what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2010-04-24

Adobe Reader's Custom Memory Management - A Heap Of Trouble
Posted Apr 24, 2010
Authored by Haifei Li | Site fortinet.com

Whitepaper called Adobe Reader's Custom Memory Management: A Heap Of Trouble.

tags | paper
SHA-256 | 1ca66990a4d34dc7ac4eb9341396985d911c6f0afad2d4386e9f8b52dc992276
WHMCS Control SQL Injection
Posted Apr 24, 2010
Authored by Islam DefenDers

WHMCS Control suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 47fe91c334029232006355f39bce6b9c16e31c371edf741831002469fdf9d7fc
NCT Jobs Portal Script SQL Injection / Cross Site Scripting
Posted Apr 24, 2010
Authored by Sid3 effects

NCT Jobs Portal Script suffers from a cross site scripting vulnerability. It also suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, xss, sql injection
SHA-256 | 7fe5d69d5bf05bfc2a622dbf3942699d7f0bf328bad2e885b70497323168bef3
ZipWrangler 1.20 .ZIP SEH Exploit
Posted Apr 24, 2010
Authored by TecR0c, Sud0 | Site corelan.be

ZipWrangler version 1.20 SEH overwrite exploit that creates a malicious .zip file.

tags | exploit
SHA-256 | 29f7dd7ad0c8b7b814ab450c0ac1bd3a7ceb95aaef19efa6ace9ed04c4ddc5c0
Hashdays 2010 Call For Papers
Posted Apr 24, 2010
Site hashdays.ch

Hashdays 2010 Call For Papers - Hashdays is an international security technology and research conference which is preceded by several 2-day workshops delivering IT security training. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place November 3rd to 6th, 2010 in Lucerne.

tags | paper, conference
SHA-256 | 32a0e10bbfff19e76a2d6f9af283552a2a65f2322051bafb9dfb968ad8e9445e
HP Digital Imaging Insecure Method
Posted Apr 24, 2010
Authored by ThE g0bL!N

HP Digital Imaging (hpodio08.dll) insecure method exploit.

tags | exploit
SHA-256 | d7abb4532a2c0fc0930b25af470ad742cd982d6fb1e12e2700ca431e98515d1d
27 Bytes setuid(0) ^ execve("/bin/sh", 0, 0) Shellcode
Posted Apr 24, 2010
Authored by Magnefikko

27 bytes small setuid(0) ^ execve("/bin/sh", 0, 0) shellcode.

tags | shellcode
SHA-256 | bc725e28e8a64631ad59b2098ef7c8fea440c0c8ed4a8fbb8fed438361746f39
Openpresse 1.01 Local File Inclusion
Posted Apr 24, 2010
Authored by cr4wl3r

Openpresse version 1.01 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 87fe63d7ff9b4c1864531a03b2899afbc7ea28f523341b181736b6831e044df8
Openplanning 1.00 Remote / Local File Inclusion
Posted Apr 24, 2010
Authored by cr4wl3r

Openplanning version 1.00 suffers from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | d03315e2e2d3ec353424a59aa61d45a091b13d7b92fcd5555b9987f4d7580165
Openfoncier 2.00 Remote / Local File Inclusion
Posted Apr 24, 2010
Authored by cr4wl3r

Openfoncier version 2.00 suffers from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | c172882bb0fcdce6cbc536438393312d3e7e8e8e01bdb07c97a04915d2fc30fc
27 Bytes setreuid(0, 0) And execve("/bin/sh") Shellcode
Posted Apr 24, 2010
Authored by Magnefikko

27 bytes small setreuid(0, 0) and execve("/bin/sh") shellcode.

tags | shellcode
SHA-256 | 0732c3a86d1f15b87fe5d154f77016499a306775e51a4749d0dc7e73c87b513b
NKInfoWeb SQL Injection
Posted Apr 24, 2010
Authored by d4rk-h4ck3r

NKInfoWeb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 05e00195d5607e194df776f5c7ee0897291f32201ff5eb0523fc9c01caa9e425
CommView 6.1 Denial Of Service
Posted Apr 24, 2010
Authored by p4r4N0ID | Site corelan.be

CommView version 6.1 (build 636) suffers from a local denial of service vulnerability.

tags | advisory, denial of service, local
SHA-256 | fa3e95eb2eee13656e06e0aa498a7f95c2e01e0766d9ca539cdfabe285f444f7
Memorial Web Site Script Password Reset / Insecure Cookie
Posted Apr 24, 2010
Authored by Chip D3 Bi0s

Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities.

tags | exploit, web, vulnerability, insecure cookie handling
SHA-256 | 760ef13c884034f144f3aa8a797f01be878b0fd0add4599eadc774e096738faa
Memorial Web Site Script Arbitrary Deletion
Posted Apr 24, 2010
Authored by Chip D3 Bi0s

Memorial Web Site Script suffers from arbitrary deletion vulnerabilities.

tags | exploit, web, arbitrary, vulnerability
SHA-256 | 34df70ef7f3e332dedf0d10c15adb1e459312dee1c3fdf01c2cc20cad236c322
CommView 6.1 Denial Of Service
Posted Apr 24, 2010
Authored by p4r4N0ID

CommView version 6.1 (build 636) local denial of service exploit.

tags | exploit, denial of service, local
SHA-256 | 683751d3a51548067321ba0b482b1609c1c457682303e6d71eef5df9cf8747be
Debian Linux Security Advisory 2039-1
Posted Apr 24, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2039-1 - It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible.

tags | advisory, sql injection
systems | linux, debian
SHA-256 | 67725f0da189f4468427212a6ae29a56dc5cf0c8be16bf1862cdaa2e2694f088
EPay Enterprise 4.13 SQL Injection
Posted Apr 24, 2010
Authored by v3n0m

EPay Enterprise version 4.13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 44bdc05e34f75889522cea22cd711d5f26f5f184e257063b716158d6b991584f
DataLife Engine 6.9 Cross Site Scripting
Posted Apr 24, 2010
Authored by MustLive

DataLife Engine version 6.9 suffers from a cross site scripting vulnerability via the Referer header.

tags | exploit, xss
SHA-256 | 834c22ffd4a6284859f5402db67eed9b0bf1d107fec82b95d45b50c33cce9285
Zero Day Initiative Advisory 10-078
Posted Apr 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-078 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ZENworks Server (zenserver.exe). This Tomcat server listens by default on TCP ports 80 and 443. The vulnerability exists in the UploadServlet. Using the UploadServlet an attacker can upload a malicious file outside of the TEMP directory on the server. By accessing this uploaded file remotely it is executed in the context of the zenserver.exe process. This can be exploited to gain arbitrary code execution in the context of the user running the ZENworks server.

tags | advisory, remote, arbitrary, tcp, code execution
SHA-256 | 11c9411dcfafccd770058445c9f215256689e44ba7381a574691d4d2382efd2c
Mihao8 CMS Cross Site Scripting
Posted Apr 24, 2010
Authored by riusksk

Mihao8 CMS suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a37b5e00d6e38d139840f9c6d87b88698e0e37cebb1b17b7d9983182e16b3aef
Firebrand Technologies Local File Inclusion
Posted Apr 24, 2010
Authored by R3VAN_BASTARD

Firebrand Technologies suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 1e81045fc17688c5203ea154f25072f7a2f8cbb2e3d700d258da96b99d2e221c
29 Bytes setuid(0) And execve("/bin/sh",...) Shellcode
Posted Apr 24, 2010
Authored by Marcin Ulikowski

29 bytes small setuid(0) and execve("/bin/sh",...) shellcode.

tags | shellcode
SHA-256 | bf11caa3797eaf5b8e59dc0d530a61d2fc9afc1e6256a15d978aab04a9db9369
Another File Integrity Checker 2.15
Posted Apr 24, 2010
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Afick will now work on Windows Vista/Seven with uac. Afick_cron now uses boune syntax instead of bash syntax. A bug has been fixed for activeperl 5.10.1.1007. Remaining environment variables in the configuration file are detected/replaced by the check_config and clean_config options.
tags | tool, integrity
systems | windows, unix
SHA-256 | 3fbc00b9baf21d4e47916f9da5ebf3cad4f643b51f83c0d0862eb96cf85c07af
Mac OS X 10.6.3 Filesystem HFS Denial Of Service
Posted Apr 24, 2010
Authored by Maksymilian Arciemowicz

Mac OS X version 10.6.3 suffers from a HFS related denial of service vulnerability.

tags | exploit, denial of service
systems | apple, osx
advisories | CVE-2010-0105
SHA-256 | 164e411db38aa88a7e22d17c8d7b70711b8105a1c5ddae787f697ee6ae07c1ab
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close