exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2011-04-07

e107 0.7.25 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A cross site request forgery vulnerability in e107 version 0.7.25 can be exploited to grant admin privileges.

tags | exploit, csrf
SHA-256 | 63cb6ca823beffb1db021f387a72de0cdc5f339f33eb80b38b7c32801ec531fb
vtiger CRM 5.2.1 Cross Site Scripting
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in vtiger CRM version 5.2.1 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 16503d8f7b3e70437cff319ce1fb193af7665166d746ed4b65f60860441ec7ba
vtiger CRM 5.2.1 Local File Inclusion
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in vtiger CRM version 5.2.1 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 588c18208d84dab6e005ca0cf9a5d3627abdc7d5c0a944370d71d56b3058647f
eXtplorer 2.1 RC3 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A cross site request forgery vulnerability in eXtplorer version 2.1 RC3 can be exploited to create a new admin.

tags | exploit, csrf
SHA-256 | 73510bbcc0b1f03a41a02a1a718641f2649cc998082d27d2a801818d516a1fff
eGroupware 1.8.001 Cross Site Scripting
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in eGroupware version 1.8.001 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 12b599a5bb6bc60e3ec879007d3ad6b455cda895ae66b2b950121333995b3fc8
eGroupware 1.8.001 SQL Injection
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A SQL injection vulnerability in eGroupware version 1.8 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, arbitrary, shell, php, sql injection
SHA-256 | 172bfbdcfad1acd11c2432e343fc10b79bc2c32328f1c7d5cf4a1e219b0e5e46
Originsoftech Web Portal SQL Injection
Posted Apr 7, 2011
Authored by eXeSoul

Originsoftech Web Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 801c653b6810654a3d5e49660b106b3234aa621996879100476cf94dd446f024
PrestaShop 1.3.6 Remote File Inclusion
Posted Apr 7, 2011
Authored by KedAns-Dz

PrestaShop versions 1.3.6 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 6d48010904e89cbb028165da32b18378068ad402de7edbccc4d8aa38f7a86938
SMF 2.0 RC5 Shell Upload
Posted Apr 7, 2011
Authored by KedAns-Dz

SMF version 2.0 RC5 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | a1f21657fc82224f89166bb64fd9ca7bc1faefc521a9ff441c0acaa998fae69e
S40 CMS 0.4.2b Local File Inclusion
Posted Apr 7, 2011
Authored by Osirys | Site y-osirys.com

S40 CMS version 0.4.2b suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | cdeb09a0f1390c3f32b053d7ee5f8c94b4566882ad81feeb09c6f09346bf55d8
PHPList 2.10.12 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by Hanno Boeck | Site hboeck.de

PHPList versions 2.10.12 and below suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2011-0748
SHA-256 | b5bb4955da0a735dfa018ccf451ebac4b437a2335d31fee95b7fb4a779d849e1
O2 Classic Router Cross Site Request Forgery / Cross Site Scripting
Posted Apr 7, 2011
Authored by Hanno Boeck | Site hboeck.de

O2 Classic Router suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2010-1482, CVE-2011-0746
SHA-256 | 94d6ca9d702ec4f5fdb7414e8e935b6e8e12b2ba4c775e2b2fd39a04eff4c71f
Omerportal 3.2 Cross Site Scripting
Posted Apr 7, 2011
Authored by kurdish hackers team | Site kurdteam.org

Omerportal version 3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d76bb6f54bf6535235d7dd60a0718c72aa7902b059e6eae48efe87fc55606e05
Maia Mailguard 1.0.2a Cross Site Scripting
Posted Apr 7, 2011
Authored by Mario Lopez

Maia Mailguard version 1.0.2a suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a17fac23af4f8ee93e8a452180514970a4793b25fe74614e11dfcc833fad7384
phpCollab 2.5 XSRF / XSS / Path Disclosure
Posted Apr 7, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpCollab version 2.5 suffers from cross site request forgery, cross site scripting, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, info disclosure, csrf
SHA-256 | 24dae2ce4e30998788f0079b222d025dfefa60793bbed690236f7d192c66acbb
Hydra Network Logon Cracker 6.2
Posted Apr 7, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Password bruteforcing mode, new XMPP and IRC modules, and more.
tags | web, cracker, imap
systems | cisco, unix
SHA-256 | 0b340632db9d429eb3c32a592a51f7333feda0fe682229c2027ae445a1e3f54e
GreenPants 0.1.7 SQL Injection
Posted Apr 7, 2011
Authored by Ptrace Security

GreenPants version 0.1.7 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 805f804e75a0585df2b9e1b27e0816e4cbf7495925ce07310d0e66e64526dfb5
dhclient 4.2.x Remote Code Execution
Posted Apr 7, 2011
Authored by Sebastian Krahmer, Marius Tomaschewski | Site isc.org

ISC dhclient does not strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client. Versions 3.0.x through 4.2.x are affected.

tags | advisory, remote, shell, code execution
advisories | CVE-2011-0997
SHA-256 | 74c7470b833e5a628636a879d280edb69870985e9edf88bd5ec22165c18462fa
Viscacha 0.8.1 XSS / SQL Injection / Path Disclosure
Posted Apr 7, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Viscacha version 0.8.1 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
SHA-256 | 61ee407e4cc1b7462953d9c55d62167ad378cc531b261cdf394148de8508dd06
Mandriva Linux Security Advisory 2011-068
Posted Apr 7, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-068 - Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it's coming from a trusted site. The NSS and NSPR packages were updated to the latest versions as well as the rootcerts packages providing the latest root CA certs from mozilla as of 2011/03/23. The firefox packages were updated to the latest 3.6.16 version which is not vulnerable to this issue. The mozilla thunderbird 3.1.9 packages were patched with the same fix as of firefox as a precaution.

tags | advisory, web, root
systems | linux, mandriva
SHA-256 | e8f12aa8728abc22813c5a873b4826eae6cfbeb81154145db07a394e39fb0c07
Synergy 1.4 Protocol Cleartext Weakness Proof Of Concept
Posted Apr 7, 2011
Authored by Sw1tCh

Proof of concept exploit for Synergy version 1.4 that records keystrokes and mouse movements.

tags | exploit, proof of concept
SHA-256 | db83f185af928893b05ba89aa0a61dc9c2e04f651d28150ddd2a6937c182b5f7
Libmodplug 0.8.8.1 ReadS3M Stack Overflow
Posted Apr 7, 2011
Authored by M. Lucinskij, P. Tumenas | Site sec-consult.com

Libmodplug library is prone to a stack based buffer overflow vulnerability due to insufficient validation of user supplied data. An attacker is able to execute arbitrary code in the context of the user when opening malicious S3M media files. Version 0.8.8.1 is affected.

tags | advisory, overflow, arbitrary
SHA-256 | 3b492361b42a31322dd539245a7c64c4f1cbf45a7f989edecf307ed261a181bd
Wamp Webserver 2.1 File Download
Posted Apr 7, 2011
Authored by KedAns-Dz

Wamp Webserver version 2.1 remote file download exploit that appends a period to a file in order to disclose it.

tags | exploit, remote, info disclosure
SHA-256 | 357340de3f3be8b2c055c8487964333d98b2e37a79bfbc1da645c44f77e4ae43
Debian Security Advisory 2211-1
Posted Apr 7, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2211-1 - Ricardo Narvaja discovered that missing input sanitizing in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2010-3275, CVE-2010-3276
SHA-256 | e073d46b4829b171e82673b95ad61f5320339eabeacacf28e5154686cc313d17
Secunia Security Advisory 44046
Posted Apr 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Node Quick Find module for Drupal, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 01a47ffc5c44a647a82d6072c92ab2a2baa56dbc085de316115f1ec30c20be2e
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close