Twenty Year Anniversary
Showing 1 - 25 of 213 RSS Feed

Files

Packet Storm New Exploits For November, 2011
Posted Dec 1, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 212 exploits added to Packet Storm in November, 2011.

tags | exploit
systems | linux
MD5 | 76cded7ed0b2d2ec1da748d7ee069d41
IBM Lotus Domino Authentication Bypass
Posted Nov 30, 2011
Authored by Alexey Sintsov

IBM Lotus Domino versions 8.5.3 and 8.5.2 FP3 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2011-1519
MD5 | 76b18fd33ff899004aa14ab654d4beff
PHP Inventory 1.3.1 SQL Injection
Posted Nov 30, 2011
Authored by Stefan Schurtz

PHP Inventory version 1.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
advisories | CVE-2009-4595, CVE-2009-4596, CVE-2009-4597
MD5 | 9c59bd82d0f4926918091ff3bd3c682a
WordPress Flash Album Gallery Cross Site Scripting
Posted Nov 30, 2011
Authored by Am!r | Site irist.ir

The WordPress flash-album-gallery plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9871634408b1a66d72762ada87486aef
WordPress 1 JQuery Photo Gallery Slideshow Flash Cross Site Scripting
Posted Nov 30, 2011
Authored by Am!r | Site irist.ir

The WordPress 1-jquery-photo-gallery-slideshow-flash plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | db9129c292e4ebc3122cf472a0e2a445
Serv-U FTP Server Jail Break
Posted Nov 30, 2011
Authored by Kingcope

Serv-U FTP server suffers from a remote jail breaking vulnerability.

tags | exploit, remote
MD5 | cac30d15df74a4e42c4b9609cf8772d7
ProFTPd / FreeBSD ftpd Remote Root
Posted Nov 30, 2011
Authored by Kingcope

Remote root exploit for FreeBSD ftpd and ProFTPd on FreeBSD. It leverages the fact that /etc and /lib can be modified inside of the chroot.

tags | exploit, remote, root
systems | freebsd
MD5 | 2afb95522b810b098c941ae9c312a402
Voxsmart VoxRecord Control Centre 2.7 SQL Injection
Posted Nov 30, 2011
Authored by Piotr Duszynski

Voxsmart VoxRecord Control Centre version 2.7 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d8c8770aff3aae6be7bffe2c185c69fe
Java Applet Rhino Script Engine Remote Code Execution
Posted Nov 30, 2011
Authored by sinn3r, Michael Schierl, juan vazquez, Edward D. Teach | Site metasploit.com

This Metasploit module exploits a vulnerability in the Rhino Script Engine that can be used by a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects version 7 and version 6 update 27 and earlier, and should work on any browser that supports Java (for example: IE, Firefox, Google Chrome, etc).

tags | exploit, java, arbitrary
advisories | CVE-2011-3544, OSVDB-76500
MD5 | cdf6369de287616478ab5150bd275d56
CTEK SkyRouter 4200 / 4300 Command Execution
Posted Nov 30, 2011
Authored by savant42 | Site metasploit.com

This Metasploit module exploits an unauthenticated remote root vulnerability within CTEK SkyRouter versions 4200 and 4300.

tags | exploit, remote, root
MD5 | 8256b2c8aebbb5d3abf34bfe3148f788
WikkaWiki 1.3.2 Code Execution / Shell Upload / SQL Injection
Posted Nov 30, 2011
Authored by EgiX

WikkaWiki versions 1.3.2 and below suffers from remote SQL injection, unrestricted file upload, arbitrary file download, arbitrary file deletion, remote code execution and cross site request forgery vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, code execution, sql injection, file upload, csrf
advisories | CVE-2011-4448, CVE-2011-4449, CVE-2011-4450, CVE-2011-4451, CVE-2011-4452
MD5 | 14a9bc2e9391a11cdd4ba3328235c582
GOM Player 2.1.33.5071 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Debasish Mandal

GOM Player version 2.1.33.5071 unicode stack buffer overflow exploit that creates a malicious .asx file.

tags | exploit, overflow
MD5 | e0a140f4833d8a156f07a27f2c7b5659
Bugbear FlatOut 2005 Buffer Overflow
Posted Nov 30, 2011
Authored by Silent Dream

Bugbear FlatOut 2005 buffer overflow exploit that creates a malicious .bed file.

tags | exploit, overflow
MD5 | 911ee0d32da7ef2d93cb62cf34a1a198
MS11-080 Afd.sys Privilege Escalation
Posted Nov 30, 2011
Authored by Matteo Memelli

MS11-080 privilege escalation exploit that leverages the fact that afd.sys does not properly validate user-mode input passed to kernel-mode.

tags | exploit, kernel
advisories | CVE-2011-2005
MD5 | 0834059529bbfef600c3d2569f96973b
Avid Media Composer 5.5 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

The AvidPhoneticIndexer.exe network daemon that ships with Avid Media Composer version 5.5 suffers from a remote stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory and a Metasploit module.

tags | exploit, remote, overflow
systems | linux
MD5 | 05ba0f866778968b71f98de51b05bb15
StoryBoard Quick 6 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

StoryBoard Quick version 6 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.

tags | exploit, overflow, proof of concept
systems | linux
MD5 | a2936d026b1079a3ef6f8d76b49e48e5
Muster Render Farm Management System 6.1.6 Arbitrary File Download
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

Muster Render Farm Management System version 6.1.6 suffer from an arbitrary file download issue due to a directory traversal vulnerability. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. The advisory in this archive includes exploitation details.

tags | exploit, arbitrary
systems | linux
MD5 | 71664b4aded114d1ca22b0fa618e8420
Final Draft 8 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

Final Draft version 8 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.

tags | exploit, overflow, proof of concept
systems | linux
MD5 | c0e59b67f15d5777bd6aa600c2deae50
Schok Creative SQL Injection
Posted Nov 30, 2011
Authored by nGa Sa Lu

Sites created by Schok Creative suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 690e2ce9b91685ffc6e9cb23b71039d6
3S CoDeSys 3.4 SP4 Patch 2 Overflows / NULL Pointers
Posted Nov 30, 2011
Authored by Luigi Auriemma | Site aluigi.org

3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.

tags | exploit, overflow, vulnerability
systems | linux
MD5 | 166f8e4b7c7919286d7b292b2dce61de
Video Girls BiZ Video Chat Script Cross Site Scripting / SQL Injection
Posted Nov 30, 2011
Authored by Eyup CELIK

Video Girls BiZ Video Chat script suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 3237f449ca3ae41d70b20903bc4c93f4
ExpressionEngine 2.2.2 / CodeIgniter 2.0.3 Cross Site Scripting
Posted Nov 30, 2011
Authored by Dr. Marian Ventuneac

ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2011-4025
MD5 | 9efc5b60e039e81fa3c75461993a0340
Ajax Script Cross Site Scripting / SQL Injection
Posted Nov 30, 2011
Authored by Eyup CELIK

Ajax Script suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 7f7972771c53fcccd73587d6b054d163
Toshiba.com / Compaq.com Cross Site Scripting
Posted Nov 30, 2011
Authored by Sony

Toshiba.com and Compaq.com suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 114248234009efc70014430e61a40942
ModenaCam SQL Injection / Cross Site Scripting
Posted Nov 30, 2011
Authored by Eyup CELIK

ModenaCam, the Adult Turnkey Flash Live Chat Software script, suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
systems | linux
MD5 | c76d63340077834e02f5cfb3622cd318
Page 1 of 9
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Hackers Who Sabotaged The Olympic Games Return For More Mischief
Posted Jun 19, 2018

tags | headline, hacker, cyberwar
Alleged Leaker Of Vault7 Cache Busted By Poor OpSec
Posted Jun 19, 2018

tags | headline, government, usa, data loss, cyberwar, password, fbi, cia
7 Time Jeopardy! Winner Pleads Guilty To Hacking
Posted Jun 19, 2018

tags | headline, hacker, privacy, email
FBI Recovers WhatsApp, Signal Data Stored On Michael Cohen's BlackBerry
Posted Jun 18, 2018

tags | headline, government, usa, phone, russia, fraud, fbi
US Exposes North Korea Government's Typeframe Malware
Posted Jun 18, 2018

tags | headline, government, malware, usa, cyberwar, korea
PageUp Confirms Some Data Compromised In Breach
Posted Jun 18, 2018

tags | headline, hacker, data loss
Huawei Rejects Australia Security Concerns
Posted Jun 18, 2018

tags | headline, government, australia, china, flaw, cyberwar, backdoor
Ex-Fitbit Employees Indicted For Allegedly Stealing Secrets
Posted Jun 15, 2018

tags | headline, data loss, fraud
This New Android Malware Delivers Banking Trojan, Keylogger And Ransomware
Posted Jun 15, 2018

tags | headline, malware, phone, google
Xen Project Patches Intel's Lazy FPU Flaw
Posted Jun 15, 2018

tags | headline, flaw, patch, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close