exploit the possibilities
Showing 1 - 25 of 45 RSS Feed

Files Date: 2012-02-03

PHP-Fusion 7.02.04 SQL Injection
Posted Feb 3, 2012
Authored by Am!r | Site irist.ir

PHP-Fusion version 7.02.04 suffers from a remote SQL injection vulnerability in weblinks.php.

tags | exploit, remote, php, sql injection
MD5 | c7b7077619c230bbd6d7ca48f9c40db8
Port Tester 0.1
Posted Feb 3, 2012
Authored by localh0t

This is a simple little port scanning script written in python.

tags | tool, scanner, python
systems | unix
MD5 | b8fc2783fbb4849e4ceac338b595bcb3
RFC6528 - Defending Against Sequence Number Attacks
Posted Feb 3, 2012
Authored by Fernando Gont

This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793.

tags | paper, tcp
MD5 | 4bd9d141dba29f999534d68fbcf120f5
Torrent-Stats Denial Of Service
Posted Feb 3, 2012
Authored by otr

Torrent-Stats suffers from a denial of service vulnerability in httpd.c.

tags | exploit, denial of service
MD5 | 93cb8010ef7a0d4b878fb544b07e1f0f
PHP 5.4 Buffer Overflow
Posted Feb 3, 2012
Authored by cataphract

PHP 5.4SVN-2012-02-03 htmlspecialchars/entities buffer overflow proof of concept exploit.

tags | exploit, overflow, php, proof of concept
MD5 | 0ec258ee89e3cba85e56bae3a3aa7458
BSides Detroit 12 Call For Papers
Posted Feb 3, 2012
Site bit.ly

BSides Detroit 12 has announced its Call For Presenters. It will take place June 1st through the 2nd in Detroit, Michigan.

tags | paper, conference
MD5 | 29b6fbd2de729bd2ac17fede3c0a54d2
HP Security Bulletin HPSBGN02740 SSRT100741
Posted Feb 3, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02740 SSRT100741 - A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2010-3864
MD5 | 1ee59b68380765139a6c58c7999ac86a
NASA Subdomains Shell Upload / SQL Injection
Posted Feb 3, 2012
Authored by K0242 | Site vulnerability-lab.com

Various NASA subdomains suffer from shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 7502584f2b686b00d2b9d51841b62a1a
Debian Security Advisory 2403-1
Posted Feb 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2403-1 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.

tags | advisory, remote, php
systems | linux, debian
advisories | CVE-2012-0830
MD5 | c4d8e3fd768c60e10ba1bfdc3db5bf69
Secunia Security Advisory 47868
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in multiple HP products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
MD5 | e32bd55a88fc1518373e5ead032645a3
Secunia Security Advisory 47842
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the RTG Files extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 46f39c572ca6ef85296c47a33ee1d6b2
Secunia Security Advisory 47657
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in 2X ApplicationServer TuxSystem ActiveX Control, which can be exploited by malicious people to manipulate certain data.

tags | advisory, activex
MD5 | 66b36125598ff7ccef0d4ce7e66c8c54
Secunia Security Advisory 47809
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for usbmuxd. This fixes a vulnerability, which potentially can be exploited by malicious people with physical access to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
MD5 | 2050d9d743c48b37f61743b0e6510d29
Secunia Security Advisory 47770
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for iceape. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | 4eaab58d5910fd1da60da2a6c600d4a5
Secunia Security Advisory 47866
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes multiple weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
MD5 | f8ac1ad7f8c349ae8c885770dae73014
Secunia Security Advisory 47876
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Prabhu S Angadi has discovered a vulnerability in Sphinx Mobile Web Server, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, web
MD5 | 57be814c09f5997b5519dc26726459a3
Secunia Security Advisory 47872
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and two vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious users to enumerate files on an affected system and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | b71c1236e27f9e0ae8c8b0a653aaf320
Secunia Security Advisory 47854
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in project-open, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 0523f90fef11b695e34a35bbe6050e3c
Dradis Information Sharing Tool 2.9.0
Posted Feb 3, 2012
Authored by etd | Site dradis.nomejortu.com

dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.

Changes: This release added a Retina Network Security Scanner upload plugin and a Zed Attack Proxy upload plugin. The Nessus, Nikto, and Nmap upload plugins are now orders of magnitude faster. A VulnDB import plugin was added to support VulnDB HQ integration. The First Time User's Wizard was updated. Rails was upgraded to version 3.2.
tags | tool, web
systems | unix
MD5 | e8fe9b4cd524c1549a109ff5e66d828a
NetSarang Xlpd Printer Daemon 4 Denial Of Service
Posted Feb 3, 2012
Authored by Prabhu S Angadi | Site secpod.com

The NetSarang Xlpd printer daemon version 4 suffers from a remote denial of service vulnerability. Proof of concept exploit included.

tags | exploit, remote, denial of service, proof of concept
systems | linux
MD5 | 1f73370101126577cb2918b7b219cb82
Achievo 1.4.3 Cross Site Scripting / SQL Injection
Posted Feb 3, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

Achievo version 1.4.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | d67bdb28b04d0c4b2ddc8702d445635a
Foswiki Cross Site Scripting
Posted Feb 3, 2012
Authored by Sony

Foswiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0017fdc6742e13d301b74a7867e5d187
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
Posted Feb 3, 2012
Authored by Luigi Auriemma, James Fitts, Rinat Ziyayev | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001.

tags | exploit, overflow
MD5 | 698866532ad1b54414eac7c2b563cab3
Icona SpA C6 Messenger Downloader Arbitrary File Download / Execute
Posted Feb 3, 2012
Authored by juan vazquez, Nine:Situations:Group::SnoopyAssault | Site metasploit.com

This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.

tags | exploit, arbitrary, activex
advisories | CVE-2008-2551, OSVDB-45960
MD5 | 1b0bd38a24487d48cf49672160173d79
OSCommerce 3.0.2 Cross Site Scripting
Posted Feb 3, 2012
Authored by Alexander Fuchs | Site vulnerability-lab.com

OSCommerce version 3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9ab8c2cea08706ca1d2712804af236bb
Page 1 of 2
Back12Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close