what you don't know can hurt you
Showing 1 - 25 of 30 RSS Feed

Files Date: 2011-04-07

e107 0.7.25 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A cross site request forgery vulnerability in e107 version 0.7.25 can be exploited to grant admin privileges.

tags | exploit, csrf
MD5 | 6685716b7fa0d84c7a985b330ce9ccef
vtiger CRM 5.2.1 Cross Site Scripting
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in vtiger CRM version 5.2.1 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 925887753fa20f8477b9b236a16e3cca
vtiger CRM 5.2.1 Local File Inclusion
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in vtiger CRM version 5.2.1 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | fd14ff11efa9924913a8942a5adc4f97
eXtplorer 2.1 RC3 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A cross site request forgery vulnerability in eXtplorer version 2.1 RC3 can be exploited to create a new admin.

tags | exploit, csrf
MD5 | f3925c51acd3d175f18fd83d02f82d2c
eGroupware 1.8.001 Cross Site Scripting
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in eGroupware version 1.8.001 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 02582b4d01f2a605965fafbdf751522d
eGroupware 1.8.001 SQL Injection
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A SQL injection vulnerability in eGroupware version 1.8 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, arbitrary, shell, php, sql injection
MD5 | 1e79107513f101b438a476e2ae0cb3b1
Originsoftech Web Portal SQL Injection
Posted Apr 7, 2011
Authored by eXeSoul

Originsoftech Web Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 802b0eece5691f35219af240852334fa
PrestaShop 1.3.6 Remote File Inclusion
Posted Apr 7, 2011
Authored by KedAns-Dz

PrestaShop versions 1.3.6 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | fcd7939169e2248387b7e8e06d4c6df2
SMF 2.0 RC5 Shell Upload
Posted Apr 7, 2011
Authored by KedAns-Dz

SMF version 2.0 RC5 suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 60652c8f70b47f492fe9acaf733dc0c4
S40 CMS 0.4.2b Local File Inclusion
Posted Apr 7, 2011
Authored by Osirys | Site y-osirys.com

S40 CMS version 0.4.2b suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | f6aee2d014c57d078f24aa694d167fbb
PHPList 2.10.12 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by Hanno Boeck | Site hboeck.de

PHPList versions 2.10.12 and below suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2011-0748
MD5 | 13285ebf59fd007df62537b069149d6c
O2 Classic Router Cross Site Request Forgery / Cross Site Scripting
Posted Apr 7, 2011
Authored by Hanno Boeck | Site hboeck.de

O2 Classic Router suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2010-1482, CVE-2011-0746
MD5 | 1ea026f943f7ff3803093336465d541a
Omerportal 3.2 Cross Site Scripting
Posted Apr 7, 2011
Authored by kurdish hackers team | Site kurdteam.org

Omerportal version 3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 339409e270b8729691076d9557896205
Maia Mailguard 1.0.2a Cross Site Scripting
Posted Apr 7, 2011
Authored by Mario Lopez

Maia Mailguard version 1.0.2a suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 504b6770de235ef59bd68af2e321ed33
phpCollab 2.5 XSRF / XSS / Path Disclosure
Posted Apr 7, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpCollab version 2.5 suffers from cross site request forgery, cross site scripting, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, info disclosure, csrf
MD5 | 966efe9d16a0f6a9cc752bfef7fa535c
Hydra Network Logon Cracker 6.2
Posted Apr 7, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Password bruteforcing mode, new XMPP and IRC modules, and more.
tags | web, imap
systems | cisco, unix
MD5 | 3249cc9e30c2037c5d4dee557cb77ea5
GreenPants 0.1.7 SQL Injection
Posted Apr 7, 2011
Authored by Ptrace Security

GreenPants version 0.1.7 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 0dde7f085fd91aa0629a78ee8478f273
dhclient 4.2.x Remote Code Execution
Posted Apr 7, 2011
Authored by Sebastian Krahmer, Marius Tomaschewski | Site isc.org

ISC dhclient does not strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client. Versions 3.0.x through 4.2.x are affected.

tags | advisory, remote, shell, code execution
advisories | CVE-2011-0997
MD5 | d72d8ec7a6e3379df290f80d3b1b37cd
Viscacha 0.8.1 XSS / SQL Injection / Path Disclosure
Posted Apr 7, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Viscacha version 0.8.1 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
MD5 | 1ab4257050f79e45e90c72d89d55e951
Mandriva Linux Security Advisory 2011-068
Posted Apr 7, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-068 - Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it's coming from a trusted site. The NSS and NSPR packages were updated to the latest versions as well as the rootcerts packages providing the latest root CA certs from mozilla as of 2011/03/23. The firefox packages were updated to the latest 3.6.16 version which is not vulnerable to this issue. The mozilla thunderbird 3.1.9 packages were patched with the same fix as of firefox as a precaution.

tags | advisory, web, root
systems | linux, mandriva
MD5 | 9d1be1798f5580f699b7fdc83bca8150
Synergy 1.4 Protocol Cleartext Weakness Proof Of Concept
Posted Apr 7, 2011
Authored by Sw1tCh

Proof of concept exploit for Synergy version 1.4 that records keystrokes and mouse movements.

tags | exploit, proof of concept
MD5 | befdf0daedbd29dd05fd4047c732f374
Libmodplug 0.8.8.1 ReadS3M Stack Overflow
Posted Apr 7, 2011
Authored by M. Lucinskij, P. Tumenas | Site sec-consult.com

Libmodplug library is prone to a stack based buffer overflow vulnerability due to insufficient validation of user supplied data. An attacker is able to execute arbitrary code in the context of the user when opening malicious S3M media files. Version 0.8.8.1 is affected.

tags | advisory, overflow, arbitrary
MD5 | 3282329bba2d740fd754ffba9a929180
Wamp Webserver 2.1 File Download
Posted Apr 7, 2011
Authored by KedAns-Dz

Wamp Webserver version 2.1 remote file download exploit that appends a period to a file in order to disclose it.

tags | exploit, remote, info disclosure
MD5 | 265c7cdcfc48c2378bf43174063e4709
Debian Security Advisory 2211-1
Posted Apr 7, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2211-1 - Ricardo Narvaja discovered that missing input sanitizing in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2010-3275, CVE-2010-3276
MD5 | 180eb8eb2a1e71b67870f021688dad8f
Secunia Security Advisory 44046
Posted Apr 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Node Quick Find module for Drupal, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | d14453b6d85361ecb3802b4a6f236ecf
Page 1 of 2
Back12Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close