what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2007-06-15

SQLMAP - Automatic SQL Injection Tool
Posted Jun 15, 2007
Authored by Bernardo Damele, Daniele Bellucci | Site sqlmap.org

sqlmap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of this project is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

tags | remote, web, vulnerability, sql injection, python
systems | unix
SHA-256 | 79a390525330bfc0ba75ff322b46363ad822b19c9fe144aaa840869108e5a04a
BTP00000P006KA.zip
Posted Jun 15, 2007
Site matousec.com

Demonstration code that shows how Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.

tags | exploit
SHA-256 | 6d0d1ca3bc484c7a00854c53eec72c38dd889b5ea5dde97f8401308d0f41498b
kaspersky-is6.txt
Posted Jun 15, 2007
Site matousec.com

Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.

tags | advisory
SHA-256 | 88baa51895098a119b253129abb370e0e3855658a1194e120b3e2226fededcb1
phphtml-rfi.txt
Posted Jun 15, 2007
Authored by o0xxdark0o

PHP::HTML version 0.6.4 suffers from a remote file inclusion vulnerability in phphtml.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | bc5775c33dc42ad7966b0eac2926ab62d2be3de0be562f4f6544aa6739c9fa62
sitellitecms-rfi.txt
Posted Jun 15, 2007
Authored by o0xxdark0o

Sitellite CMS versions 4.2.12 and below suffer from a remote file inclusion vulnerability in 559668.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 4ed906fecdcc37bc301b71c285a269be7270b242f3c771741ffd39d6a68690d9
win32-124.txt
Posted Jun 15, 2007
Authored by Kevin Devine

124 byte win32 download and execute shellcode.

tags | shellcode
systems | windows
SHA-256 | aab5d5a52b27af1060146907b74ed8f440ebb56779c5e3714747edb53d0f0c71
php-file-upload.pdf
Posted Jun 15, 2007
Authored by Alla Bezroutchko | Site scanit.be

Whitepaper discussing secure file upload in PHP web applications.

tags | paper, web, php, file upload
SHA-256 | c2f310516a6d4d5db4170ff162f315419894a825ccc044c82abbc2e20b2cdee4
popnupblog.txt
Posted Jun 15, 2007
Authored by FiSh

The XOOPS module PopnupBlog suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 0c8cf5e73633bb3313c3bda90a4aae5f5bbbf02bb6f2313543a48b54d8bd8712
cjay-rfi.txt
Posted Jun 15, 2007
Authored by FiSh

XOOPS module Cjay Content 3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | be91a68f2bca327c5710bbb46b15837b44afbb7c2ae04b0cb24633e5edb1ab23
xtconteudo-rfi.txt
Posted Jun 15, 2007
Authored by FiSh

XOOPS module XT-Conteudo suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | ca3e69c1caa3fa4f7548c808fbc152507df4fc799a8c3016ad96878d5e8b276a
gis-mdb.txt
Posted Jun 15, 2007
Authored by Hasadya Raed

Guardian Information Systems suffer from a direct database download vulnerability.

tags | exploit
SHA-256 | 648ad3011ba8b8861ae69163a15b70ad4c3e6c4beb317a14816148af3d9d863f
shnew31-rfi.txt
Posted Jun 15, 2007
Authored by Hasadya Raed

SH-News version 3.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 18ce6bb58baff871d11864a166cea3612927a8431a3d8ce2f22a6986ce3b337f
Mandriva Linux Security Advisory 2007.125
Posted Jun 15, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2007-2873
SHA-256 | 51a5fdeaf6c02118794caa0acc1dd810f18dbb0fb0675dc53164d334f034c39a
elxis-sql.txt
Posted Jun 15, 2007
Authored by Nico Leidecker

Elxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.

tags | advisory, sql injection
SHA-256 | d53eb6928d0f75544d96921f1a3054e4b17885be06a5ee60f367852f79e0e232
TISA2007-01.txt
Posted Jun 15, 2007
Authored by Maldin d.o.o | Site teamintell.com

TeamIntell has reported a vulnerability in the Letterman Subscriber Module (mod_letterman) for Joomla! CMS which can be exploited by malicious people to conduct script insertion attacks. Version 1.2.4-RC1 is reported vulnerable. Other versions may be susceptible as well.

tags | exploit
SHA-256 | cafb25669a06fbe805a64225e3da0e3d5d5b123773f8fba826c5c04d5f674547
iDEFENSE Security Advisory 2007-06-14.1
Posted Jun 15, 2007
Authored by iDefense Labs, Rajat Swarup | Site idefense.com

iDefense Security Advisory 06.14.07 - Remote exploitation of an input validation vulnerability in Apache Software Foundation's MyFaces Tomahawk JSF framework could allow an attacker to perform a cross-site scripting (XSS) attack. The code responsible for parsing HTTP requests is vulnerable to an XSS vulnerability. When parsing the 'autoscroll' parameter from a POST or GET request, the value of this variable is directly inserted into JavaScript that is sent back to the client. This allows an attacker to run arbitrary JavaScript in the context of the affected domain of the MyFaces application being targeted. iDefense has confirmed the existence of this vulnerability in MyFaces Tomahawk version 1.1.5. Previous versions may also be affected.

tags | advisory, remote, web, arbitrary, javascript, xss
advisories | CVE-2007-3101
SHA-256 | 244283775e3ba1442966782ad515ee3b4e94173b27931fb11f8a1cb4f498d173
Debian Linux Security Advisory 1308-1
Posted Jun 15, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1308-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871
SHA-256 | d0351618063473adc3c0fb3a3bec7f4695f33cf5c58e5d2ea61ac013924a3fee
CVE-2007-2450.txt
Posted Jun 15, 2007
Site tomcat.apache.org

Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in the Host Manager Application.

tags | advisory, xss
advisories | CVE-2007-2450
SHA-256 | 0cf8c43036f2c7837ce86bba5bc54b9dea03e8669966df6441046992fbb203b0
CVE-2007-2449.txt
Posted Jun 15, 2007
Site tomcat.apache.org

Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.

tags | exploit, xss
advisories | CVE-2007-2449
SHA-256 | a6c3ae6ce4360fc4d056e2d6c0d8f910d71d7afb1587a7db9a0a2d4f30cc120a
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close