ignore security and it'll go away
Showing 1 - 25 of 1,007 RSS Feed

Files Date: 2009-01-01 to 2009-01-31

eVision CMS 2.0 SQL Injection
Posted Jan 30, 2009
Authored by darkjoker | Site darkjokerside.altervista.org

eVision CMS versions 2.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8c7d53b57111535b4c8bd4dd3ec6089b
Spider Player 2.3.9.5 Crash
Posted Jan 30, 2009
Authored by H-T Team | Site no-hack.fr

Spider Player version 2.3.9.5 off-by-one crash exploit that creates a malicious .asx file.

tags | exploit, denial of service
MD5 | c3e7e35f2fc931e6655d15f853e22ebc
Orca 2.0.2 Cross Site Scripting
Posted Jan 30, 2009
Authored by J-Hacker

Orca version 2.0.2 suffers from a remote cross site scripting vulnerability.

tags | exploit, remote, xss
MD5 | 1e711502a37e8e725b7fc355c8426a2d
SkaLinks 1.5 SQL Injection
Posted Jan 30, 2009
Authored by Dimi4

SkaLinks version 1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | ee529237a1d0640c3d37d78b11a1c33b
BPAutoSales 1.0.1 SQL Injection / XSS
Posted Jan 30, 2009
Authored by XORON

BPAutoSales version 1.0.1 suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 67f21253d4f84229ebf1ec079e2bf486
ReVou Twitter Clone XSS / SQL Injection
Posted Jan 30, 2009
Authored by nuclear

ReVou Micro Blogging suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 42b3ef7131af09543901cced672b33f3
Chrome chromehtml: Code Execution
Posted Jan 30, 2009
Authored by Janek Vind aka waraxe | Site waraxe.us

Updated version of the Google Chrome chromehtml: code execution vulnerability that demonstrates disabling of the sandbox. Version 1.0.154.46 is affected.

tags | exploit, code execution
MD5 | 4770d42cc22cb22e1421be952380ac92
Enomaly ECP/Enomalism Insecure File Creation
Posted Jan 30, 2009
Authored by Sam Johnston

Enomaly ECP/Enomalism versions prior to 2.1.1 use temporary files in an insecure manner, allowing for symlink and command injection attacks.

tags | exploit
advisories | CVE-2008-4990
MD5 | a737bdd340609b1aa09bfc6f0bef51e6
ProCheckUp Security Advisory 2008.23
Posted Jan 30, 2009
Authored by ProCheckUp, Richard Brain | Site procheckup.com

Novell GroupWise WebAccess suffers from a cross site scripting vulnerability. Version 7.0.3 is affected.

tags | advisory, xss
advisories | CVE-2009-0273
MD5 | e5352e50926bf015021888aa7deaa6ec
ProCheckUp Security Advisory 2008.22
Posted Jan 30, 2009
Authored by ProCheckUp, Jan Fry | Site procheckup.com

Novell GroupWise WebAccess suffers from a cross site scripting vulnerability. Version 7.0.3 is affected.

tags | advisory, xss
advisories | CVE-2009-0273
MD5 | 54b28486601b1813a2a4a5ae93b740a0
ProCheckUp Security Advisory 2008.21
Posted Jan 30, 2009
Authored by Adrian Pastor, ProCheckUp | Site procheckup.com

Novell GroupWise WebAccess suffers from a cross site request forgery vulnerability. Version 7.0.3 is affected.

tags | advisory, csrf
advisories | CVE-2009-0272
MD5 | 36021a698fba0b3f1a56c6106ece864e
Bugs Online 2.14 SQL Injection
Posted Jan 30, 2009
Authored by IRCRASH | Site ircrash.com

Bugs Online version 2.14 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b8f713a4214348dddc7c893c6be9b6ca
SalesCart SQL Injection
Posted Jan 30, 2009
Authored by ByALBAYX | Site c4team.org

SalesCart suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 5fccc3fc50f341d82ab28da84f93cc98
Synactic ALL_IN_THE_BOX File Overwrite
Posted Jan 30, 2009
Site dsecrg.com

The Synactis ALL_IN_THE_BOX Active-X control version 3 can be used to overwrite any file on the target system.

tags | exploit, activex
MD5 | 9afe6894b1963fa333698dca82c26d27
RFIDIOt 0.1w Released
Posted Jan 30, 2009
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: Various fixes to mrpkey.py and the new jcoptool.py.
tags | tool, python, wireless
MD5 | 407d5bfb3f17c192f427c875eba30ea9
OpenX Security Advisory - XSS / SQL Injection / Directory Traversal
Posted Jan 30, 2009
Authored by Matteo Beccati | Site openx.org

OpenX versions 2.4.9 and below and versions 2.6.3 and below suffer from cross site scripting, SQL injection, and directory traversal vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
advisories | CVE-2009-0291
MD5 | 37ebfa658364aa9192a949f7bac1cbcd
Ubuntu Security Notice 716-1
Posted Jan 30, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-716-1 - Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. Fernando Quintero discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. It was discovered that MoinMoin did not properly sanitize its input when processing user forms, editing pages, relaying error messages, or when attaching files.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2008-0780, CVE-2008-0781, CVE-2008-0782, CVE-2008-1098, CVE-2008-1099, CVE-2009-0260, CVE-2009-0312
MD5 | 8e2e153fc41006e77dd43d6c509760a0
Amaya Web Editor 11 SEH Overwrite Exploit
Posted Jan 30, 2009
Authored by LiquidWorm | Site zeroscience.mk

Remote SEH overwrite exploit for the Amaya Web Editor version 11.

tags | exploit, remote, web
MD5 | 79e19afd11fb10ec7dcf2e031de3c092
Ubuntu Security Notice 715-1
Posted Jan 30, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-715-1 - Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. It was discovered that the inotify subsystem contained watch removal race conditions. Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. Helge Deller discovered that PA-RISC stack unwinding was not handled correctly. It was discovered that the ATA subsystem did not correctly set timeouts. It was discovered that the ib700 watchdog timer did not correctly check buffer sizes.

tags | advisory, risc
systems | linux, ubuntu
advisories | CVE-2008-5079, CVE-2008-5182, CVE-2008-5300, CVE-2008-5395, CVE-2008-5700, CVE-2008-5702
MD5 | e1cedaf7b7dc9ff892d62460ca1a7769
phpassbrute.py.txt
Posted Jan 30, 2009
Authored by thebug | Site ulissescastro.wordpress.com

PHPass hash brute forcer. This cracker works against any hash created by this framework to encrypt and store hashed passwords. Such projects that use it include Wordpress, Drupal, bbPress, phpBB3, and many others.

tags | cracker
MD5 | 23137b823df4f6d7744bc40a97d173b9
Debian Linux Security Advisory 1704-2
Posted Jan 30, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1704-2 - The update in DSA 1704-1 was incomplete as it missed to escape a few important characters which enabled an attacker to overwrite arbitrary files.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-5718
MD5 | 622e3c98b68a1c0f161184aaa4a2378d
PerlSoft Gastebuch 1.7b Code Execution
Posted Jan 30, 2009
Authored by Perforin

PerlSoft Gastebuch version 1.7b bruteforcer and remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 47c2b8013be89664265730b5badd0153
Beltane Web-Based Management For Samhain
Posted Jan 30, 2009
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Bug fixes.
tags | tool, web, intrusion detection
systems | unix
MD5 | fb3b0c2c71bc88a546fd8d3b33ba58bd
Zoom VoIP Phone Adapter XSRF Exploit
Posted Jan 30, 2009
Authored by Michael Brooks

Cross site request forgery exploit for the Zoom VoIP Phone Adapter ATA1+1.

tags | exploit, csrf
MD5 | 52b6a55f494de461e310428068e50b37
D-Link VoIP Phone Adapter XSRF / XSS
Posted Jan 30, 2009
Authored by Michael Brooks

The D-Link VoIP Phone Adapter suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f0b88a1f7c24b11bce6007dd3272ed2f
Page 1 of 41
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close