what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2007-06-15

SQLMAP - Automatic SQL Injection Tool
Posted Jun 15, 2007
Authored by Bernardo Damele, Daniele Bellucci | Site sqlmap.org

sqlmap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of this project is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

tags | remote, web, vulnerability, sql injection, python
systems | unix
SHA-256 | 79a390525330bfc0ba75ff322b46363ad822b19c9fe144aaa840869108e5a04a
BTP00000P006KA.zip
Posted Jun 15, 2007
Site matousec.com

Demonstration code that shows how Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.

tags | exploit
SHA-256 | 6d0d1ca3bc484c7a00854c53eec72c38dd889b5ea5dde97f8401308d0f41498b
kaspersky-is6.txt
Posted Jun 15, 2007
Site matousec.com

Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.

tags | advisory
SHA-256 | 88baa51895098a119b253129abb370e0e3855658a1194e120b3e2226fededcb1
phphtml-rfi.txt
Posted Jun 15, 2007
Authored by o0xxdark0o

PHP::HTML version 0.6.4 suffers from a remote file inclusion vulnerability in phphtml.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | bc5775c33dc42ad7966b0eac2926ab62d2be3de0be562f4f6544aa6739c9fa62
sitellitecms-rfi.txt
Posted Jun 15, 2007
Authored by o0xxdark0o

Sitellite CMS versions 4.2.12 and below suffer from a remote file inclusion vulnerability in 559668.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 4ed906fecdcc37bc301b71c285a269be7270b242f3c771741ffd39d6a68690d9
win32-124.txt
Posted Jun 15, 2007
Authored by Kevin Devine

124 byte win32 download and execute shellcode.

tags | shellcode
systems | windows
SHA-256 | aab5d5a52b27af1060146907b74ed8f440ebb56779c5e3714747edb53d0f0c71
php-file-upload.pdf
Posted Jun 15, 2007
Authored by Alla Bezroutchko | Site scanit.be

Whitepaper discussing secure file upload in PHP web applications.

tags | paper, web, php, file upload
SHA-256 | c2f310516a6d4d5db4170ff162f315419894a825ccc044c82abbc2e20b2cdee4
popnupblog.txt
Posted Jun 15, 2007
Authored by FiSh

The XOOPS module PopnupBlog suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 0c8cf5e73633bb3313c3bda90a4aae5f5bbbf02bb6f2313543a48b54d8bd8712
cjay-rfi.txt
Posted Jun 15, 2007
Authored by FiSh

XOOPS module Cjay Content 3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | be91a68f2bca327c5710bbb46b15837b44afbb7c2ae04b0cb24633e5edb1ab23
xtconteudo-rfi.txt
Posted Jun 15, 2007
Authored by FiSh

XOOPS module XT-Conteudo suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | ca3e69c1caa3fa4f7548c808fbc152507df4fc799a8c3016ad96878d5e8b276a
gis-mdb.txt
Posted Jun 15, 2007
Authored by Hasadya Raed

Guardian Information Systems suffer from a direct database download vulnerability.

tags | exploit
SHA-256 | 648ad3011ba8b8861ae69163a15b70ad4c3e6c4beb317a14816148af3d9d863f
shnew31-rfi.txt
Posted Jun 15, 2007
Authored by Hasadya Raed

SH-News version 3.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 18ce6bb58baff871d11864a166cea3612927a8431a3d8ce2f22a6986ce3b337f
Mandriva Linux Security Advisory 2007.125
Posted Jun 15, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2007-2873
SHA-256 | 51a5fdeaf6c02118794caa0acc1dd810f18dbb0fb0675dc53164d334f034c39a
elxis-sql.txt
Posted Jun 15, 2007
Authored by Nico Leidecker

Elxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.

tags | advisory, sql injection
SHA-256 | d53eb6928d0f75544d96921f1a3054e4b17885be06a5ee60f367852f79e0e232
TISA2007-01.txt
Posted Jun 15, 2007
Authored by Maldin d.o.o | Site teamintell.com

TeamIntell has reported a vulnerability in the Letterman Subscriber Module (mod_letterman) for Joomla! CMS which can be exploited by malicious people to conduct script insertion attacks. Version 1.2.4-RC1 is reported vulnerable. Other versions may be susceptible as well.

tags | exploit
SHA-256 | cafb25669a06fbe805a64225e3da0e3d5d5b123773f8fba826c5c04d5f674547
iDEFENSE Security Advisory 2007-06-14.1
Posted Jun 15, 2007
Authored by iDefense Labs, Rajat Swarup | Site idefense.com

iDefense Security Advisory 06.14.07 - Remote exploitation of an input validation vulnerability in Apache Software Foundation's MyFaces Tomahawk JSF framework could allow an attacker to perform a cross-site scripting (XSS) attack. The code responsible for parsing HTTP requests is vulnerable to an XSS vulnerability. When parsing the 'autoscroll' parameter from a POST or GET request, the value of this variable is directly inserted into JavaScript that is sent back to the client. This allows an attacker to run arbitrary JavaScript in the context of the affected domain of the MyFaces application being targeted. iDefense has confirmed the existence of this vulnerability in MyFaces Tomahawk version 1.1.5. Previous versions may also be affected.

tags | advisory, remote, web, arbitrary, javascript, xss
advisories | CVE-2007-3101
SHA-256 | 244283775e3ba1442966782ad515ee3b4e94173b27931fb11f8a1cb4f498d173
Debian Linux Security Advisory 1308-1
Posted Jun 15, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1308-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871
SHA-256 | d0351618063473adc3c0fb3a3bec7f4695f33cf5c58e5d2ea61ac013924a3fee
CVE-2007-2450.txt
Posted Jun 15, 2007
Site tomcat.apache.org

Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in the Host Manager Application.

tags | advisory, xss
advisories | CVE-2007-2450
SHA-256 | 0cf8c43036f2c7837ce86bba5bc54b9dea03e8669966df6441046992fbb203b0
CVE-2007-2449.txt
Posted Jun 15, 2007
Site tomcat.apache.org

Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.

tags | exploit, xss
advisories | CVE-2007-2449
SHA-256 | a6c3ae6ce4360fc4d056e2d6c0d8f910d71d7afb1587a7db9a0a2d4f30cc120a
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close