what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 49 RSS Feed

Files Date: 2011-04-25

MediaCast 8 Credential Disclosure
Posted Apr 25, 2011
Authored by Daniel Clemens

MediaCast versions 8 and below suffer from a vulnerability that allows for the disclosure of previously cached Active Directory credentials.

tags | exploit
SHA-256 | c88fa381d0da7f60a5a8607c0a502f70e3ca22558705e751c96e78bcd92f858a
AT-TFTP Server 1.8 Denial Of Service
Posted Apr 25, 2011
Authored by Antu Sanadi | Site secpod.com

AT-TFTP Server version 1.18 suffers from a remote denial of service vulnerability. Proof of concept exploit is included.

tags | exploit, remote, denial of service, proof of concept
systems | linux
SHA-256 | 072356984ca8faefce1723f3102ee7b8a3127843c984c8180efac28c181306ae
Kaspersky Administration Kit Design Flaw
Posted Apr 25, 2011
Authored by Alexey Sintsov

The Service account used for the Kaspersky Administration Kit and its functionality allow for attacks on other hosts in the network.

tags | advisory
SHA-256 | b585dc3095a18907a4e028c2b7199b468998223fdbe4a03c06b60f7ede4310b8
mySeatXT 0.1781 SQL Injection
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A remote SQL injection vulnerability in mySeatXT version 0.1781 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, remote, arbitrary, shell, php, sql injection
SHA-256 | 027c040aefe3cce4d941812b454320797ec0935118cbc79f575a7cd766c3f745
OrangeHRM 2.6.3 Local File Inclusion
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in OrangeHRM version 2.6.3 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 904f19ed1c7d78e937be6a1e3e37907f31490b70b77fa966d4f097d84f44537c
Publishing Technology Blind SQL Injection
Posted Apr 25, 2011
Authored by KnocKout

Publishing Technology suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4484210dc3dc2c7e5ae4ceae9b0c1f10b5c60d04a636ba8bc8f415e7b515fed3
phpMyChat Plus 1.93 SQL Injection
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A remote SQL injection vulnerability in phpMyChat Plus version 1.93 can be exploited to extract arbitrary data.

tags | exploit, remote, arbitrary, sql injection
SHA-256 | 74db3035ec2bf971a33ef4161634f2f27af0d47df247933f63d90810de555def
phpMyChat Plus 1.93 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in phpMyChat Plus version 1.93 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 457aeb746421475c9817a831b496f445a2a28d1e0ecb0d84f283577bfbc3d397
TemaTres 1.3 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in TemaTres version 1.3 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | cca51d2fe24e65e79aa40b59ff941ac3fcde1a49e8678ad19e81ca640616f4dd
webERP 4.03.08 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in webERP version 4.03.8 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 319298e6d568adf1f967836d0094304409c0db8ab76287d7cd60d4b785af7190
T50 Sukhoi PAK FA Mixed Packet Injector 5.3
Posted Apr 25, 2011
Authored by Nelson Brito | Site fnstenv.blogspot.com

T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.

Changes: New license (GPL 2.0), CIDR support added, eleven new protocols added, encapsulation, and more.
tags | tool, scanner
systems | unix
SHA-256 | 80f68d67528814b6f2516915067c0d6a66ade4ee9ca86e4b79355e57a18fdfbe
html_edit CMS 3.1.9 Cross Site Scripting
Posted Apr 25, 2011
Authored by KedAns-Dz

html_edit CMS versions 3.1.9 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e63a273bc376cde13d7e11dc2f79a87a1b10296f919cbf939b995614e7be0e7d
Moscrack WPA Cluster Cracker 2.06b
Posted Apr 25, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: This is a minor bugfix release because 2.05b had an error in the sample config file that was causing Moscrack to fail to load. Other small things have been fixed at the same time. If you had trouble getting 2.05b to work, update to 2.06b.
tags | cracker
systems | unix
SHA-256 | 6264c658b35443b0abef0c3dc2b58d0e401c4637a21dee626b12c9027294bf3c
Saudisoftech SQL Injection
Posted Apr 25, 2011
Authored by Net.Edit0r

Saudisoftech suffers from a remote SQL injection vulnerability in detail.php.

tags | exploit, remote, php, sql injection
SHA-256 | 9f290b9660062669b4fb65b4d14389159b85fda8bd8559d507dd859e6706ca66
SoftMP3 SQL Injection
Posted Apr 25, 2011
Authored by mArTi

SoftMP3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3e3fa9a3112dc4fcb3d914db99f6e43ca588fc500f2d4146a431755c17758bc7
Webmin 1.540 Cross Site Scripting / Command Execution
Posted Apr 25, 2011
Authored by Javier Bassi

Webmin versions 1.540 and below suffer from a cross site scripting vulnerability that allows for remote command execution.

tags | exploit, remote, xss
SHA-256 | 79ce7134a3ef970d8a21e29d564f22919b1a69160445b954a449d17e00f80f9d
HP Security Bulletin HPSBMA02667 SSRT100464
Posted Apr 25, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02667 SSRT100464 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) and HTML injection. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2011-1726, CVE-2011-1727
SHA-256 | 0cb03747a2b863b1791ac1d790b4cf2d41807c01f062ae1537b21bd88145c70b
b2evolution 4.0.5 Remote File Inclusion
Posted Apr 25, 2011
Authored by KedAns-Dz

b2evolution version 4.0.5 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 121ce4a54587185de752cf9aa2ed560fcbe8a5f05914cc6ff660d0b7242c2cf3
Xilisoft Video Converter Ultimate DLL Hijack
Posted Apr 25, 2011
Authored by KedAns-Dz

Xilisoft Video Converter Ultimate suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | d575cd635032e4b85083c0a1042a9574353dda3180bbe543e37d46b25a286d92
eZip Wizard 3.0 Stack Buffer Overflow
Posted Apr 25, 2011
Authored by fl0 fl0w, jduck, Lincoln | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 3.0 of ediSys Corp.'s eZip Wizard. In order for the command to be executed, an attacker must convince someone to open a specially crafted zip file with eZip Wizard, and access the specially file via double-clicking it. By doing so, an attacker can execute arbitrary code as the victim user.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-1028, OSVDB-52815
SHA-256 | f7cf6b8da01815b33b60d03bf75a15fdc34e7db6f1efa9610628e431ece1a389
WordPress User Enumeration
Posted Apr 25, 2011
Authored by Xecuti0N3r

The messaging used in failed login attempts in WordPress allows for user enumeration.

tags | exploit
SHA-256 | f48de67dabdc3e6987b8be56f8bdf8cf2efffaaac5d0ff60456f0e5349566759
eXPert PDF Editor 7 Professional Denial Of Service
Posted Apr 25, 2011
Authored by KedAns-Dz

eXPert PDF Editor version 7 Professional null heap proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 71168f53e088408cc1eb223d29435ea82c7017a1a30f9a3ad8d83fcd4913bce0
RealPlayer 11 Browser Active-X Code Execution
Posted Apr 25, 2011
Authored by KedAns-Dz

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution, activex
SHA-256 | 3041d88706bdccc492fbfd8545e6fddf5b77cebe36dd9af230eddebce1330ee3
HP Security Bulletin HPSBMA02666 SSRT100434
Posted Apr 25, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02666 SSRT100434 - A potential security vulnerability has been identified with HP Network Automation running on Linux, Solaris, and Windows. This vulnerability could be exploited remotely resulting in information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
systems | linux, windows, solaris
advisories | CVE-2011-1725
SHA-256 | 926766532b7922eacc62a5c527657e0abb95f69d85d17990bfb73ba012c76806
Maxthon Browser 3.22.2000 Denial Of Service
Posted Apr 25, 2011
Authored by Xecuti0N3r

Maxthon Browser version 3.22.2000 denial of service exploit.

tags | exploit, denial of service
SHA-256 | f20cf6ccd1a1006dc09e72d09a12d50301cad02bbba41adeaf69633dbe11e718
Page 1 of 2
Back12Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close