what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2010-12-29

Ad Muncher 4.81 Cross Site Scripting
Posted Dec 29, 2010
Authored by MustLive

Ad Muncher versions 4.81 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 3cacd4cfd8ec86331599b9f0ed4d6a27
Discovery TorrentTrader 2.6 Cross Site Scripting / SQL Injection / Local File Inclusion
Posted Dec 29, 2010
Authored by EsS4ndre

Discovery TorrentTrader version 2.6 suffers from cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | a465f8ce2a1edb4082ff882521aa0cd0
Coppermine 1.5.10 Cross Site Scripting
Posted Dec 29, 2010
Authored by Janek Vind aka waraxe | Site waraxe.us

Coppermine version 1.5.10 suffers from reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cb548f417d9e5ffd78c67e4192a52145
Digital Music Pad 8.2.3.4.8 SEH Overflow
Posted Dec 29, 2010
Authored by Abhishek Lyall

Digital Music Pad version 8.2.3.4.8 SEH overflow exploit.

tags | exploit, overflow
MD5 | 3eb00a16b745f91c5face6e06a68303a
KaiBB 1.0.1 Cross Site Scripting / Path Disclosure / SQL Injection
Posted Dec 29, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

KaiBB version 1.0.1 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 05321f7a9c1d7099858127646083e690
Microsoft Word RTF pFragments Stack Buffer Overflow
Posted Dec 29, 2010
Authored by wushi, jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office prior to the release of the MS10-087 bulletin are vulnerable. This Metasploit module does not attempt to exploit the vulnerability via Microsoft Outlook. The Microsoft Word RTF parser was only used by default in versions of Microsoft Word itself prior to Office 2007. With the release of Office 2007, Microsoft began using the Word RTF parser, by default, to handle rich-text messages within Outlook as well. It was possible to configure Outlook 2003 and earlier to use the Microsoft Word engine too, but it was not a default setting.

tags | exploit, overflow
advisories | CVE-2010-3333, OSVDB-69085
MD5 | bf0463eef347a91b2ddc62adc2113b79
DzTube SQL Injection
Posted Dec 29, 2010
Authored by ErrNick

DzTube suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a526aa8f83bdc7eb825ae09f5e407147
LoveCMS 1.6.2 Cross Site Request Forgery
Posted Dec 29, 2010
Authored by hiphop

LoveCMS version 1.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | e1902ed540e70f32bcff7f642ca66006
Chaosmap 1.1
Posted Dec 29, 2010
Authored by Bastian Ballmann | Site datenterrorist.de

Chaosmap is an information gathering tool and dns / whois / web server scanner written in Python. It can be used to lookup DNS names with a dictionary with or without using a salt. Salting for DNS means it will append numbers from 1-9 to the name in the dictionary with or without a - and _ or a leading 0. Salting for Web stuff will try double slashes and some directory traversal tricks. You can do reverse dns lookups of a whole ip range (with optional whois lookup) or make a dictionary scan for hidden paths on one webserver or a range of ip addresses. Optionally you can encode the path with url encoding and with google dict lookup mode chaosmap will first try to find the path on Google and only query the webserver if google has no search result. Last but not least it can be used to extract email addresses from domains using a Google search.

Changes: Base URL / HTTP Proxy/ HTTPS support. Various other additions.
tags | tool, web, python
systems | unix
MD5 | 4f8e28ad92c46275c61d9020b114bdb6
Simple Local File Inclusion Vulnerability Scanner
Posted Dec 29, 2010
Authored by Valentin Hoebel

This tool helps discover local file inclusion vulnerabilities. It creates a random user agent for the connection, supports nullbytes, supports common Unix systems, and more.

tags | tool, local, scanner, vulnerability, file inclusion
systems | unix
MD5 | bb7120fa3e8cf077e8170499d4f6b06a
Yektaweb CMS Cross Site Scripting
Posted Dec 29, 2010
Authored by Isfahan University of Technology

Yektaweb CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d2c838e92ebe45e0e18e1da871d9bce0
PHP-AddressBook 6.2.4 SQL Injection
Posted Dec 29, 2010
Authored by hiphop

PHP-AddressBook version 6.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | ae7359352bdfc1af53aacca3a8b485e1
Wordpress 3.0.3 Stored Cross Site Scripting
Posted Dec 29, 2010
Authored by Saif

Wordpress version 3.0.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 17745d7c1d1ae33392fecd07917e41a6
TYPSoft FTP Server 1.10 Denial Of Service
Posted Dec 29, 2010
Authored by Emanuele Gentili

TYPSoft FTP Server version 1.10 RETR CMD denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2005-3294, OSVDB-19992
MD5 | b89984b1e07aa2211212f5302f089db6
QuickTime Picture Viewer 7.6.6 Denial Of Service
Posted Dec 29, 2010
Authored by BraniX

QuickTime Picture Viewer version 7.6.6 JP2000 denial of service exploit.

tags | exploit, denial of service
MD5 | e7fbf0c21ce374f9524f9a86e7088b00
IrfanView 4.27 Denial Of Service
Posted Dec 29, 2010
Authored by BraniX

IrfanView version 4.27 JP2000.dll plugin denial of service exploit.

tags | exploit, denial of service
MD5 | 2e432290312fd05a65d4ed28bcf55ef9
Siteframe 3.2.3 SQL Injection
Posted Dec 29, 2010
Authored by AnGrY BoY

Siteframe version 3.2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d83ad91933ee217446b5b188d3746bd5
DGNews 2.1 SQL Injection
Posted Dec 29, 2010
Authored by kalashnikov

DGNews version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 202ab1e389396398429a1bfaaa94bf9d
TYPO3 Unauthenticated Arbitrary File Retrieval
Posted Dec 29, 2010
Authored by ikki

TYPO3 unauthenticated arbitrary file retrieval exploit. Affects versions 4.2.15, 4.3.7, and 4.4.4.

tags | exploit, arbitrary, file inclusion
advisories | CVE-2010-3714
MD5 | 9b3430e959c2acc446c50e3574709481
ardeaCore 2.25 PHP Framework Remote File Inclusion
Posted Dec 29, 2010
Authored by n0n0x

ardeaCore version 2.2.5 PHP Framework suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, file inclusion
MD5 | dd0f0af1480a22c60f635e114d910173
News Script PHP Pro Shell Upload
Posted Dec 29, 2010
Authored by Net.Edit0r

News Script PHP Pro suffers from a shell upload vulnerability.

tags | exploit, shell, php
MD5 | 05384fd295833a280e365370d800f071
HotWeb Rental SQL Injection
Posted Dec 29, 2010
Authored by non-customers

HotWeb Rentals suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c8368d2dce3ca322abd62c5c7a9b7a2d
Secunia Security Advisory 42749
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered some vulnerabilities in the Chilkat FTP-2 ActiveX component, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

tags | advisory, vulnerability, activex
MD5 | a566970f21df586ff496d44eb5313ba5
Secunia Security Advisory 42752
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.

tags | advisory
MD5 | 4f5f296454db534aabaded21390c948c
Secunia Security Advisory 42748
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LiveZilla, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | be050a69bacfaef0f71e795f45a29c3d
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close