exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2009-02-26

BannerManager 0.81 SQL Injection
Posted Feb 26, 2009
Authored by rootzig

BannerManager version 0.81 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | aea6aa4dbb8994ea8477bf08ddab55051770c51d15f5af0d6918a996054dab87
Drupal Taxonomy Theme Cross Site Scripting
Posted Feb 26, 2009
Authored by Justin C. Klein Keane

The Drupal Taxonomy Theme version 5.x-1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 910abd62192a62f24e88bd8e0a24cfaaf8cb8214622ef3b378fdbaa2fffeb0a0
B2C StoreBuilder Designer 2.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

B2C StoreBuilder Designer version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | fa51b4993bde6586ddefb27d30d2cd895ad052d6a9e1abee9c1f110fa42f1964
C2C Reverse Auction Creator 2.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

C2C Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 26c54383f3359cebee5e2a313b183a67c9c3492997e2950912c749a5d0eb6e88
Great Shop Creator SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

Great Shop Creator suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6de3dc3153d6f24cdc6ecf4a7979b0c6593849cd36cde3061b7abe03eeafc077
B2B Reverse Auction Creator 2.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

B2B Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | c9558805f2dd77dba028f5f7daaa98860b465cbfb2edcc949b959c0bd7674d9d
B2B Forward Auction Creator 2.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

B2B Forward Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 4b22cd31fed84cc02f65397e8d44416253922aeb8e0be99aa45ea61a76764129
B2B Horizontal Marketplace Creator 2.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

B2B Horizontal Marketplace Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 4c9c43857cd8efdf4b5f9c0984291c17ab0ca9db33e62441a170cf4fd1e7a6e5
Webstore Creator 5.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

Webstore Creator version 5.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 2725201b30dbf4082166f382ee2431a341093a1ed963482217f7be8b26e1c2ce
Shop Creator 4.0 SQL Injection
Posted Feb 26, 2009
Authored by Pouya Server

Shop Creator version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 8058e49c016031a8374c47e76138711ac489a9f67b3e9de6aae19fbb385366d5
APC PowerChute Network Shutdown XSS
Posted Feb 26, 2009
Site dsecrg.com

The APC PowerChute Network Shutdown's web interface suffers from http response splitting and cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | 0fe9b1c32be53fbaec5ec4b23eed1349673ecc3e1904b1eaa4ab65dae5480510
BitDefender Cross Site Scripting
Posted Feb 26, 2009
Authored by Juan Pablo Lopez Yacubian

BitDefender Internet Security 2009 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cbc5a5ad08caad0126f74533bccd87cddb09e4964c446d6f9c7869926c30f560
Coppermine Photo Gallery 1.4.20 Privilege Escalation
Posted Feb 26, 2009
Authored by Inphex

Coppermine Photo Gallery versions 1.4.20 and below privilege escalation exploit.

tags | exploit
SHA-256 | 664c5dbfa4fa3bb018a571cf6aa4af6da853a09391cc118249632075e558ea51
RFIDIOt Python Library (Windows Version)
Posted Feb 26, 2009
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r). This is the Windows version.

Changes: pn532emulate.py and pn532mitm.py have been added.
tags | tool, python, wireless
systems | windows
SHA-256 | f022497c909f2ecac7423f7e947e171efec4ffa07a298f4c3eddecf1e1e2cb43
RFIDIOt Python Library For RFID Readers
Posted Feb 26, 2009
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: pn532emulate.py and pn532mitm.py have been added.
tags | tool, python, wireless
SHA-256 | 2f24e716a3537b25670060337942d8a338ff5a70db034af44bd55233278f4d96
HP Security Bulletin HPSBGN02410 SSRT080135
Posted Feb 26, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Virtual Rooms client running on Windows. The vulnerability could be exploited to allow remote execution of arbitrary code.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2009-0208
SHA-256 | 979deb610b559b21b38e2f1d0a764abeda421ae76be77098a02df1d85d2d96a5
Coppermine Photo Gallery 1.4.20 Privilege Escalation
Posted Feb 26, 2009
Authored by StAkeR

Coppermine Photo Gallery versions 1.4.20 and below suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 739ecd858f579860104ca119c8d8c4fc99f31707ac5a0d4f398f0440af9cc82c
Ubuntu Security Notice 724-1
Posted Feb 26, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-724-1 - Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service (assertion failure).

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2009-0478
SHA-256 | 17db4ecbf1f662f3b953bbbe5fc7c8cca2d92354678e2c89d0dc93dba754e149
Parasitic Approach To Cracking WPA Passwords
Posted Feb 26, 2009
Authored by Michal Rogala | Site michalrogala.com

This whitepaper describes a new technique for generating large WPA-PSK tables to be used for cracking wireless networks. The concept involves injecting malicious Javascript code to a large websites and forcing user browsers to fetch data from attacker's server, compute PBKDF2 hash and send it back. In some conditions this can lead to creation of a large, parasitic, distributed network used for effective hash computing.

tags | paper, javascript
SHA-256 | 99ac0d2cf309c8a7602c8208cff58c080f4c970d27b9330ea7289fcbb966d844
DesignerfreeSolutions Newsletter Manager SQL Injection
Posted Feb 26, 2009
Authored by ByALBAYX | Site c4team.org

DesignerfreeSolutions Newsletter Manager Pro suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e4723a76542ee109cb1e2f7517e975257e8b71b0ee468dd3957e3d26cce42ca1
Mandriva Linux Security Advisory 2009-026
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-026-1 - phpMyAdmin suffered from cross site scripting, cross site request forgery, and SQL injection vulnerabilities. This update provide the fix for these security issues. The previous update packages wasn't signed, this time they are.

tags | advisory, vulnerability, xss, sql injection, csrf
systems | linux, mandriva
advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
SHA-256 | cb03b4a7f45f173639487a0d4ba5713cd6777f5c6fad1c3fcf62282aa78368ca
Mandriva Linux Security Advisory 2009-057
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-057 - Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE is including this issue because execution of a program from an untrusted directory is a common scenario. The updated packages have been patched to prevent this.

tags | advisory, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2008-4865
SHA-256 | 84053efc1d16fb6b179a05f51bb8abc2f8d65bdafb3b9bdbbdd207d526c49ccc
Drupal Viewfield Module Cross Site Scripting
Posted Feb 26, 2009
Authored by Justin C. Klein Keane

The Drupal Viewfield module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9267d6616d0fc1302d9d181ec6b74ad8e01e9cabecd66991e29d3020498227ff
Debian Linux Security Advisory 1727-1
Posted Feb 26, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1727-1 - Two SQL injection vulnerabilities have been found in proftpd, a virtual-hosting FTP daemon.

tags | advisory, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2009-0542, CVE-2009-0543
SHA-256 | 47abce559e797db348b4d30522fc51cbae738bb95901abb7c97f0871b5df8ee3
Golabi CMS Remote File Inclusion
Posted Feb 26, 2009
Authored by CrazyAngel | Site crazyangel.ir

Golabi CMS suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 4a8cf76b26d3c596d2e6a349ff1c9c509a40e4132df27d520db5f2b9b43dc755
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close