exploit the possibilities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2011-06-18

Joomla A Cool Debate 1.0.3 Local File Inclusion
Posted Jun 18, 2011
Authored by Chip D3 Bi0s

Joomla A Cool Debate component version 1.0.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b2a1c04f5fc28b6af15d79f65d82bfeb
AiCart 2.0 Cross Site Scripting / SQL Injection
Posted Jun 18, 2011
Authored by takeshix

AiCart version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 06c632b81a53cacb783d9c9c8d4c85e6
Joomla Free Consultation Shell Upload
Posted Jun 18, 2011
Authored by Egyptian.H4x0rz

The Joomla Free Consultation component suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | e2638b6e7d8a02c7581068e97852e7dc
WeBid 1.0.2 Cross Site Request Forgery
Posted Jun 18, 2011
Authored by KedAns-Dz

WeBid version 1.0.2 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 9c6efa59ab3244db6d4b2ce48bf93e77
ImmoPHP 1.1.1 SQL Injection / Cross Site Scripting
Posted Jun 18, 2011
Authored by KedAns-Dz

ImmoPHP version 1.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 16021e1efda0ad1d62b1db4dd2644952
Miniblog 1.0.0 Cross Site Request Forgery / Cross Site Scripting
Posted Jun 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Miniblog version 1.0.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f3dec23912d79304ac15611e08f1d36d
Microsoft Windows OLE Automation Integer Underflow
Posted Jun 18, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web
systems | windows
advisories | CVE-2011-0658
MD5 | 8c8d04b9a3694ffbc40cdbfd8fd08acb
EQDKP Plus 0.6.4.5 Cross Site Scripting
Posted Jun 18, 2011
Authored by iPower

EQDKP Plus versions 0.6.4.5 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | deb960dea2535e89dde56df34cf0bc05
myBloggie 2.1.6 SQL Injection
Posted Jun 18, 2011
Authored by Robin Verton

myBloggie version 2.1.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 20f6a5d4d43071c9b02267f37a1c4c4b
e107 0.7.25 Cross Site Scripting / SQL Injection
Posted Jun 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.25 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | f889214108e194595234cba12fc0c9e3
Secunia Security Advisory 44954
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
MD5 | 1c2c3bcba678a65fa254145e754d0e10
Secunia Security Advisory 44968
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in e107, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 2ae7d98497694ea419718b24ed13adfb
HP Security Bulletin HPSBUX02657 SSRT100460 1
Posted Jun 18, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02657 SSRT100460 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2010-2063, CVE-2010-3069, CVE-2011-0719
MD5 | 8a2837b887eb10cd9cfa9a1de141c144
Mandriva Linux Security Advisory 2011-110
Posted Jun 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-110 - Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1178
MD5 | 580a6e61714e684222c3481de28198a2
Smart Communication Protocols and Algorithms 2011 Call For Papers
Posted Jun 18, 2011
Site scpa.it.ubi.pt

The Smart Communication Protocols and Algorithms (SCPA 2011) Call For Papers has been announced. It will take place December 5th through the 9th, 2011 in Houston, Texas in conjunction with Globecom 2011.

tags | paper, protocol, conference
MD5 | 3f241edd886fad8afb0051462dab628c
Taha Portal 3.2 Cross Site Scripting
Posted Jun 18, 2011
Authored by Bl4ck.Viper

Taha Portal version 3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5197a1cdd1850c44da65cc0765751855
HTTP Bog 1.0.0.0
Posted Jun 18, 2011
Authored by AutoSec Tools | Site autosectools.com

HTTP Bog is a slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses. Requires .NET 3.5. Written in C#.

tags | web, denial of service
MD5 | c89d3304824a4967c6697363b15bd2f7
OpenBSD/x86 /bin/sh Shellcode
Posted Jun 18, 2011
Authored by KedAns-Dz

57 bytes small OpenBSD/x86 execve("/bin/sh") shellcode.

tags | x86, shellcode
systems | openbsd
MD5 | ce054006956e22073d2441fd1fb4de74
iDEFENSE Security Advisory 2011-06-14.2
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-0335
MD5 | c08e51afeba91a7726f88e231df377d9
iDEFENSE Security Advisory 2011-06-14.1
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a integer signedness vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "Lscr" record. This record can embed Lingo script code, which is Shockwave's scripting language. The vulnerability occurs when processing certain opcodes. Specifically, a 32-bit value from the file is used as an offset into a heap buffer without proper validation. When comparing the value to the maximum buffer size, a signed comparison is performed. By using a negative value, it is possible to index outside of the allocated buffer. This results in data outside of the buffer being treated as a valid pointer, and this pointer is later used as the destination of a write operation. This can corrupt an arbitrary memory address, which can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0335
MD5 | 152488a41d2287c0909756df567d8465
Secunia Security Advisory 44107
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
MD5 | 877dd3bcbb1b245190a2d51839e19c5b
Secunia Security Advisory 44978
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 9a3bfb4a7e0b750f78a4d3e08f115919
Secunia Security Advisory 44984
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | d801abbf34f4723ccd4f6d05174f62ab
Secunia Security Advisory 44991
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | 7cb4d8789cf4dad6088221d6f9b05c58
Secunia Security Advisory 43861
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for groff. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
MD5 | ef3386ca380cb49e268474aa3029bf04
Page 1 of 2
Back12Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    4 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close