what you don't know can hurt you
Showing 1 - 25 of 39 RSS Feed

Files Date: 2008-12-22

I-Rater Basic SQL Injection
Posted Dec 22, 2008
Authored by boom3rang | Site khq-crew.ws

I-Rater Basic suffers from a remote SQL injection vulnerability in messages.php.

tags | exploit, remote, php, sql injection
MD5 | 2127c9a3f72ee3358378cbe6236eae0f
Injader CMS SQL Injection
Posted Dec 22, 2008
Authored by fuzion

Injader CMS versions 2.1.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d0d198c4b31d2b0a789f6a2d7d97c547
Calendar Script 1.1 Insecure Cookie Handling
Posted Dec 22, 2008
Authored by Osirys | Site y-osirys.com

Calendar Script version 1.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | fb8c3abf15a2e5dccb1a9a9bc8245bd0
Apache Tomcat Information Disclosure
Posted Dec 22, 2008
Authored by Mark Thomas | Site tomcat.apache.org

This vulnerability was originally reported to the Apache Software Foundation as a Tomcat vulnerability. Investigations quickly identified that the root cause was an issue with the UTF-8 charset implementation within the JVM. The issue existed in multiple JVMs including current versions from Sun, HP, IBM, Apple and Apache. It was decided to continue to report this as a Tomcat vulnerability until such time as the JVM vendors had released fixed versions.

tags | advisory, root
systems | apple
advisories | CVE-2008-2938
MD5 | aac09978d0e33c9dcb8891b44f5a8f8b
2532|Gigs 1.2.2 Stable Command Execution Exploit
Posted Dec 22, 2008
Authored by StAkeR

2532|Gigs version 1.2.2 Stable remote command execution exploit.

tags | exploit, remote
MD5 | 705528fc7bd50444fdf1a00821d27821
2532|Gigs 1.2.2 Stable Login Bypass
Posted Dec 22, 2008
Authored by StAkeR

2532|Gigs version 1.2.2 Stable suffers from a remote login bypass vulnerability.

tags | exploit, remote, bypass
MD5 | eeb02e0bc20c18969dc8fbdca3a758f9
2532|Gigs 1.2 Stable LFI / File Upload Vulnerabilities
Posted Dec 22, 2008
Authored by Osirys | Site y-osirys.com

2532|Gigs version 1.2 Stable suffers from file upload and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, file upload
MD5 | e6f250da5f3e9b77074f6a07baf0c303
Wordpress 2.7 Password Hash Cracker
Posted Dec 22, 2008
Authored by julioisaias

Wordpress version 2.7 password hash attack tool.

tags | cracker
MD5 | e5b287c272a8e92b08637045ebfe7cba
E-Smart Cart File Upload
Posted Dec 22, 2008
Authored by ZoRLu

E-Smart Cart suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 9d54234f343eeb9ab6c0a623e383f0bf
E-Learning Portal File Upload
Posted Dec 22, 2008
Authored by ZoRLu

E-Learning Portal suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | f1c9bb33c503fe502f8d68d85b06d4ad
Sun Solaris NULL Pointer
Posted Dec 22, 2008
Authored by Tobias Klein | Site trapkit.de

Sun Solaris suffers from a SIOCGTUNPARAM IOCTL kernel null pointer vulnerability.

tags | advisory, kernel
systems | solaris
MD5 | 430f2aa535b8d9102e09f85f2105c3db
EasySiteNetwork SQL Injection
Posted Dec 22, 2008
Authored by Ehsan_Hp200

EasySiteNetwork suffers from a remote SQL injection vulnerability in joke.php.

tags | exploit, remote, php, sql injection
MD5 | cdd5b9646a6e03460aab84100208c159
JASniff Packet Sniffer
Posted Dec 22, 2008
Authored by Jerome Athias

JASniff is a small handy graphical Windows TCP/UDP/ICMP packet sniffer. This tool will be embedded in the MSF-XB exploits development platform soon.Full source and a binary is included.

tags | tool, udp, sniffer, tcp
systems | windows
MD5 | defeec8052efd7f78098673415890f2c
Mini File Host File Upload Vulnerability
Posted Dec 22, 2008
Authored by Pouya Server

Mini File Host version 1.x suffers an arbitrary php file upload vulnerability.

tags | exploit, arbitrary, php, file upload
MD5 | 41d38709ac4d0c025dce71e01f2fc64f
QuickerSite Easy CMS Database Disclosure
Posted Dec 22, 2008
Authored by AlpHaNiX | Site offensivetrack.org

QuickerSite Easy CMS suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | c1fabb7516b26b72d10b403e1ec90361
TinyMCE 2.0.1 SQL Injection
Posted Dec 22, 2008
Authored by AnGeL25dZ

TinyMCE version 2.0.1 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
MD5 | e97897d8f6bc51f19f00549ca3806a8e
Joomla Tech Article SQL Injection
Posted Dec 22, 2008
Authored by Cyb3r-1sT

The Joomla Tech Article component version 1.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 26238e78a8103c48f0a246db7141c86e
Samhain File Integrity Checker 2.5.1
Posted Dec 22, 2008
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | b6c4b1302b66e0727b383d855b346938
Lizardware CMS 0.6.0 Blind SQL Injection
Posted Dec 22, 2008
Authored by StAkeR

Lizardware CMS versions 0.6.0 and below blind SQL injection exploit.

tags | exploit, sql injection
MD5 | 7a88cd648e57ab1eefb502c6ffe070c5
r.cms 2 SQL Injection
Posted Dec 22, 2008
Authored by Lidloses_Auge

r.cms version 2 suffers from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 92dec9d4f4f1b9fea21f066a258c5b88
SQLMAP - Automatic SQL Injection Tool
Posted Dec 22, 2008
Authored by Bernardo Damele, Daniele Bellucci | Site sqlmap.sourceforge.net

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.

Changes: Multiple major bug fixes and a handful of minor fixes.
tags | web, vulnerability, sql injection, python
systems | unix
MD5 | 3528f77794e8d2081900f4c9c124ea1a
Mandriva Linux Security Advisory 2008-245
Posted Dec 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-245 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
MD5 | 758d2228d1ecf51110a7ff874f947b54
Ubuntu Security Notice 695-1
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-695-1 - Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
MD5 | f4d152c7573170c063a6d8ee072c1c23
Ubuntu Security Notice 694-1
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-694-1 - It was discovered that libvirt did not mark certain operations as read-only. A local attacker may be able to perform privileged actions such as migrating virtual machines, adjusting autostart flags, or accessing privileged data in the virtual machine memory and disks.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2008-5086
MD5 | 4b67a53fd63dc845757118e06acdc13c
Ubuntu Security Notice 690-3
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-690-3 - Several flaws were discovered in the firefox browser engine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5511, CVE-2008-5512
MD5 | 581e105f4b279a3d9cb91e97a3ac16f7
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close