Browser version 0.3.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | dda1ea93605b9d3d049b4d05ddf5ab18
Quake 3 Shell Injection / Code Execution
Posted Jul 29, 2011
Authored by Thilo Schulz

Multiple games using the Quake engine suffer from remote shell injection and code execution vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution
advisories | CVE-2011-1412, CVE-2011-2764
MD5 | 16023bd2c4a732098e496bd4e083d309
Gopal Systems SQL Injection
Posted Jul 28, 2011
Authored by Ehsan_Hp200

Gopal Systems suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f284b0a047a9f26ff61a3dd023df749b
MinaliC Webserver Cross Site Scripting
Posted Jul 28, 2011
Authored by Zer0 Thunder

MinaliC Webserver suffers from a cross site scripting vulnerability in the generated 404 page.

tags | exploit, xss
MD5 | 147910b9a0a489270ee46d3a99f138ed
PHPJunkyard 1.3 Open Redirect
Posted Jul 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

PHPJunkyard 1.3 suffers from an open redirection vulnerability.

tags | exploit
MD5 | c52d2c937d43cf5c7ffbddf4605c164f
Page 1 of 13
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close