exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 251 RSS Feed

Files

Tftpd32 DNS 4.00 Denial Of Service
Posted May 28, 2012
Authored by demonalex

Tftpd32 DNS server version 4.00 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | ae64a094bcfcc8018eb6bfa205de45c996bbf7910049e67596d1e1c0a5e3c12c
WHMCS Blind SQL Injection
Posted May 28, 2012
Authored by dx7r

WHMCS appears to suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | linux
SHA-256 | ffc1a03fc3a0f290ac1373d8d574a5ef3822f230c1fccb7c08eebe2405c0db9f
QuickShare File Share 1.2.1 Directory Traversal
Posted May 27, 2012
Authored by sinn3r, modpr0be | Site metasploit.com

This Metasploit module exploits a vulnerability found in QuickShare File Share's FTP service. By supplying "../" in the file path, it is possible to trigger a directory traversal flaw, allowing the attacker to read a file outside the virtual directory. By default, the "Writable" option is enabled during account creation, therefore this makes it possible to create a file at an arbitrary location, which leads to remote code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-70776
SHA-256 | 6ec3545a1080c917dedf3c676152c00eb53f82eef025b7df8d5bd1ad6fb56805
b2ePMS 1.0 SQL Injection
Posted May 27, 2012
Authored by loneferret

b2ePMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | d4194d4158912ad5ab4eb71a05c9628be3881c3e06fca865002845aa04f9cbf5
WhyWeb SQL Injection
Posted May 27, 2012
Authored by the_cyber_nuxbie

WhyWeb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2a6a2d596da441301dfeece9bc161fa6ce705ade07ab868a2e76a2973ebca61b
Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection
Posted May 27, 2012
Authored by Akastep

Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99fa
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
Posted May 27, 2012
Authored by Akastep

AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, xss, sql injection, csrf
SHA-256 | fca95caa0dc8e622b5578c80db1cc25787bae0c338499f4de51aa6149b181c7b
iOS 5.1.1 Safari Browser Denial Of Service
Posted May 26, 2012
Authored by Alberto Ortega

iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.

tags | exploit, proof of concept
systems | cisco
SHA-256 | 88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3
PHP List 2.10.9 PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
SHA-256 | c0cd3d38f573e33e53f01d69feeb8194bc1884cbe78a7bafd51ad3ccfed51be8
Small CMS PHP Code Injection
Posted May 26, 2012
Authored by L3b-r1'z

Small CMS suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
SHA-256 | 0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427
Symantec Web Gateway 5.0.2 Local File Inclusion
Posted May 26, 2012
Authored by muts

Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.

tags | exploit, remote, web, local, root, file inclusion
advisories | CVE-2012-0297
SHA-256 | 1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66
WeBid converter.php Remote PHP Code Injection
Posted May 25, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | OSVDB-73609
SHA-256 | 80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05
RabidHamster R4 Log Entry sprintf() Buffer Overflow
Posted May 25, 2012
Authored by Luigi Auriemma, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.

tags | exploit, web, overflow, arbitrary, code execution
advisories | OSVDB-79007
SHA-256 | 9bd2fe133907afe8dae3b0872be07135e15c6152fbb081eaf7b8fefe328ad0a3
ResEdit 1.5.11-win32 Buffer Overflow
Posted May 25, 2012
Authored by Walied Assar

ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.

tags | exploit, denial of service, overflow, proof of concept
systems | linux, windows
SHA-256 | b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfede
DornCMS 1.4 (add_page.php) Arbitrary File Upload
Posted May 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
SHA-256 | d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read
Posted May 25, 2012
Authored by Filippo Cavallarin

LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, xss, sql injection
SHA-256 | 20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1
Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2012-2435, CVE-2012-2436
SHA-256 | a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63
pragmaMx 1.12.1 Cross Site Scripting
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2452
SHA-256 | cff5f8ae37aa417115fc3dcd726341dfa6ed0e74700583b162c5da31739d0fdb
DynPage 1.0 Cross Site Request Forgery / Shell Upload
Posted May 25, 2012
Authored by KedAns-Dz

DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
SHA-256 | 37621a0070cbaef6aa5d4f64bb886aef4c1af19162680673b6c79897100c5b03
Social Engine 4.2.2 Cross Site Request Forgery / Cross Site Scripting
Posted May 24, 2012
Authored by Tiago Natel de Moura

Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2216
SHA-256 | 0fa6f5de7bdbe3290ed0ede01f2bace1adff3a4674976586858e62e0e8ba2d18
Wireshark DIAMETER Denial Of Service
Posted May 24, 2012
Authored by Wireshark

Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability.

tags | exploit, denial of service
systems | linux
SHA-256 | e6f77a65be835da3e603a103f2c0bcabc8223ab38cfca9aa785e589fc21ac947
Wireshark Dissector Denial Of Service
Posted May 24, 2012
Authored by Laurent Butti

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | linux
SHA-256 | e3de518339a43d0a5f512990af923fedfb53c8e45b810e538dc48e45374c8f12
Wireshark Misaligned Memory Denial Of Service
Posted May 24, 2012
Authored by Klaus Heckelmann

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability.

tags | exploit, denial of service
systems | linux
advisories | CVE-2012-2394
SHA-256 | 6f40723d1c25a14ace173c31accd9416895fc2c1be2de9994389ad008ea69ad4
Jaow 2.4.5 Blind SQL Injection
Posted May 24, 2012
Authored by kallimero

Jaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 17bcc9a70dabb36b21745a5acce3fd83ccd2bda58d99ebddf8329eeee0b55a99
bsnes 0.87 Denial Of Service
Posted May 24, 2012
Authored by Pr0T3cT10n

bsnes version 0.87 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 27d8383734f9c7ed9fc5d3b879938acc56c7b08d1cdc6b9cc4f08bae17606375
Page 2 of 10
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close