exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 93 RSS Feed

Files Date: 2010-05-14

VMware Portal 3.1 Cross Site Scripting
Posted May 14, 2010
Authored by Alexey Sintsov

VMware View Portal versions 3.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-1143
SHA-256 | 6ff34d3c4c5414257facf8f8b5cdd2f2fd3e1d2c50b916d0ba65eccf0d979ba0
GRAudit Grep Auditing Tool 1.6
Posted May 14, 2010
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: This release adds a bugfix for greedy separator code, imports C rules from RATS, starts a test suite transition to the Junio C Hamano Git-inspired one, adds a case insensitive switch, adds dotnet signatures, discontinues the rough database, adds the combined database "all", and supports the GRDIR environment variable.
systems | unix
SHA-256 | 720edb009cb6438b0f052d5ac5e00f4961194644994839f8048a4df1b32fbfab
Joomla JE Quote Form Local File Inclusion
Posted May 14, 2010
Authored by altbta

The Joomla JE Quote Form component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 61bf35df125c510a7e3dd988c89c38e9ee53e36cd51b4a049974054e4ab46472
Heaven Soft CMS 4.7 SQL Injection
Posted May 14, 2010
Authored by CoBRa_21

Heaven Soft CMS version 4.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4d1e739a3a302e7c256f696ae6f067d5a4fcec851898d9507cc0227f20853a8b
Alibaba Clone Platinum SQL Injection
Posted May 14, 2010
Authored by GuN

Alibaba Clone Platinum suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 731f15ed4ac1feb5faa7fb6c5757e546cd0255ce83584463ca206332a94392b2
Drupal Storm 1.32 Cross Site Scripting
Posted May 14, 2010
Authored by Black Packeteer

The Drupal Storm module version 1.32 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 502796701a326543ce092a64ec542afb6affb2f3bec4e9478553db1438eebaab
Joomla FDione Form Wizard 1.0.2 Local File Inclusion
Posted May 14, 2010
Authored by Chip D3 Bi0s

Joomla FDione Form Wizard version 1.0.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 6074f175a4bc9b26da1579635e2f5f7f8c28a7571bb77e76a681a7bb84f8c037
HP Security Bulletin HPSBPI02532 SSRT100111
Posted May 14, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to "Send to e-mail" and other functionality of an HP Multifunction Peripheral (MFP) controlled by the HP Digital Sending Software.

tags | advisory, local
systems | windows
advisories | CVE-2010-1558
SHA-256 | 409796c77f473f0a9a38655b8406ab38c4e67729a0865bdad55bdd7fa5e65a7e
Joomla JE Ajax Event Calendar 1.0.3 Local File Inclusion
Posted May 14, 2010
Authored by Valentin Hoebel

Joomla JE Ajax Event Calendar version 1.0.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | b1377c5c9af133fe7257f7699c970c7e7c45f0f427b603a5e48c63ee19c0b26c
Heaven Soft CMS 4.7 SQL Injection
Posted May 14, 2010
Authored by Princeofhacking

Heaven Soft CMS version 4.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d5053f3bbf3e988704a1712a9a91e81282544ab43abfc14f5f5c318111ced964
Joomla JE Job Local File Inclusion
Posted May 14, 2010
Authored by Valentin Hoebel

The Joomla JE Job component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 517b4fe22000272d7d05219eeb5f558cedb8836282c3ee74b469e85d17320990
SmallFTPd 1.0.3 Denial Of Service
Posted May 14, 2010
Authored by Jeremiah Talamantes

SmallFTPD version 1.0.3 DELE command denial of service exploit.

tags | exploit, denial of service
SHA-256 | 7bb3d73cbab3ec01f536cee5ce392eb199b4af2b8c58d0699553025699162763
TYPSoft 1.0 RETR Denial Of Service
Posted May 14, 2010
Authored by Jeremiah Talamantes

TYPSoft version 1.0 RETR command denial of service exploit.

tags | exploit, denial of service
SHA-256 | 9e743870310a319983612a510077f27e93555ce348bf5017ef067515f6ee954b
Debian Linux Security Advisory 2046-1
Posted May 14, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2046-1 - Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP.

tags | advisory, remote, web, php, vulnerability
systems | linux, debian
advisories | CVE-2010-0403, CVE-2010-0404
SHA-256 | 3a8e814f54641e9618488f5ad59558887178f21178734ccbb463644a2e4ce890
Badoo Services Online Community Cross Site Scripting
Posted May 14, 2010
Authored by Ivan Sanchez

Badoo Services Online Community suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7611f65701e08eb5178c7c4e3aa204ba2fe0db11dd27d57942e6f5cd87051036
WFTPD Server 3.30 Directory Traversal
Posted May 14, 2010
Authored by fl0 fl0w

WFTPD Server version 3.30 directory traversal exploit.

tags | exploit, file inclusion
SHA-256 | 2e2fb1913a585ae5cf5f8fb18da7901f4b134cb92fceedd7436ccec16353d38f
Link Bid Script links.php SQL Injection
Posted May 14, 2010
Authored by R3d-D3v!L

Link Bid Script suffers a remote SQL injection vulnerability in links.php.

tags | exploit, remote, php, sql injection
SHA-256 | 40b0067b4a9fc88853e5631994823560d6c750513431c7d32b8814360e116ae1
Abyss Web Server X1 Cross Site Request Forgery
Posted May 14, 2010
Authored by AutoSec Tools

Abyss Web Server X1 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
SHA-256 | 6a8b0a0b3df4f6bea2398734044f1276abd5e1f4af92134da2bd728aab1a0f1a
aria2 metalink "name" Directory Traversal Vulnerability
Posted May 14, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in aria2, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application not properly sanitising the "name" attribute of the "file" element of metalink files before using it to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. aria2 version 1.9.1 build2 is affected.

tags | advisory
advisories | CVE-2010-1512
SHA-256 | 5db2e877b929448ce53fbaefcd4fe1dc429beb3e14f7b1dcec039f413a870480
Free Download Manager metalink "name" Directory Traversal
Posted May 14, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in Free Download Manager, which can be exploited by malicious people to compromise a user's system. The "name" attribute of the "file" element of metalink files is not properly sanitised before being used to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. Free Download Manager version 3.0 build 850 is affected.

tags | advisory
advisories | CVE-2010-0999
SHA-256 | 60c825619601682037a8558f5c997dc4b92f393d1622d48462b4a8dad92fde7a
Free Download Manager Four Buffer Overflow Vulnerabilities
Posted May 14, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered four vulnerabilities in Free Download Manager, which can be exploited by malicious people to compromise a user's system. Free Download Manager version 3.0 build 850 is affected.

tags | advisory, vulnerability
advisories | CVE-2010-0998
SHA-256 | a7c535c78279767e6f7e01d49794419b36ad3c9b5fb60a3d1bcf78f26b853f28
KDE KGet metalink "name" Directory Traversal Vulnerability
Posted May 14, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in KDE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to KGet not properly sanitising the "name" attribute of the "file" element of metalink files before using it to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. KDE version 4.4.2 is affected.

tags | advisory
advisories | CVE-2010-1000
SHA-256 | 4753c3b2fd7ba990fce8cff97b3b26d9f9af9b4835f05f0238026d7fc09ec1ca
KDE KGet Insecure File Operation Vulnerability
Posted May 14, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in KDE, which can be exploited by malicious people to bypass certain security features. The vulnerability is caused by KGet downloading files without the user's acknowledgment, overwriting existing files of the same name when displaying a dialog box that allows a user to choose the file to download out of the options offered by a metalink file. KDE version 4.4.2 is affected.

tags | advisory
advisories | CVE-2010-1511
SHA-256 | 00f3b8e980ac034a80679c30c79ae908a7436b59928d9cc490152b17d823b990
MigasCMS Xinha Configuration Injection
Posted May 14, 2010
Authored by eidelweiss

The MigasCMS Xinha plugin suffers from a configuration injection vulnerability.

tags | exploit
SHA-256 | c2efbc6f4077b06fdac5a6b31f8f71002af458b8b719e46806e92ff52607b1e5
NPDS REvolution Cross Site Scripting
Posted May 14, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

NPDS REvolution version 10.02 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f5791baaef27c943130257cebc4f3ae8c581964acf8f9039c499648496aa4c4c
Page 1 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close