what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2012-01-01

PHP-X-Links SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

PHP-X-Links suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 471c6627ceb3b865126edd11e6db101be7ca8cc213380000c36458ee3e614839
WSN Links Script SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

WSN Links script suffers from a remote SQL injection vulnerability in report.php.

tags | exploit, remote, php, sql injection
SHA-256 | 8df011c7700d0ac768739c6debb1d00b0a82f9032418f9dc0d9b6a7f14ebe125
Packet Storm New Exploits For 2011
Posted Jan 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

Complete comprehensive archive of all 3,873 exploits added to Packet Storm in 2011.

tags | exploit
systems | linux
SHA-256 | d289b09b2825205652e7ba4a0699cb0f5cdf2934b07df28338628241fc0d2c82
Packet Storm New Exploits For December, 2011
Posted Jan 1, 2012
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 211 exploits added to Packet Storm in December, 2011.

tags | exploit
systems | linux
SHA-256 | 9fd24271730a78dbe8efaf705cb5a777ad7e1b07dc3cb7e27645b61ce080a1d6
Mandriva Linux Security Advisory 2011-198
Posted Jan 1, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-198 - Multiple vulnerabilities has been found and corrected in phpmyadmin. Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server). Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs. Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.

tags | advisory, web, local, vulnerability
systems | linux, mandriva
advisories | CVE-2011-4107, CVE-2011-4634, CVE-2011-4782, CVE-2011-4780
SHA-256 | 849717620dc582e004cf04bfa3adddb6224bed65bd3093ac4c8205f2f134c230
Siena CMS 1.242 Cross Site Scripting
Posted Jan 1, 2012
Authored by Net.Edit0r, BHG Security Center

Siena CMS version 1.242 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a64759cd57b5e55696506eeda6f87bec78f3bf067939ad5841341dc56d1584a8
PHP 5.3.x Hashtables Proof Of Concept
Posted Jan 1, 2012
Authored by infodox

PHP 5.3.x hash collision denial of service proof of concept exploit.

tags | exploit, denial of service, php, proof of concept
advisories | CVE-2011-4885
SHA-256 | 4fedb48a322a5c1cc6a37e6e8d60e449a09a49c804537bef9e115dec5fade8b1
KBeast (Kernel Beast) Linux Rootkit 2012
Posted Jan 1, 2012
Authored by IPSECS

KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.

tags | tool, kernel, rootkit
systems | linux, unix
SHA-256 | 63f6b4bc4339137a2e0815584ec2c392125bf6d3a2e797f3285be98719fd091b
jPORTAL 2 SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

jPORTAL version 2 suffers from a remote SQL injection vulnerability in comment.php.

tags | exploit, remote, php, sql injection
SHA-256 | efe333d0450c8e81702edfcdab372e51985d72c7a70fc7c87ed614810710f3f2
Jin Ware International 1.2 SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Jin Ware International version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bd5f24e201a78392cff78e52639296472b6556c8f5718ef04d66dad422f9fc78
Readmore Systems SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Readmore Systems suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cf51c3e8ea81e500b799f8d6e5ea9899957bc7aa0ec560f06631910a469177c1
WordPress LivePHP Cross Site Scripting
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

The WordPress LivePHP plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3b0a6afe33657d2edff34bc2640000098c713937a181f6e468c84cd80b1e031c
WebSAT Blind SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

WebSAT suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fbad0add64eb1d6e2ff9a3afd95d68c86af09eaa1b3ec48d357767e6aefc8ac2
PHPB2B Cross Site Scripting
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

PHPB2B suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7de1ab8235d102b1c66110b132a9cf3c60f0eed781a87fbe5609eb418249a7a2
Lixar SQL Injection
Posted Jan 1, 2012
Authored by Kalashinkov3

Lixar suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c38756998752f6b74f15f91bdd60cb7959ebf595d0f6bfe9bb87460099174c67
Polymorphic Add User Shellcode
Posted Jan 1, 2012
Authored by Pentesters.ir

Linux/x86 polymorphic shellcode that escalates uid/gid and adds user iph to /etc/passwd without a password.

tags | x86, shellcode
systems | linux
SHA-256 | c76ec179be82bd66c6ce5163485d57eea3d44050cf6f706dcc2af9eaea0200dd
ITMiddle SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

ITMiddle suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 62bb1699dc62f67a9e50d9270822ef3e43806044d0cc99dc0ac0300ce9e1b6a9
wsCMS Cross Site Scripting / SQL Injection
Posted Jan 1, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

wsCMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 34ae74bb916e433aa618f8b86d9a2583d3ad685697f6112e621c2e57725cae61
Debian Security Advisory 2376-2
Posted Jan 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2376-2 - It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2011-4339
SHA-256 | 1f6cfd1dbcceedfde1aa46a1380d5bbcc45286102e4084bf6b7ccbcc281ee09a
IBM Lotus Notes/Domino 8.5.2 FP3 Denial Of Service
Posted Jan 1, 2012
Authored by XiaoPeng Zhang | Site fortinet.com

IBM Lotus Notes/Domino server suffers from a remote denial of service vulnerability that can be triggered by a malformed TCP packet. Versions 8.5.2 FP3 and earlier, 8.5.1, 8.5 and 8.0.x are affected.

tags | advisory, remote, denial of service, tcp
advisories | CVE-2011-1393
SHA-256 | d16ac8bae9357e03ce32188da32c40d2f0354c626f5fe6e353dc33c6272859ae
Charybdis Crash Bug
Posted Jan 1, 2012
Authored by muztapha

All versions of Charybdis are vulnerable to a remotely-triggered crash bug caused by code originating from ircd-ratbox 2.0.

tags | advisory
SHA-256 | f1950463ae3bf4a8ac9d15c62208dc1561daa1cfe6ba3bf7ef6225851c71a752
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close