what you don't know can hurt you
Showing 1 - 25 of 102 RSS Feed

Files Date: 2009-04-14

PowerCHM 5.7 Stack Overflow
Posted Apr 14, 2009
Authored by SuB-ZeRo | Site dz-security.com

PowerCHM version 5.7 long URL local stack overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
MD5 | 5d66ed34deb6d5906ea53e63dbe0c5de
MonGoose 2.4 Directory Traversal
Posted Apr 14, 2009
Authored by e.wiZz!

MonGoose version 2.4 suffers from a remote directory traversal vulnerability.

tags | exploit, remote, file inclusion
MD5 | 8bbe9f8a485485f76a57e00a720bcbd2
W2B phpEmployment File Disclosure
Posted Apr 14, 2009
Authored by Cyb3r-1sT

W2B phpEmployment suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 285d5cd529f2a0e5087a62cadb355513
RQMS 1.2.2 SQL Injection
Posted Apr 14, 2009
Authored by Dimi4

RQMS versions 1.2.2 and below suffer from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 2512537b63bb34cdb88518f27627b67f
AbleSpace 1.0 SQL Injection
Posted Apr 14, 2009
Site dsecrg.com

AbleSpace version 1.0 suffers from multiple remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 888a6be8b69bf8158e6026ca1784f35e
BugCON Security Conference 2009 Call For Papers
Posted Apr 14, 2009
Site bugcon.org

Call For Papers for the 2009 BugCON Security Conference that will be held in Mexico City from June 24th through the 26th.

tags | paper, conference
MD5 | dcaea161b0da99e184ad17eea9cb7ba9
Security Evaluation Of NanoCMS
Posted Apr 14, 2009
Authored by Justin C. Klein Keane

This is a security evaluation of NanoCMS version 0.4_final. It suffers from credential leakage, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 04f5d9f6826fa2f63053d6c7c82989ed
PHP-Revista RFI / XSS / SQL Injection
Posted Apr 14, 2009
Authored by Sirdarckcat | Site sirdarckcat.net

PHP-Revista suffers from remote file inclusion, cross site scripting, credential bypass, and SQL injection vulnerabilities. Better put, it probably is not a healthy idea to use this software.

tags | exploit, remote, php, vulnerability, code execution, xss, sql injection, bypass, file inclusion
MD5 | 0a0f61dbcbc48d6eb02c3e1eaf8c01d1
PGP Desktop Pgpdisk.sys / Pgpwded.sys Vulnerabilities
Posted Apr 14, 2009
Authored by Nikita Tarakanov | Site securitylab.ru

Positive Technologies Research Team has discovered several vulnerabilities in PGP Desktop version 9.9.0 build 397.The IOCTL handler in pgpdisk.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. The IOCTL handler in pgpwded.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system or execute arbitrary code with SYSTEM privileges.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2009-0681
MD5 | c99eaa2efe6e0fd5e45eeb593c7cc1c2
Using ShoutBoxes To Control Malicious Software
Posted Apr 14, 2009
Authored by Feathers McGraw

Whitepaper called Using "ShoutBoxes" to control malicious software.

tags | paper, worm
MD5 | 551ed6acbcc96e5e1cda2bfd514bbbeb
Hacker Space Fest 2009
Posted Apr 14, 2009
Site hackerspace.net

Call for Proposals - Hacker Space Fest 2009 will be taking place in Paris, France on June 26th through June 30th of 2009.

tags | paper, conference
MD5 | 462fb252c3055211f9fbd8712235efb9
EFIPW Apple EFI Firmware Password Changer
Posted Apr 14, 2009
Authored by Paul Makowski | Site code.google.com

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post install item) and pen tests (recovering the EFI firmware password).

tags | tool
systems | unix, apple
MD5 | 21339e503127e707823dcd7a798ea51c
Mandriva Linux Security Advisory 2009-091
Posted Apr 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-091 - Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, arbitrary, perl, xss
systems | linux, mandriva
advisories | CVE-2009-0796
MD5 | f8fc59150408fc1793b434e45eac1b4e
Process Hacker - Source Release
Posted Apr 14, 2009
Site processhacker.sourceforge.net

Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the source distribution.

tags | kernel, local
MD5 | 7cd5420d1ea764c8cb142aa8d9e13e71
Process Hacker - Binary Release
Posted Apr 14, 2009
Site processhacker.sourceforge.net

Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the binary distribution.

tags | kernel, local
MD5 | 647386cf5b0f73c8910f293dddaaaae6
e107 User Journals Menu SQL Injection
Posted Apr 14, 2009
Authored by boom3rang | Site khq-crew.ws

The userjournals_menu plugin for e107 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 61ada114cf5838e09b7928de4954d508
X10Media MP3 Search Engine Admin Access
Posted Apr 14, 2009
Authored by THUNDER

X10Media MP3 Search Engine version 1.x suffer from an administrative access vulnerability.

tags | exploit, add administrator
MD5 | a65712ce8f1c9f11cfedeedccbad6c8a
Shadow Stream Recorder Overflow
Posted Apr 14, 2009
Authored by AlpHaNiX

Shadow Stream Recorder universal stack overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
MD5 | eedcad6215ca48a0da3c15964204293e
HTML Email Creator 2.1b668 Overwrite
Posted Apr 14, 2009
Authored by dun

HTML Email Creator versions 2.1b668 and below local SEH overwrite exploit.

tags | exploit, local
MD5 | e6adee73c13f55b2a3fd5edbea6260cb
Aqua CMS SQL Injection
Posted Apr 14, 2009
Authored by halkfild

Aqua CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6c4dc6aeae26c86084586b6379f6000e
GuestCal 2.1 Local File Inclusion
Posted Apr 14, 2009
Authored by SirGod | Site insecurity.ro

GuestCal version 2.1 suffers from a local file inclusion in index.php.

tags | exploit, local, php, file inclusion
MD5 | 9232c16b28f847e756397fb7fd8d768f
BulletProof FTP Client 2009 Overflow
Posted Apr 14, 2009
Authored by His0k4

BulletProof FTP client version 2009 .bps buffer overflow exploit.

tags | exploit, overflow
MD5 | 15e1030f58ddb4d5fe17dcfd19dca590
Steamcast Buffer Overflow
Posted Apr 14, 2009
Authored by His0k4

Steamcast HTTP request remote buffer overflow exploit with add user shellcode.

tags | exploit, remote, web, overflow, shellcode
MD5 | b8f24d891beea7fa1d0dbf10562bf93f
Steamcast Buffer Overflow
Posted Apr 14, 2009
Authored by His0k4

Steamcast HTTP request remote buffer overflow exploit.

tags | exploit, remote, web, overflow
MD5 | db60cdf5d0a23e589ed73e8aa477416a
HP Deskjet 6800 Cross Site Scripting
Posted Apr 14, 2009
Authored by mcyr2

The HP Deskjet 6800 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5db5fd9b119f085382a60832136c149c
Page 1 of 5
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close