what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 350 RSS Feed

Files

Packet Storm New Exploits For January, 2012
Posted Feb 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 351 exploits added to Packet Storm in January, 2012.

tags | exploit
systems | linux
SHA-256 | fce0c96724a5282b8c925caac704e1249f388abd90e7a277f6a45fb52d5647f5
Mindjet MindManager 2012 10.0.493 Buffer Overflow / Denial Of Service
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

Mindjet MindManager 2012 version 10.0.493 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | b50eec5a80d46febd6c5ebb66680d9b098509d98e414986b60dc5cb207e949e1
Ez Album Blind SQL Injection
Posted Jan 31, 2012
Authored by Red Security TEAM

Ez Album suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 86ab2ada6506babeabdfbd62d8142f04453bcb2e820296718e246a63c0acd478
Adobe Flash Player Code Execution
Posted Jan 31, 2012
Authored by Abysssec | Site abysssec.com

Adobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.

tags | exploit, remote, code execution
advisories | CVE-2011-2140
SHA-256 | 3acb530b7f85bf741ad44237de6b7293c688e170361a89a5dd01b37019556114
phpShowtime Directory Traversal
Posted Jan 31, 2012
Authored by Red Security TEAM

phpShowtime suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 8a4bbe25f1a3c1fed5ed15d358fd517c723c0ed83ebf79c6e3fd64e08de4109b
EdrawSoft Office Viewer Component ActiveX 5.6 Buffer Overflow
Posted Jan 31, 2012
Authored by LiquidWorm | Site zeroscience.mk

EdrawSoft Office Viewer Component ActiveX version 5.6.5781 suffers from a buffer overflow vulnerability when parsing large amount of bytes to the FtpUploadFile member in FtpUploadFile() function, resulting memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
SHA-256 | aa458d428c88b317e3d19885fabb2292797100d9c42881cb18343f476bfa04eb
Harvard SQL Injection
Posted Jan 31, 2012
Authored by CraCkEr

The gmwgroup.harvard.edu site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9b31adfeeeb15dba05ccae05f70de51756aa20d4affa14b0fc159a4ef8c11f8d
Apache protocol.c Cookie Disclosure
Posted Jan 31, 2012
Authored by pilate

Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.

tags | exploit, remote, protocol, proof of concept, info disclosure
advisories | CVE-2012-0053
SHA-256 | 8ed00b4f23edfe2b2af525954e40495839b29d37c0b5551d4d504b39aa8089c0
Agent Zone Vastal I-Tech Real Estate SQL Injection
Posted Jan 31, 2012
Authored by Muhammet Cagri Tepebasili

Agent Zone Vastal I-Tech Real Estate script suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 235eec2c8bd36e3b74c1f77020a028975f67e752a66e4c42f5bcb0b0e674663f
Forbes Cross Site Scripting
Posted Jan 31, 2012
Authored by r007k17-w

The blogs.forbes.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1651bd395a33d5176737bdd69d4bd00057454affe4a2af9862c10eb5be628cf4
4Images 1.7.10 Cross Site Scripting
Posted Jan 31, 2012
Authored by d3v1l, RandomStorm

4Images version 1.7.10 suffers from a cross site scripting vulnerability in the administrative panel.

tags | exploit, xss
SHA-256 | 7dd9e0133074644527dd2a56ecee765075f79c519bfc221648d9e2b3e5b1b2f4
Campaign Enterprise 11.0.421 SQL Injection
Posted Jan 31, 2012
Authored by Craig Freyman

Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931f
vBSEO 3.6.0 PHP Code Injection
Posted Jan 31, 2012
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.

tags | exploit, arbitrary, php
SHA-256 | b234422868d75376b871ce3713cf474fa00f5083853c55303eeb65ebd679721a
Joomla CRHotels SQL Injection
Posted Jan 31, 2012
Authored by the_cyber_nuxbie

The Joomla CRHotels component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a5210a9d170a3d58dedb14ef2753a0bd0a19beb2c575d1b8fbee04bc2d2dde88
TWiki Cross Site Scripting
Posted Jan 31, 2012
Authored by Sony

TWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 20fa13f95c0cbab3ce12b40327deb0594b221c8360e43b8dd5b2b43d7b2db51d
sudo 1.8.3p1 Format String
Posted Jan 30, 2012
Authored by joernchen | Site phenoelit.de

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.

tags | exploit
SHA-256 | 81fb04538af951a21c660e19f143b2d360f83aa70ff21c86befc1fc8af952094
OSClass 2.3.4 XSS / RFI / SQL Injection
Posted Jan 30, 2012
Authored by Filippo Cavallarin

OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
SHA-256 | 6961ecec1291ed82c08ed138f70b351bb7b06cabde1aec1d2b62eb96c14593fb
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 792946daa68d21da19823d935d226aff83199c4a69cc33fe6dfa3dcbd4a11618
Snort Report 1.3.2 SQL Injection
Posted Jan 30, 2012
Authored by a.kadir altan

Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7ac11a9eb9c4af7ae958f9e6572c3363d054e93d2c7c025644e592843827575f
Joomla Propertylab SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Propertylab component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a3daef246c503bc8547f849b2aed3b44984344f9ecdc3e77c4c0bb237510ca66
DPI 1.0 Cross Site Scripting
Posted Jan 30, 2012
Authored by Red Security TEAM

DPI version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d8cd5e55214550fc0a341eefb3545a7f8deabb3b7d422347a02fbf65f060e75d
Mibew Messenger 1.6.4 Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 70ca4b16e1bd521b1858f4631f536db54e0cb770544aff6b395c926a0f05eef9
Joomla BBS SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla BBS component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6f0b8c419e5e825a1c8825cf7a430c175e04de600ae4369c1e50886fbe48d296
Phux Download Manager SQL Injection
Posted Jan 30, 2012
Authored by Red Security TEAM

Phux Download Manager suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 04856c2e105c35adc10d68427ec4e8e9a4262fc82b5e01eee835f8a9d50f9cad
Joomla Firmy SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Firmy component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2c0f2c4d9d41df496067e05cfd85ac66ab857fdc7140e5684666b37bd49c645b
Page 1 of 14
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close