ignore security and it'll go away
Showing 1 - 25 of 350 RSS Feed

Files

Packet Storm New Exploits For January, 2012
Posted Feb 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 351 exploits added to Packet Storm in January, 2012.

tags | exploit
systems | linux
MD5 | 8b836da23c3e4ed57b80a9dc6b85088c
Mindjet MindManager 2012 10.0.493 Buffer Overflow / Denial Of Service
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

Mindjet MindManager 2012 version 10.0.493 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | c55d3d4ffe78bd34dbd71d5e2960c04e
Ez Album Blind SQL Injection
Posted Jan 31, 2012
Authored by Red Security TEAM

Ez Album suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c5f91018271fd7ea8786f96c79101164
Adobe Flash Player Code Execution
Posted Jan 31, 2012
Authored by Abysssec | Site abysssec.com

Adobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.

tags | exploit, remote, code execution
advisories | CVE-2011-2140
MD5 | cf02af1c3dc09483a9ca31549d45ec0b
phpShowtime Directory Traversal
Posted Jan 31, 2012
Authored by Red Security TEAM

phpShowtime suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 72934e978896d896091d871909ee8958
EdrawSoft Office Viewer Component ActiveX 5.6 Buffer Overflow
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

EdrawSoft Office Viewer Component ActiveX version 5.6.5781 suffers from a buffer overflow vulnerability when parsing large amount of bytes to the FtpUploadFile member in FtpUploadFile() function, resulting memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
MD5 | e540c339e50eef4b81df0e87bc189135
Harvard SQL Injection
Posted Jan 31, 2012
Authored by CraCkEr

The gmwgroup.harvard.edu site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | feb69116a6183c69c6c1500fdabe05aa
Apache protocol.c Cookie Disclosure
Posted Jan 31, 2012
Authored by pilate

Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.

tags | exploit, remote, protocol, proof of concept, info disclosure
advisories | CVE-2012-0053
MD5 | 657f1bf4056ef716235936fdcd302d24
Agent Zone Vastal I-Tech Real Estate SQL Injection
Posted Jan 31, 2012
Authored by Muhammet Cagri Tepebasili

Agent Zone Vastal I-Tech Real Estate script suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | de7ecf5e1bfc46f8cf8f488f5b7ea9de
Forbes Cross Site Scripting
Posted Jan 31, 2012
Authored by r007k17-w

The blogs.forbes.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d4c3d04320610f0d9e9f851658a09244
4Images 1.7.10 Cross Site Scripting
Posted Jan 31, 2012
Authored by d3v1l, RandomStorm

4Images version 1.7.10 suffers from a cross site scripting vulnerability in the administrative panel.

tags | exploit, xss
MD5 | e550253f92cd260f211e8370a98631cf
Campaign Enterprise 11.0.421 SQL Injection
Posted Jan 31, 2012
Authored by Craig Freyman

Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ec20548ba9402a347c1329c29fcf022c
vBSEO 3.6.0 PHP Code Injection
Posted Jan 31, 2012
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.

tags | exploit, arbitrary, php
MD5 | 43db8b7017e615d69d61ee087f3fd0fb
Joomla CRHotels SQL Injection
Posted Jan 31, 2012
Authored by the_cyber_nuxbie

The Joomla CRHotels component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fd9e0442e767095f06dc53556757bdec
TWiki Cross Site Scripting
Posted Jan 31, 2012
Authored by Sony

TWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dd5aa8c179b2eab2758930be2767f7e8
sudo 1.8.3p1 Format String
Posted Jan 30, 2012
Authored by joernchen | Site phenoelit.de

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.

tags | exploit
MD5 | b2036d45402949553965c07da5b6d34c
OSClass 2.3.4 XSS / RFI / SQL Injection
Posted Jan 30, 2012
Authored by Filippo Cavallarin

OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
MD5 | a12abb24c0bcbb63744f41b14614b5bb
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | dd4d0622a04f9e835b76a657cce1e426
Snort Report 1.3.2 SQL Injection
Posted Jan 30, 2012
Authored by a.kadir altan

Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4c3f584caafc12dbf6d71610a1d2c410
Joomla Propertylab SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Propertylab component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 234cfbaa2fa7139f42f69411ea24bd80
DPI 1.0 Cross Site Scripting
Posted Jan 30, 2012
Authored by Red Security TEAM

DPI version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e92965d578bb18262516d6781d4073e0
Mibew Messenger 1.6.4 Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f32c2798bd75a6a10e425d0591bc87c3
Joomla BBS SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla BBS component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a3be06ef419abf86154d0accfdf0e70e
Phux Download Manager SQL Injection
Posted Jan 30, 2012
Authored by Red Security TEAM

Phux Download Manager suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6d22563ebdaaf2cecc143d641f7f7e8e
Joomla Firmy SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Firmy component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 279fb685b3bac33f19ce66a579700475
Page 1 of 14
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close