Twenty Year Anniversary
Showing 1 - 25 of 350 RSS Feed

Files

Packet Storm New Exploits For January, 2012
Posted Feb 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 351 exploits added to Packet Storm in January, 2012.

tags | exploit
systems | linux
MD5 | 8b836da23c3e4ed57b80a9dc6b85088c
Mindjet MindManager 2012 10.0.493 Buffer Overflow / Denial Of Service
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

Mindjet MindManager 2012 version 10.0.493 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | c55d3d4ffe78bd34dbd71d5e2960c04e
Ez Album Blind SQL Injection
Posted Jan 31, 2012
Authored by Red Security TEAM

Ez Album suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c5f91018271fd7ea8786f96c79101164
Adobe Flash Player Code Execution
Posted Jan 31, 2012
Authored by Abysssec | Site abysssec.com

Adobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.

tags | exploit, remote, code execution
advisories | CVE-2011-2140
MD5 | cf02af1c3dc09483a9ca31549d45ec0b
phpShowtime Directory Traversal
Posted Jan 31, 2012
Authored by Red Security TEAM

phpShowtime suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 72934e978896d896091d871909ee8958
EdrawSoft Office Viewer Component ActiveX 5.6 Buffer Overflow
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

EdrawSoft Office Viewer Component ActiveX version 5.6.5781 suffers from a buffer overflow vulnerability when parsing large amount of bytes to the FtpUploadFile member in FtpUploadFile() function, resulting memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
MD5 | e540c339e50eef4b81df0e87bc189135
Harvard SQL Injection
Posted Jan 31, 2012
Authored by CraCkEr

The gmwgroup.harvard.edu site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | feb69116a6183c69c6c1500fdabe05aa
Apache protocol.c Cookie Disclosure
Posted Jan 31, 2012
Authored by pilate

Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.

tags | exploit, remote, protocol, proof of concept, info disclosure
advisories | CVE-2012-0053
MD5 | 657f1bf4056ef716235936fdcd302d24
Agent Zone Vastal I-Tech Real Estate SQL Injection
Posted Jan 31, 2012
Authored by Muhammet Cagri Tepebasili

Agent Zone Vastal I-Tech Real Estate script suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | de7ecf5e1bfc46f8cf8f488f5b7ea9de
Forbes Cross Site Scripting
Posted Jan 31, 2012
Authored by r007k17-w

The blogs.forbes.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d4c3d04320610f0d9e9f851658a09244
4Images 1.7.10 Cross Site Scripting
Posted Jan 31, 2012
Authored by d3v1l, RandomStorm

4Images version 1.7.10 suffers from a cross site scripting vulnerability in the administrative panel.

tags | exploit, xss
MD5 | e550253f92cd260f211e8370a98631cf
Campaign Enterprise 11.0.421 SQL Injection
Posted Jan 31, 2012
Authored by Craig Freyman

Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ec20548ba9402a347c1329c29fcf022c
vBSEO 3.6.0 PHP Code Injection
Posted Jan 31, 2012
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.

tags | exploit, arbitrary, php
MD5 | 43db8b7017e615d69d61ee087f3fd0fb
Joomla CRHotels SQL Injection
Posted Jan 31, 2012
Authored by the_cyber_nuxbie

The Joomla CRHotels component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fd9e0442e767095f06dc53556757bdec
TWiki Cross Site Scripting
Posted Jan 31, 2012
Authored by Sony

TWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dd5aa8c179b2eab2758930be2767f7e8
sudo 1.8.3p1 Format String
Posted Jan 30, 2012
Authored by joernchen | Site phenoelit.de

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.

tags | exploit
MD5 | b2036d45402949553965c07da5b6d34c
OSClass 2.3.4 XSS / RFI / SQL Injection
Posted Jan 30, 2012
Authored by Filippo Cavallarin

OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
MD5 | a12abb24c0bcbb63744f41b14614b5bb
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | dd4d0622a04f9e835b76a657cce1e426
Snort Report 1.3.2 SQL Injection
Posted Jan 30, 2012
Authored by a.kadir altan

Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4c3f584caafc12dbf6d71610a1d2c410
Joomla Propertylab SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Propertylab component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 234cfbaa2fa7139f42f69411ea24bd80
DPI 1.0 Cross Site Scripting
Posted Jan 30, 2012
Authored by Red Security TEAM

DPI version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e92965d578bb18262516d6781d4073e0
Mibew Messenger 1.6.4 Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f32c2798bd75a6a10e425d0591bc87c3
Joomla BBS SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla BBS component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a3be06ef419abf86154d0accfdf0e70e
Phux Download Manager SQL Injection
Posted Jan 30, 2012
Authored by Red Security TEAM

Phux Download Manager suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6d22563ebdaaf2cecc143d641f7f7e8e
Joomla Firmy SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Firmy component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 279fb685b3bac33f19ce66a579700475
Page 1 of 14
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Google's Project Zero Exposes Unpatched Windows 10 Lockdown Bypass
Posted Apr 20, 2018

tags | headline, microsoft, flaw, google
LinkedIn Bug Allowed Data To Be Stolen From User Profiles
Posted Apr 20, 2018

tags | headline, privacy, data loss, flaw, social
Oracle Releases 254 Security Fixes
Posted Apr 20, 2018

tags | headline, flaw, patch, oracle, java
Yahoo! Webmail Hackers Faces 8 Years Inside
Posted Apr 20, 2018

tags | headline, hacker, email, yahoo
JP Morgan Ousted Security Chief Backed By Palantir After Executives Found Out He Was Spying On Them
Posted Apr 20, 2018

tags | headline, privacy, bank, fraud, spyware
PCI Council Releases Vastly Expanded Cards In Clouds Guidance
Posted Apr 19, 2018

tags | headline, bank, cybercrime, fraud
Gold Galleon Hackers Target Maritime Shipping Industry
Posted Apr 19, 2018

tags | headline, hacker, pirate
IKEA's TaskRabbit Back Online After Data Breach
Posted Apr 19, 2018

tags | headline, privacy, data loss
Facebook To Exclude Billions From European Privacy Laws
Posted Apr 19, 2018

tags | headline, government, privacy, facebook
Bitcoin Heist Suspect Reportly Walked Out Of Low-Security Prison, Onto Flight
Posted Apr 19, 2018

tags | headline, cybercrime, fraud
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close