what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2010-12-29

Ad Muncher 4.81 Cross Site Scripting
Posted Dec 29, 2010
Authored by MustLive

Ad Muncher versions 4.81 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0fa1d8513b69bc1fc286ae4ef31437ee0f3760917a95bc68f2da8de87aa0bf1b
Discovery TorrentTrader 2.6 Cross Site Scripting / SQL Injection / Local File Inclusion
Posted Dec 29, 2010
Authored by EsS4ndre

Discovery TorrentTrader version 2.6 suffers from cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | ad0688c78f2e66e900baeb06f4dc8cbab87853b449b7279500080c27319ce64c
Coppermine 1.5.10 Cross Site Scripting
Posted Dec 29, 2010
Authored by Janek Vind aka waraxe | Site waraxe.us

Coppermine version 1.5.10 suffers from reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | be8b73580a130da9b082972278f6af1869440c879e56b3306245c47f80cea697
Digital Music Pad 8.2.3.4.8 SEH Overflow
Posted Dec 29, 2010
Authored by Abhishek Lyall

Digital Music Pad version 8.2.3.4.8 SEH overflow exploit.

tags | exploit, overflow
SHA-256 | 13c61e7a043d3a036cdb75753e6390a6e098f6948d02b4ae20043fd0da07cd8a
KaiBB 1.0.1 Cross Site Scripting / Path Disclosure / SQL Injection
Posted Dec 29, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

KaiBB version 1.0.1 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 3609575d4a9376abeae2a1b81bd498e5d35875d4a5a031c3a59cf96a1a9e7511
Microsoft Word RTF pFragments Stack Buffer Overflow
Posted Dec 29, 2010
Authored by wushi, jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office prior to the release of the MS10-087 bulletin are vulnerable. This Metasploit module does not attempt to exploit the vulnerability via Microsoft Outlook. The Microsoft Word RTF parser was only used by default in versions of Microsoft Word itself prior to Office 2007. With the release of Office 2007, Microsoft began using the Word RTF parser, by default, to handle rich-text messages within Outlook as well. It was possible to configure Outlook 2003 and earlier to use the Microsoft Word engine too, but it was not a default setting.

tags | exploit, overflow
advisories | CVE-2010-3333, OSVDB-69085
SHA-256 | c781a6b1c954888d98e9d2d99bf09fd7064aa318d76af4eac5e983b427860a6b
DzTube SQL Injection
Posted Dec 29, 2010
Authored by ErrNick

DzTube suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c6c169a20a99a67a287274f5dd5a14708780f335abd860180e7f9922bdc9b50
LoveCMS 1.6.2 Cross Site Request Forgery
Posted Dec 29, 2010
Authored by hiphop

LoveCMS version 1.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 726e20be981d56722f8df943a67f52902b69be74f0a714802ce0a86b8c03495f
Chaosmap 1.1
Posted Dec 29, 2010
Authored by Bastian Ballmann | Site datenterrorist.de

Chaosmap is an information gathering tool and dns / whois / web server scanner written in Python. It can be used to lookup DNS names with a dictionary with or without using a salt. Salting for DNS means it will append numbers from 1-9 to the name in the dictionary with or without a - and _ or a leading 0. Salting for Web stuff will try double slashes and some directory traversal tricks. You can do reverse dns lookups of a whole ip range (with optional whois lookup) or make a dictionary scan for hidden paths on one webserver or a range of ip addresses. Optionally you can encode the path with url encoding and with google dict lookup mode chaosmap will first try to find the path on Google and only query the webserver if google has no search result. Last but not least it can be used to extract email addresses from domains using a Google search.

Changes: Base URL / HTTP Proxy/ HTTPS support. Various other additions.
tags | tool, web, python
systems | unix
SHA-256 | bf73d4cb1d32e0df0ecccd0cbb285bf3ff4d17b0920ed02e9651f4a9caf7ef69
Simple Local File Inclusion Vulnerability Scanner
Posted Dec 29, 2010
Authored by Valentin Hoebel

This tool helps discover local file inclusion vulnerabilities. It creates a random user agent for the connection, supports nullbytes, supports common Unix systems, and more.

tags | tool, local, scanner, vulnerability, file inclusion
systems | unix
SHA-256 | 0c1637f07029317c9015b1f6d44d3a4c08567372e22ad7436e02997621345c13
Yektaweb CMS Cross Site Scripting
Posted Dec 29, 2010
Authored by Isfahan University of Technology

Yektaweb CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c52f3fb3a8ad5ab5e504bf25d55286e9607ff57b3a92665a332d0b7dc4c03df
PHP-AddressBook 6.2.4 SQL Injection
Posted Dec 29, 2010
Authored by hiphop

PHP-AddressBook version 6.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 699461b0386c5ae9684e0d4dd201f5c9e12adc221d1fe75c3b3dfb2c36c35b83
Wordpress 3.0.3 Stored Cross Site Scripting
Posted Dec 29, 2010
Authored by Saif

Wordpress version 3.0.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9fb14b53fbb56ffa5270d4dc71d95690a5e6bd33f24cd8dc2302f6ab6ab05158
TYPSoft FTP Server 1.10 Denial Of Service
Posted Dec 29, 2010
Authored by Emanuele Gentili

TYPSoft FTP Server version 1.10 RETR CMD denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2005-3294, OSVDB-19992
SHA-256 | b1a032c7a23e25e191a8ec4affeb06545de872512fdf8c538cfd46edf16d5960
QuickTime Picture Viewer 7.6.6 Denial Of Service
Posted Dec 29, 2010
Authored by BraniX

QuickTime Picture Viewer version 7.6.6 JP2000 denial of service exploit.

tags | exploit, denial of service
SHA-256 | 1b272c90310e2f697d556cc594f9158912fdda2d7ccfccb110c11915e8ced017
IrfanView 4.27 Denial Of Service
Posted Dec 29, 2010
Authored by BraniX

IrfanView version 4.27 JP2000.dll plugin denial of service exploit.

tags | exploit, denial of service
SHA-256 | e83acc426333f3d230a7b331ef523b100443545f6d3d6007fb5dd3fc15364a7a
Siteframe 3.2.3 SQL Injection
Posted Dec 29, 2010
Authored by AnGrY BoY

Siteframe version 3.2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | eee08bed75cbe86dde01afdaad3ef91e331e05032966436d4bc12b0f96961df3
DGNews 2.1 SQL Injection
Posted Dec 29, 2010
Authored by kalashnikov

DGNews version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3895df37fd062e432d4d44936591ef08cc8afe61fbc5be2b9b52c37270a9092
TYPO3 Unauthenticated Arbitrary File Retrieval
Posted Dec 29, 2010
Authored by ikki

TYPO3 unauthenticated arbitrary file retrieval exploit. Affects versions 4.2.15, 4.3.7, and 4.4.4.

tags | exploit, arbitrary, file inclusion
advisories | CVE-2010-3714
SHA-256 | 2a2b3e4555ad13f58b384edbe8d46660c60151646bfc4b76dba4acdbbd9df710
ardeaCore 2.25 PHP Framework Remote File Inclusion
Posted Dec 29, 2010
Authored by n0n0x

ardeaCore version 2.2.5 PHP Framework suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, file inclusion
SHA-256 | 457a2767d371d2321b79482da1102c4c91ec0c06d59c00b1bdca19b338355bd6
News Script PHP Pro Shell Upload
Posted Dec 29, 2010
Authored by Net.Edit0r

News Script PHP Pro suffers from a shell upload vulnerability.

tags | exploit, shell, php
SHA-256 | 65efe74876147eb4b57a978db4c006848440b1f9511eafeca100ee49f8afd22b
HotWeb Rental SQL Injection
Posted Dec 29, 2010
Authored by non-customers

HotWeb Rentals suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8cb39327a8568ed7be92b8abe0f4a184346e1c420f665f031f8a779ffd5ccc6b
Secunia Security Advisory 42749
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered some vulnerabilities in the Chilkat FTP-2 ActiveX component, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | 6a6cc501f44e2948515e4b065294a68ae319eb5943009e21d7eceaeb9b91891a
Secunia Security Advisory 42752
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.

tags | advisory
SHA-256 | ef45afaf047982f1f343294b198714e64f15a4e8fdb6a3ff4cfa10965f8b2785
Secunia Security Advisory 42748
Posted Dec 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LiveZilla, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2f27e8af78f3061fe899fc6684ed9260832ccfd233440f97f42031a862d53760
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close