exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 40 of 40

Files from Echo Security

Echo Security Advisory 2005.24

Posted Dec 28, 2005

Authored by Echo Security, Dedi Dwianto | Site echo.or.id

WordPress versions less than 1.5.2 suffer from a full path disclosure vulnerability.

tags | advisory

SHA-256 | 626b96e62c1bbb752059b1d5b069a1c5b3997b53b9a508350b7f65ef793b6b62

Download | Favorite | View

Echo Security Advisory 2005.22

Posted Aug 31, 2005

Authored by y3dips, Echo Security | Site echo.or.id

PunBB 1.2.6 suffers from a script injection flaw in its use of IMG tags.

tags | exploit

SHA-256 | 76a92ae5e6fde10cb9ced424297930667ae0f73758379c6a6d9c3cb5473d861c

Download | Favorite | View

Echo Security Advisory 2005.13

Posted Jul 8, 2005

Authored by Echo Security, Dedi Dwianto | Site echo.or.id

MetaCart e-Shop is susceptible to SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 5b1752bdc31faa1879fd8ae6525e8e6cfcd592f1d37994bb7c3c22ced414591b

Download | Favorite | View

Echo Security Advisory 2005.21

Posted Jun 25, 2005

Authored by Echo Security, the_day | Site theday.echo.or.id

SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | c592a6b683d88e7fa532d3f0a9b9ee2e7214b8eb24a5a2409aa74d042cca2d84

Download | Favorite | View

Echo Security Advisory 2005.19

Posted Jun 23, 2005

Authored by Echo Security, the_day | Site theday.echo.or.id

A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.

tags | exploit, sql injection

SHA-256 | b9a175c9a04f64a3b6e047dd00a5d5013be3da2b677958ed5ae9348960834bb3

Download | Favorite | View

Echo Security Advisory 2005.18

Posted Jun 21, 2005

Authored by Echo Security, Dedi Dwianto | Site echo.or.id

Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.

tags | exploit, vulnerability, sql injection

SHA-256 | 8b1fbfc37efa583b7a759ad77da415d492a4b2b221e716e0c1939c405fa6da1e

Download | Favorite | View

Echo Security Advisory 2005.14

Posted Jun 18, 2005

Authored by Echo Security, Dedi Dwianto | Site theday.echo.or.id

Liberum Help Desk versions greater than 0.97.3 suffer from various cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection

SHA-256 | ae3bd0ffd9766b0ca2785b8a44477de717a158204014b0c3bca4a54a2df68d73

Download | Favorite | View

Echo Security Advisory 2005.10

Posted Jan 26, 2005

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

Exponent CMS version 0.95 is susceptible to full path disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | cba48bf52bb176ac8e8bda738703049a1c0e2915e1885ece04e0b5b76e7fb5a5

Download | Favorite | View

Echo Security Advisory 2004.9

Posted Dec 12, 2004

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

paFileDB 3.1 has a couple vulnerabilities that allow for admin password hash retrieval and full path disclosure.

tags | exploit, vulnerability

SHA-256 | 7941c69e2c5585e3dd631051168d891a80082570eee9864842499d58fad048a2

Download | Favorite | View

Echo Security Advisory 2004.8

Posted Nov 10, 2004

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

JAF CMS is susceptible to path disclosure and directory traversal attacks.

tags | exploit

SHA-256 | 7072af4eb62c08137389015e4f2b4cd7805e59cbb744ba7cd4239a01a4338488

Download | Favorite | View

Echo Security Advisory 2004.7

Posted Oct 7, 2004

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

AJ-Fork version 1.67 is susceptible to path disclosure, directory listing, backup directory access, and other flaws that allow access to database files. Exploitation provided.

tags | exploit

SHA-256 | 8ec6b8d2a7db3b1b263f522b3d69c5e2539d1001dc807514dad9cd3127bed9d8

Download | Favorite | View

Echo Security Advisory 2004.6

Posted Sep 10, 2004

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.

tags | exploit, remote, vulnerability, file inclusion

SHA-256 | 3d4f0cad3bf5909482a41b6cd90458a4c7d884937342ee058bb2ffbf732e9cd2

Download | Favorite | View

Echo Security Advisory 2004.5

Posted Sep 9, 2004

Authored by y3dips, Echo Security | Site echo.or.id

YABBSE 1.5.1 is susceptible to a full path disclosure flaw.

tags | advisory

SHA-256 | 808d9da033aa558f922dc12bcc718aa04988bf14d7ac1d1f17867f1243794e6d

Download | Favorite | View

Echo Security Advisory 2004.4

Posted Aug 19, 2004

Authored by y3dips, Echo Security | Site echo.or.id

PHP-Fusion version 4.00 has a full path disclosure vulnerability and a flaw that allows an attacker to download the database backup file that can be used to gain administrative access.

tags | advisory, php

SHA-256 | fd86bda119a57bd26be037bf969a91bac23833996dd042ce8a6c44eff41ef812

Download | Favorite | View

Echo Security Advisory 2004.3

Posted Aug 5, 2004

Authored by y3dips, Echo Security | Site y3dips.echo.or.id

JetboxOne CMS version 2.0.8 keeps system passwords in an unencrypted state and also has a remote code execution flaw.

tags | advisory, remote, code execution

SHA-256 | b1e5dc4defffff99c27ff9d8f7a58a28058aa20c7886e2691265f0547b90ded7

Download | Favorite | View