what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2010-04-29

deV!L'z Clanportal 1.5 Remote File Inclusion
Posted Apr 29, 2010
Authored by indoushka

deV!L's Clanportal version 1.5 suffers from remote file inclusion and image replacement vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 6f49b5caecb172858aee6f8daaeae43bdde8bb1b079fd98f585fc4242fbfc94a
Scratcher SQL Injection / Cross Site Scripting
Posted Apr 29, 2010
Authored by cr4wl3r

Scratcher suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | ef302aa3b59d79295188c3b1dcfb1d77c643381e76184c81acd82641bb121be0
Socialware 2.2 Cross Site Scripting / Shell Upload
Posted Apr 29, 2010
Authored by Sid3 effects

Socialware version 2.2 suffers from cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
SHA-256 | f4af78524d5d6ebb4c0137a3be8237a1801aef2eebc18cf23265fb9b880f3c18
Apple Safari 4.0.3 CSS Denial Of Service
Posted Apr 29, 2010
Authored by ItSecTeam

Apple Safari version 4.0.3 (Win32) CSS related remote denial of service exploit.

tags | exploit, remote, denial of service
systems | windows, apple
SHA-256 | 59f3107052784bfbc7146346198223a15114acfb239ae5b52f90f93a41ebb54d
Mandriva Linux Security Advisory 2010-086
Posted Apr 29, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-086 - Multiple vulnerabilities has been found and corrected in kpdf (kdegraphics). Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3608, CVE-2009-3609
SHA-256 | 176ce851ea5226fd5466f63f85a1de7bc3edc6ecd276970bc8cbdb5ae0388691
Task Freak 0.6.2 SQL Injection
Posted Apr 29, 2010
Authored by Justin C. Klein Keane

Task Freak version 0.6.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2010-1583
SHA-256 | c2e4cad3acc7ebac98343078acf155f038484525fd60cc340c10109c9c504e8f
Ucenter Project 2.0 Crossdomain.xml
Posted Apr 29, 2010
Authored by indoushka

Ucenter Project version 2.0 uses an insecure crossdomain.xml set up.

tags | advisory
SHA-256 | 4a0e61c8cb8a5797729d5f127a7d64188188e76c72cb29d715ee92bb6fbb6d9d
Google Chrome Stack Exhaustion
Posted Apr 29, 2010
Authored by Jelmer de Hen | Site h.ackack.net

Chrome acronym tag denial of service exploit.

tags | exploit, denial of service
SHA-256 | 2b4afe1e8023a5f2f79d7359cdf7dbc99a736c6d256da5fe974909c893437011
TR Forum 1.5 Cross Site Scripting / SQL Injection
Posted Apr 29, 2010
Authored by indoushka

TR Forum version 1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 992e92f090cb8dfd04581f8f8b7d4fe37a7b19841b0d4bf80566bfd3213efc3b
Blog Pixel Motion Backup Disclosure
Posted Apr 29, 2010
Authored by indoushka

Blog Pixel Motion suffers from a backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | a87dde99b85e2a9bf9d351fddb0de1c276be065902db350caec8aa35caea857e
Your Articles Directory SQL Injection
Posted Apr 29, 2010
Authored by Sid3 effects

Your Article Directory suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a38c6560a77d2e8f4d6c5e887502dc7b559e21d46f19899d02161b4a3a583088
Ubuntu Security Notice 933-1
Posted Apr 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 933-1 - It was discovered that PostgreSQL did not properly sanitize its input when using substring() with a SELECT statement. A remote authenticated attacker could exploit this to cause a denial of service via application crash.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-0442
SHA-256 | c5e6c2d965cb8d3c77f1c402acebd01a9f7dcf4e1f91bc9465d926a621ffd86c
gpEasy 1.6.1 Cross Site Request Forgery
Posted Apr 29, 2010
Authored by giudinvx

gpEasy version 1.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 766d28c729371a6dfb98abe22f7d1968f593690f3a3ac3efb522e4a83ff2890f
PHP Video Battle SQL Injection
Posted Apr 29, 2010
Authored by v3n0m

PHP Video Battle suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | feeec9a5b33ca57a1de629423517e329280d59dc4b967aa4fdcc5ed9ac671615
Modelbook SQL Injection
Posted Apr 29, 2010
Authored by v3n0m

Modelbook suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 962fdcb917cafd16f27f55d4b260d5158b4fc7c58e1cdcda5711fd68f7eb7554
Twitter.com Impossible Secure Session
Posted Apr 29, 2010
Authored by Chris Palmer | Site isecpartners.com

It is impossible to maintain a secure session with Twitter, for multiple reasons. Additionally, once a session has been hijacked, it is possible for the attacker to maintain control over the account (not just the session) indefinitely, unless the user changes their password. This is because the session cookie has the same lifetime as the password.

tags | advisory
SHA-256 | 33ce90a17e72942d80262b42b39d4448a3e3b1ef746c48a5ce44c25d9b3ef5ef
Secunia Security Advisory 39646
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Modelbook, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | a7f8269265ea2d34636e23de0cea2f7d485b859e07cabf4c6007d80ab4ed2719
Secunia Security Advisory 39647
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Video Battle Script, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 315f8c36b890b40fd387e0e12118cd7cd4ced7dd790b02901ead710bea629911
Secunia Security Advisory 39565
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Privatemsg module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 2f12ff632adab2fbd98fa6160c6c2de6b7cc9b7fe3bd9dc8b6be18989cf767f8
Secunia Security Advisory 39650
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for xorg-x11-server. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
SHA-256 | 7f4ccc7bbce6eb2d7d49f00a2fd57cefdc5ac8490b045edab4dc1e7e4acc2e25
Secunia Security Advisory 39561
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Decisions module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
SHA-256 | 5d49bcdd64e5fe71c0f352d333229d0a8158f4c68187541e5baa2f0ef357d6bf
Secunia Security Advisory 39633
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in Tele Data Contact Management Server, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 649e31d403dfc207d12dc0af240a32d1b0401110fe2db658a11f224975feba13
Secunia Security Advisory 39643
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in gpEasy CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 06468bb531dd0b141d6d24129baa2958bbc834f5b0e07dc18238ce66ce0dc752
Secunia Security Advisory 39566
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for postgresql. This fixes a security issue, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 419e20bc17306d3e04dcf60cf4a35e232c4c13835268bb17d10fc7646f1d3d7a
Secunia Security Advisory 39653
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in iScripts SocialWare, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | f6010d2c078319f5f855e489fe5a55fb22870caedcc63844d20c11709c6b1001
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close