ignore security and it'll go away
Showing 1 - 25 of 49 RSS Feed

Files Date: 2011-04-25

MediaCast 8 Credential Disclosure
Posted Apr 25, 2011
Authored by Daniel Clemens

MediaCast versions 8 and below suffer from a vulnerability that allows for the disclosure of previously cached Active Directory credentials.

tags | exploit
MD5 | 1ed787ce5e6c4314c4792b86eb5e802e
AT-TFTP Server 1.8 Denial Of Service
Posted Apr 25, 2011
Authored by Antu Sanadi | Site secpod.com

AT-TFTP Server version 1.18 suffers from a remote denial of service vulnerability. Proof of concept exploit is included.

tags | exploit, remote, denial of service, proof of concept
systems | linux
MD5 | f5d2ff7740f68e8ca87cb71fe51da58f
Kaspersky Administration Kit Design Flaw
Posted Apr 25, 2011
Authored by Alexey Sintsov

The Service account used for the Kaspersky Administration Kit and its functionality allow for attacks on other hosts in the network.

tags | advisory
MD5 | 7fdb267ed2678f40bd7ebbee99b6db81
mySeatXT 0.1781 SQL Injection
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A remote SQL injection vulnerability in mySeatXT version 0.1781 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, remote, arbitrary, shell, php, sql injection
MD5 | dc29ebc74c7521a22a6f87b4afbb0175
OrangeHRM 2.6.3 Local File Inclusion
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in OrangeHRM version 2.6.3 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | ac5534fda67797781aec0138c4e294eb
Publishing Technology Blind SQL Injection
Posted Apr 25, 2011
Authored by KnocKout

Publishing Technology suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 21092a3ebda4d6247c74ec855d9ec8ae
phpMyChat Plus 1.93 SQL Injection
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A remote SQL injection vulnerability in phpMyChat Plus version 1.93 can be exploited to extract arbitrary data.

tags | exploit, remote, arbitrary, sql injection
MD5 | 355ba6438154825144627a04033b09c4
phpMyChat Plus 1.93 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in phpMyChat Plus version 1.93 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | b7a1093f02a360ab833b6117187f0416
TemaTres 1.3 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in TemaTres version 1.3 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | c9aab7232d1bf63279512f0d4ffa4c58
webERP 4.03.08 Cross Site Scripting
Posted Apr 25, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in webERP version 4.03.8 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 8f07ce37efda36e7ce17617c5f70d9ef
T50 Sukhoi PAK FA Mixed Packet Injector 5.3
Posted Apr 25, 2011
Authored by Nelson Brito | Site fnstenv.blogspot.com

T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.

Changes: New license (GPL 2.0), CIDR support added, eleven new protocols added, encapsulation, and more.
tags | tool, scanner
systems | unix
MD5 | 4007277faf119e86a1289fd31e301c90
html_edit CMS 3.1.9 Cross Site Scripting
Posted Apr 25, 2011
Authored by KedAns-Dz

html_edit CMS versions 3.1.9 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 47fb35344f0809b3dd9e5c26550735e1
Moscrack WPA Cluster Cracker 2.06b
Posted Apr 25, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: This is a minor bugfix release because 2.05b had an error in the sample config file that was causing Moscrack to fail to load. Other small things have been fixed at the same time. If you had trouble getting 2.05b to work, update to 2.06b.
tags | cracker
systems | unix
MD5 | 2ee0e92a7520e6bc3b2498a93ccc1814
Saudisoftech SQL Injection
Posted Apr 25, 2011
Authored by Net.Edit0r

Saudisoftech suffers from a remote SQL injection vulnerability in detail.php.

tags | exploit, remote, php, sql injection
MD5 | cfd607db765a9fdcc0f63e108f121463
SoftMP3 SQL Injection
Posted Apr 25, 2011
Authored by mArTi

SoftMP3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7cdeb19941ed357ebb1454bf2626f502
Webmin 1.540 Cross Site Scripting / Command Execution
Posted Apr 25, 2011
Authored by Javier Bassi

Webmin versions 1.540 and below suffer from a cross site scripting vulnerability that allows for remote command execution.

tags | exploit, remote, xss
MD5 | 18ddeecb8ae5179db810c833a7e59b32
HP Security Bulletin HPSBMA02667 SSRT100464
Posted Apr 25, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02667 SSRT100464 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) and HTML injection. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2011-1726, CVE-2011-1727
MD5 | e2da830f93891eefc9943172162051f1
b2evolution 4.0.5 Remote File Inclusion
Posted Apr 25, 2011
Authored by KedAns-Dz

b2evolution version 4.0.5 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | fb39e7d4451b24966db4a274dc19cc61
Xilisoft Video Converter Ultimate DLL Hijack
Posted Apr 25, 2011
Authored by KedAns-Dz

Xilisoft Video Converter Ultimate suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 08f5d61d2a1ebb27232f517d3592e202
eZip Wizard 3.0 Stack Buffer Overflow
Posted Apr 25, 2011
Authored by fl0 fl0w, jduck, Lincoln | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 3.0 of ediSys Corp.'s eZip Wizard. In order for the command to be executed, an attacker must convince someone to open a specially crafted zip file with eZip Wizard, and access the specially file via double-clicking it. By doing so, an attacker can execute arbitrary code as the victim user.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-1028, OSVDB-52815
MD5 | 0abe052d47adcd6bbc48298caa1dedca
WordPress User Enumeration
Posted Apr 25, 2011
Authored by Xecuti0N3r

The messaging used in failed login attempts in WordPress allows for user enumeration.

tags | exploit
MD5 | e1ad101cb09eb26a37376c4f3bf8d3a1
eXPert PDF Editor 7 Professional Denial Of Service
Posted Apr 25, 2011
Authored by KedAns-Dz

eXPert PDF Editor version 7 Professional null heap proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 5218cf551babbe5630e1b6cda9476950
RealPlayer 11 Browser Active-X Code Execution
Posted Apr 25, 2011
Authored by KedAns-Dz

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution, activex
MD5 | 6ec097a57fd28952769763a08e9cab42
HP Security Bulletin HPSBMA02666 SSRT100434
Posted Apr 25, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02666 SSRT100434 - A potential security vulnerability has been identified with HP Network Automation running on Linux, Solaris, and Windows. This vulnerability could be exploited remotely resulting in information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
systems | linux, windows, solaris
advisories | CVE-2011-1725
MD5 | 50d118d2fe19b71bffd91942ccfa7d7b
Maxthon Browser 3.22.2000 Denial Of Service
Posted Apr 25, 2011
Authored by Xecuti0N3r

Maxthon Browser version 3.22.2000 denial of service exploit.

tags | exploit, denial of service
MD5 | aae52a9af28509bdbaba945ddf6c6f82
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close