exploit the possibilities
Showing 1 - 25 of 53 RSS Feed

Files Date: 2009-07-08

Fuzzgrind Automatic Fuzzing Tool
Posted Jul 8, 2009
Authored by Gabriel Campana | Site security-labs.org

Fuzzgrind is a fully automatic fuzzing tool, generating test files with the purpose of discovering new execution paths likely to trigger bugs and potentially vulnerabilities. It is based on the concept of symbolic execution. Thus, the tool starts from a file considered valid by the software under test, and analyses the execution path to extract any constraints tied to branch instructions followed by this software. By resolving constraints one by one, Fuzzgrind will alter the valid file to explore possible new branches of the software under test, in order to discover new vulnerabilities.

tags | vulnerability, fuzzer
MD5 | d7562677b43cb10b288830b22bf9c423
Online Guestbook Pro 5.1 Cross Site Scripting
Posted Jul 8, 2009
Authored by Moudi

Online Guestbook Pro version 5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 023b4dcb2fd1837d0ae1cdfc6b148788
JNM Guestbook 3.0 Cross Site Scripting
Posted Jul 8, 2009
Authored by Moudi

JNM Guestbook version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ae541d5729926783fdb4b666834f4fb7
DB Top Sites 1.0 Cross Site Scripting
Posted Jul 8, 2009
Authored by Moudi

DB Top Sites version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4a36c3a77f7179524c5c6959311e408b
MySQL 5.0.45 Format String Vulnerability
Posted Jul 8, 2009
Authored by Kingcope

MySQL version 5.0.45 suffers from a format string vulnerability. Proof of concept demonstration code is provided.

tags | exploit, proof of concept
MD5 | c7051db441b1868e23f8edd0bd7733e2
Core Security Technologies Advisory 2009.0515
Posted Jul 8, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability was found in the way that WordPress handles some URL requests. This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript code. Arbitrary native code may be run by a malicious attacker if the blog administrator runs injected JavasScript code that edits blog PHP code.

tags | exploit, arbitrary, php, javascript
advisories | CVE-2009-2334, CVE-2009-2335, CVE-2009-2336
MD5 | 33e7dc69441396610a6945868f030b1f
Core Security Technologies Advisory 2009.0519
Posted Jul 8, 2009
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Core Security Technologies Advisory - Awakening's Winds3D Viewer, which runs as a plugin within most popular web browsers, is vulnerable to a remotely exploitable arbitrary command execution vulnerability which can be triggered by making the user visit a malicious link/website. Versions 3.5.0.0 and 3.0.0.5 are vulnerable.

tags | exploit, web, arbitrary
advisories | CVE-2009-2386
MD5 | dd8314606e5d9fe5e80ed6775b92d050
GNU Privacy Guard 2.0.12
Posted Jul 8, 2009
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: GPGSM now always lists ephemeral certificates if specified by fingerprint or keygrip. GPGSM now also returns information about smartcards. It is now made sure not to leak file descriptors if running gpg-agent with a command. The order of the confirmation questions for root certificates was changed, and negative answers are stored in trustlist.txt. Better synchronization of concurrent smartcard sessions was implemented. Support for 2048 bit OpenPGP cards and for Telesec Netkey 3 cards was added. A potential Mac OS X system freeze is now avoided.
tags | encryption
MD5 | 4718d8a8cd3eac100951d8b162cf537b
Whitepaper Called XSS And Iframe Phishing
Posted Jul 8, 2009
Authored by 599eme Man

This whitepaper discusses the use of cross site scripting and iframe injection when performing phishing attempts.

tags | paper, xss
MD5 | 6d509971b62f0d70484a62570b685a31
Calendar Express 2 Cross Site Scripting
Posted Jul 8, 2009
Authored by 599eme Man

Calendar Express version 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4d54d73a3ea1a4cd70e99ea39397b550
Remote Web Workplace Attack Tool
Posted Jul 8, 2009
Authored by Mike Arnold

The Remote Web Workplace Attack tool will perform a dictionary attack against a live Microsoft Windows Small Business Server's "Remote Web Workplace" portal. It currently supports both SBS 2003 and SBS 2008 and includes features to avoid account lock out. It is written in Python and requires pycurl.

tags | remote, web, cracker, python
systems | windows
MD5 | af4972bde80f3bceb5d375f14a63e1f5
Month Of Twitter Bugs - Twitterfall XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - Twitterfall suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9f7afdd4f69156b55358ed561bf6ccb8
Month Of Twitter Bugs - yfrog XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The yfrog application suffered from a reflected cross site scripting vulnerability.

tags | exploit, xss
MD5 | 231f236d6a6319e6d965d344902fa20f
Month Of Twitter Bugs - TwitPic Issues
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The TwitPic application suffered from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
MD5 | 270c97d358dbd6d7b1d86e223bac60a0
Month Of Twitter Bugs - TwitSnaps XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The TwitSnaps application is susceptible to a reflect cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7a0be33d08640360e9eaa6b8e4e4a48f
Month Of Twitter Bugs - BigTweet XSRF
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The BigTweet bookmarklet tool suffered from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 8ade5d4fd0745c08967192ead612b25d
Month Of Twitter Bugs - TwitWall XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The TwitWall application suffers from a persistent cross site scripting vulnerability.

tags | advisory, xss
MD5 | 70dd61815638eeebd88a5cc2abc8b43c
Month Of Twitter Bugs - HootSuite XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The HootSuite Twitter toolbox suffered from a reflected cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2b886b1f2a8e14a5458d36eefb0d8646
Month Of Twitter Bugs - bit.ly XSS
Posted Jul 8, 2009
Authored by Aviv Raff | Site twitpwn.com

Month of Twitter Bugs - The bit.ly service suffered from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0cb5d861772f62c48fcdbfd5db088d14
RTL8169 NIC Driver Buffer Overflow
Posted Jul 8, 2009
Authored by Eric Dumazet

The RTL8169 NIC driver in the Linux kernel versions prior to 2.6.30 allows remote attacks to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux
advisories | CVE-2009-1389
MD5 | 5e43ceacbb45bd8aa411ac1a6875ab15
Spector - Automatically Analyzing Shell Code
Posted Jul 8, 2009
Authored by Mark Zielinski, Atul Prakash, Kevin Borders

Whitepaper called Spector: Automatically Analyzing Shell Code.

tags | paper, shell, shellcode
MD5 | 94559b13155b3d742df7f1342cc3c7c3
Sosblog Persistent Cross Site Scripting
Posted Jul 8, 2009
Authored by 599eme Man

Sosblog suffers from a persistent cross site scripting vulnerability in the article commenting section.

tags | exploit, xss
MD5 | 6d4534d8fca2badb4f49394fa7772382
Rentventory PHP Cross Site Scripting
Posted Jul 8, 2009
Authored by 599eme Man

Rentventory PHP suffers from cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
MD5 | 6cb9b18e1ab3c44dfe674f206da99cec
Big Sister File Exchange Server 0.03 Disclosure
Posted Jul 8, 2009
Authored by Septemb0x | Site cyber-warrior.org

Big Sister File Exchange Server version 0.03 suffers from a database configuration disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 639cebe7f47d1b8e12cbabc28dbe83e0
Linea 21 1.2.1 Cross Site Scripting
Posted Jul 8, 2009
Authored by 599eme Man

Linea 21 version 1.2.1 suffers from cross site scripting, iframe injection, and redirection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7f038b6c21ca13183befbafb672306df
Page 1 of 3
Back123Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close