exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2009-12-13

Acc PHP eMail 1.1 XSRF
Posted Dec 13, 2009
Authored by bi0

Acc PHP eMail version 1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
SHA-256 | 4581b3ccb8d64f6255f9996650a5bd65a510942012ece4b44f8874f82378819a
WBBlog Remote File Inclusion
Posted Dec 13, 2009
Authored by mr_me

WBBlog suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | f2a6735dabf275055d3a25a0184dc4849d25f16374750ce5ec63e4825f3e9052
Piwigo 2.0.6 SQL Injection / Cross Site Scripting
Posted Dec 13, 2009
Authored by mr_me

Piwigo version 2.0.6 suffers from remote SQL injection, cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 7c72c76c16aa2ff272df3138d054b4fa79cd33247ef20496da1fc0296c5d2d0b
Ele Medios CMS SQL Injection
Posted Dec 13, 2009
Authored by Cr3w-D, Dr.0rYX

Ele Medios CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 49bcc9237c752ebb9a649805e0dc412c3b97de160f4b02a36796c3e11442a4e0
Millenium MP3 Studio 2.0 (PLS File) Stack Overflow.
Posted Dec 13, 2009
Authored by dookie, Molotov | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the Millenium MP3 Studio 2.0. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extention is registered to Millenium MP3 Studio. This functionality has not been tested in this module.

tags | exploit, overflow
SHA-256 | 4a1e117ec7a07c9369020bc7ebc32cb7a03208c810258087037afadadb98fa5d
Xenorate 2.50 Local Buffer Overflow
Posted Dec 13, 2009
Authored by loneferret | Site metasploit.com

This Metasploit module exploits a stack overflow in Xenorate 2.50. By creating a specially crafted xpl playlist file, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | ad0b6f04e4f71bee6bd71a38599a3b4587487cadbda7bb7cf60e018dc123d11e
Xenorate 2.50 Local Buffer Overflow
Posted Dec 13, 2009
Authored by germaya_x

Xenorate version 2.50 universal local buffer overflow exploit that creates a malicious .xpl file.

tags | exploit, overflow, local
SHA-256 | 753f9d0b80827515eccc9e2846f7764cb82c02d4cad8f4b8b4098ab59bf0b3af
SAP GUI for Windows sapirrfc.dll Overflow
Posted Dec 13, 2009
Authored by Abysssec | Site abysssec.com

SAP GUI for Windows sapirrfc.dll Active-X overflow exploit.

tags | exploit, overflow, activex
systems | windows
SHA-256 | fb087f2477c856e8815f8b0952df2ba073d8a422225953ad69fc32b0a388ffcb
HP NNM 7.53 ovalarm.exe Buffer Overflow
Posted Dec 13, 2009
Authored by Mati Aharoni, sinn3r

HP NNM version 7.53 ovalarm.exe CGI pre-authentication remote buffer overflow exploit.

tags | exploit, remote, overflow, cgi
SHA-256 | c3254e5bce844de2beae7b43c17e8ca6a8e7cc2e902e7f875b73fd47ddbfe34d
Debian Linux Security Advisory 1950-1
Posted Dec 13, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1950-1 - Several vulnerabilities have been discovered in webkit, a Web content engine library for Gtk+.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1712, CVE-2009-1725, CVE-2009-1714, CVE-2009-1710, CVE-2009-1697, CVE-2009-1695, CVE-2009-1693, CVE-2009-1694, CVE-2009-1681, CVE-2009-1684, CVE-2009-1692
SHA-256 | cb6106ed509c73b812d4c51fc7788d4c959ede34e11383c49d52c9bb1f64fcce
Debian Linux Security Advisory 1949-1
Posted Dec 13, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1949-1 - It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments (no CVE yet) or execute arbitrary commands (CVE-2009-4024) on a system that uses php-net-ping.

tags | advisory, arbitrary, php
systems | linux, debian
advisories | CVE-2009-4024
SHA-256 | bdc7b81a44b21ccf791c69f5151721ef005a43fa61e21e1cf386af20ea9abc31
ArticleMS 2.0 Cross Site Scripting
Posted Dec 13, 2009
Authored by Packetdeath | Site ssteam.ws

ArticleMS version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8a0bb64b998a0a09683e7a77acd854fd568342dd11a596e6b95ea1b206d28bf9
Chipmunk Board Script 1.x XSRF
Posted Dec 13, 2009
Authored by Milos Zivanovic

Chipmunk Board Script 1.x suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | d27c65a434e67dfcbec050b79dea0f074b1c3b9cde65d4bec2fda849d558083c
Mandriva Linux Security Advisory 2009-259
Posted Dec 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-259 - preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. The updated packages have been patched to prevent this. Additionally there were problems with two rules in the snort-rules package for 2008.0 that is also fixed with this update. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2008-1804
SHA-256 | ee5fec922445fc73e30d9ef005c7991028e684036a55c43cce10e70dfe8a3b98
Chipmunk Newsletter XSRF
Posted Dec 13, 2009
Authored by Milos Zivanovic

Chipmunk Newsletter suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | c10e82617177a868ba0813d1c04e90e97a9388e2a7980a62bc041e761fe9f55f
Model Agency Manager Cross Site Scripting
Posted Dec 13, 2009
Authored by bi0

Model Agency Manager suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8ea501fd62b4294aabcd1c910a5dfef8ae2cf9c6e4be00571350605369851aaf
Arctic Issue Tracker Cross Site Scripting
Posted Dec 13, 2009
Authored by bi0

Arctic Issue Tracker suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a2c36bc55723121d07d216436961734edb3389a48674475081287b37838c438d
Mandriva Linux Security Advisory 2009-296
Posted Dec 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-296 - Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1570
SHA-256 | 8a424be972edd20a5efd8fdfd4170719f59c4e38346adbd173702deb1f7539f6
Safer-networking.org SQL Injection
Posted Dec 13, 2009
Authored by VMw4r3

Safer-networking.org (Spybot) suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 746583321ca61eb6849608650333d8669ecf9aefddb3dcc33b69f840008422e8
phpCollegeExchange 0.1.5c Authentication Bypass
Posted Dec 13, 2009
Authored by Salvatore Fresta

phpCollegeExchange version 0.1.5c suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 67e84a12c1e1972d77ab6b80d76a12107a496e347fad485c8542b7bdf15742c4
phpCollegeExchange 0.1.5c SQL Injection
Posted Dec 13, 2009
Authored by Salvatore Fresta

phpCollegeExchange version 0.1.5c suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b1b6ea3f643fbfb347dc878ece8be1636f2f3a195a232eb5bbb187fb833d804
Mandriva Linux Security Advisory 2009-332
Posted Dec 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3909
SHA-256 | a17d6153f5063f0ff22cb23f02d1a912a4bfd94c9b0d868d6b8cfcfba044824a
Digital Scribe 1.4.1 SQL Injection
Posted Dec 13, 2009
Authored by Salvatore Fresta

Digital Scribe version 1.4.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ebbf4c9858b41d0bcd50257f84f3b396fe036c02646b8c5496e44b515fa54527
The Next Generation Of Genealogy Sitebuilding XSS
Posted Dec 13, 2009
Authored by bi0

The Next Generation of Genealogy Sitebuilding version 7.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ceea14507d556caa6af031be03e20b6049d62d9bf686e4089b8b3f6754b3662f
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close