exploit the possibilities
Showing 1 - 25 of 59 RSS Feed

Files Date: 2009-01-12

25 dMx READY Products Database Disclosure
Posted Jan 12, 2009
Authored by Cyber-Zone | Site iq-ty.com

25 products from dMx READY all suffer from a remote database disclose vulnerability. Version 1.1 of Testimonials Manager, Site Engine Manager, Secure Login Manager, Secure Document Library, Registration Manager, Portfolio Manager, Polling Booth Manager, Photo Gallery Manager, PayPal Store Manager, Online Contest Manager, News Manager, Member Directory Manager, Mailing List Manager, Account List Manager, Billboard Manager, Catalog Manager, Classified Listings Manager, Contact Us Manager, Document Library Manager, Event Listing Manager, Faqs Manager, Job Listing Manager, Landing Page Manager, and Links Manager are all affected. Members Area Manager version 1.2 is also affected. DMXReady has stated that the following release addresses this security issue.

tags | exploit, remote, info disclosure
MD5 | d8532d6696a79e221a6403b12eabcf82
PWP Wiki Processor 1-5-1 File Upload
Posted Jan 12, 2009
Authored by ahmadbady

PWP Wiki Processor 1-5-1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | 11bfc3d5879e1b9452b97a65293d292e
ExcelOCX 3.2 Insecure Method
Posted Jan 12, 2009
Authored by Alfons Luja

Excel Viewer OCX version 3.2 arbitrary file download and overwrite exploit.

tags | exploit, arbitrary
MD5 | 40abbc7fffb969b21a10e82c09186ca4
Realtor 747 Remote File Inclusion
Posted Jan 12, 2009
Authored by ahmadbady

Realtor 747 version 4.11 suffers from a remote file inclusion vulnerability in define.php.

tags | exploit, remote, php, code execution, file inclusion
MD5 | a8d3fb59717960cd99f03975313c1c4f
Gentoo Linux Security Advisory 200901-8
Posted Jan 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200901-08 - Multiple vulnerabilities have been reported in Online-Bookmarks. Versions less than 0.6.28 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2004-2155, CVE-2006-6358, CVE-2006-6359
MD5 | 538713efa58d36cd6ad649055602b890
Joomla Portfol SQL Injection
Posted Jan 12, 2009
Authored by Valon Kerolli | Site itshqip.com

The Joomla Portfol component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7ac5344211092e9e939e2cd4795eaea2
Debian Linux Security Advisory 1703-1
Posted Jan 12, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1703-1 - It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2009-0025
MD5 | e6b52e6d88ff871884f9174653128e2e
Wordpress WP-Forum 1.7.8 SQL Injection
Posted Jan 12, 2009
Authored by seomafia

Wordpress plugin WP-Forum version 1.7.8 suffers from a remote SQL injection vulnerability in forum_feed.php.

tags | exploit, remote, php, sql injection
MD5 | bdced0a23eb7c15d3993c86b67048a7a
Debian Linux Security Advisory 1702-1
Posted Jan 12, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1702-1 - It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. (Note that cryptographic authentication of time servers is often not enabled in the first place.)

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2009-0021
MD5 | c03ca3e2ed6aaceaf06b12c63296dbcd
Simple Machine Forums Destroyer 0.1
Posted Jan 12, 2009
Authored by Xianur0

Simple Machines Forum Destroyer version 0.1 that performs multiple malicious acts.

tags | cracker
MD5 | 17eb1dad1e8924d4bf06e838934f55ad
Debian Linux Security Advisory 1701-1
Posted Jan 12, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1701-1 - It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077).

tags | advisory
systems | linux, debian
advisories | CVE-2008-5077
MD5 | 2c2856e8c3bdccd320b3934bc2466311
Triologic Media Player 7 Heap Overflow
Posted Jan 12, 2009
Authored by zAx

Proof of concept heap overflow exploit for Triologic Media Player 7 that creates a malicious .m3u file.

tags | exploit, overflow, proof of concept
MD5 | eaff7b4ed3f5a114632e74afe3b13f7f
Whitepaper - Arp Spoofing
Posted Jan 12, 2009
Authored by Affix | Site ihack.co.uk

Short whitepaper discussing the basics of ARP spoofing.

tags | paper, spoof
MD5 | aabb36931cac90312055efa371921d6f
Whitepaper - Short Review Of Modern Vulnerability Research
Posted Jan 12, 2009
Authored by Michal Bucko | Site eleytt.com

Whitepaper entitled Short Review Of Modern Vulnerability Research.

tags | paper
MD5 | 0b0e1071d27aff3a5a20323f2afb9b33
Whitepaper - Anonymous Internet Navigation
Posted Jan 12, 2009
Authored by ProfEsOr X

Whitepaper discussing anonymous navigation of the Internet. Written in Spanish.

tags | paper
MD5 | c7348b2feb3204a606036b2a441f3fb3
Gentoo Linux Security Advisory 200901-7
Posted Jan 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200901-07:02 - Multiple vulnerabilities in MPlayer may lead to the execution of arbitrary code or a Denial of Service. Versions less than 1.0_rc2_p28058-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-3162, CVE-2008-3827, CVE-2008-5616
MD5 | 2bc8c723d1f99decf4739e88f5fd677f
HP Security Bulletin 2007-14.81
Posted Jan 12, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS).

tags | advisory, denial of service
advisories | CVE-2007-4349
MD5 | 21f3a8ab9d04a8b6ea97a67f4f19129c
Ubuntu Security Notice 707-1
Posted Jan 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-707-1 - It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2008-5377
MD5 | 628b1e84457ad8b66d620decdff75631
Photobase 1.2 Local File Inclusion
Posted Jan 12, 2009
Authored by Osirys | Site y-osirys.com

Photobase version 1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b19bfb153765ad5b591e6dee12762708
SyScan 09 Call For Papers
Posted Jan 12, 2009
Site syscan.org

SyScan 09 Call For Papers - The Symposium on Security for Asia Network aims to be a very different security conference from the rest of the security conferences that the information security community in Asia has come to be so familiar and frustrated with. SyScan is a non-product, non-vendor biased security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia. This year SyScan will be held in Singapore, Shanghai, Taipei, and Hong Kong.

tags | paper, conference
MD5 | 1b38c4706112ebffff8d2d24bff29e0f
Visuplay CMS SQL Injection
Posted Jan 12, 2009
Authored by Joseph Giron

Visuplay CMS suffers from a remote SQL injection vulnerability in news_article.php.

tags | exploit, remote, php, sql injection
MD5 | f0457bcea5c6d29a01a5e28820c67b35
Aethra Starvoice SV 1042 Password Extract
Posted Jan 12, 2009
Authored by SmoKe

The Aethra SV 1042 ADSL/VOIP router suffers from a local password retrieval vulnerability.

tags | advisory, local
MD5 | 68c5e59ede2126fd8f470b7eb00813d5
Ovidentia Cross Site Scripting
Posted Jan 12, 2009
Authored by Ivan Sanchez | Site nullcode.com.ar

The Ovidentia portal generator suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 99b6633e0e6b87bccdb947c5ba7f710d
Interspire Shopping Cart Authentication Bypass
Posted Jan 12, 2009
Authored by Truong Van Tri | Site bluemoon.com.vn

Interspire Shopping Cart versions 4.0.1 and below suffer from a remote authentication bypass vulnerability.

tags | advisory, remote, bypass
MD5 | 442047262430c9cd08fc6a8e00e77640
Silentum Uploader 1.4.0 File Deletion
Posted Jan 12, 2009
Authored by Danny Moules | Site push55.co.uk

Silentum Upload version 1.40 remote file deletion exploit.

tags | exploit, remote
MD5 | f6b7e9225828c8d1f91687323dcb4c70
Page 1 of 3
Back123Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    15 Files
  • 30
    Sep 30th
    91 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close