Rama CMS versions 0.68 and below local file inclusion exploit.
b3606ca87ffb7edb6767626997917b19cf9e46398570269423cfce7d6bf3d7dbContentNow version 1.30 suffers from directory traversal and cross site scripting vulnerabilities.
b4e36c2579835511fd180e429c267220de7055c12c2e04a3cdac481d9dfac8dfContentNow version 1.30 suffers from local file inclusion, file upload and command execution vulnerabilities.
64d0c263fd10535f421c0dc76ced3a072b2dbeb76fc5a13748ec4938b36467b3QuickCart versions 2.0 and below local file inclusion exploit that leverages actions_client/gallery.php.
f5055321ec26fb27b4f26e7dcd0f7c49b594433494e00c18bd1f0686d4e211e3Original Win32 version of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution.
846933d938c8ba642bdaaea38a839367e37ffc3c050691922428ea4ccbdad92dLinux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Shell script version.
a55846c9b05cc9ff91e04c28793f07962b4beb73e490fe87b6e190bb5bb7e3feLinux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Perl version.
df146978b0f9a1b8ac7a1f5975813e0c7bf897e1d0e696c46d6776c344a2cb75Utility to test users and passwords with RfcOpenEx on SAP systems. Now deprecated in favor of THC Hydra.
1946d7911a05a58e4cf9b1d70b1079af14fb8417e1bdb2b35075b7435c397425SAP RFC_SYSTEM_INFO information disclosure exploit that leaks OS type, real IP address, SAP version, and more.
ca1725ccfc90166e4942d16984052e553aa51c664b897e451b960846453bdb8dTwo byte UDP denial of service exploit for SAP version below 6.40 patch 6.
e42dd9d291b31a04e667954b494c51fa65832c345991b7336dd4ea1b98caf196CPanel version 10 is susceptible to cross site scripting attacks via the file manager.
f87b10026df30f143b50cb5efac14ce7b2ce41767487ea2e376c0b7643f87465Digipass Go3 token dumper utility that is based on the reverse engineering of Vasco's Digipass Go3 algorithm.
30ad336dfaf9d1ab3b6c7c281092a6f3f3b82640857577895100ecc33c895d68The Web based bibliography management system suffers from a remote file inclusion vulnerability.
6d68775b2197537f443acd7b481efb15cf9357007d80d05cbc1b60d899b37b0cShambo2 Component for Mambo version 4.5 remote file inclusion exploit.
94d35e69dc9f926c4c1ae652cfdda0d950ca5c5a9f38ada6570c4f030d249d6cRoundcube webmail appears to have a cross site scripting vulnerability.
777fc2da5faaae60f518d3791b40609b950f3c149356b76cdc5a1792d53ed4d9Debian Security Advisory 1209-1 - It was discovered that Trac, a wiki and issue tracking system for software development projects, performs insufficient validation against cross-site request forgery, which might lead to an attacker being able to perform manipulation of a Trac site with the privileges of the attacked Trac user.
926fc0afc819f549c7ea295e0f64cc0ad88c8e0505375e06f14c0e4c4da1abffProperty Pro version 1.0 suffers from a remote login bypass SQL injection vulnerability in vir_Login.asp.
18b37aba2d9c971d1dc2689617e4d54da4a5af2dab7c0f59057e0284ffcd3e5cEstate Agent Manager versions 1.3 and below suffer from a SQL injection vulnerability in default.asp.
e2c5e5c110a26a82cd8ebcb17f9a0500383df4bb9409f75d8dedcc2b75c1f10fOnline Event Registration versions 2.0 and below remote user password change exploit that makes use of save_profile.asp.
e66e39a8d277a87eb72958e93a3e5762cc5d86b4c8490499a8ef95be94fcda87ASPPortal versions 4.0.0 and below remote SQL injection exploit that makes use of default1.asp.
8c6cb68e10b24f1ff97fb4e7b9f702c8098e7160fbb591296e5e74b1463f2fc9UPublisher version 1.0 suffers from a remote SQL vulnerability in viewarticle.asp.
3d7c9f0d31690c5005f6c47e3629ca6fa4852857df5e736d9cb4e4f9f0210788UStore version 1.0 suffers from a remote SQL vulnerability in detail.asp.
13efb9f326d1f86b1790630106cb1c23502bf5e709264d7b3661e23d57859d34Asp Scripter Products Easy Portal version 1.4 and Live Support version 1.3 suffer from a SQL injection vulnerability in cpLogin.asp.
ec4a62dc48e996db97701591f049e01a624d8d1f4c0a87176ca058e2928da8c6UltraSite version 1.0 remote SQL injection exploit that makes use of update.asp.
666131cfe12c97f01ae371beea7d2693595e13f5fe95ed1d48a28e22ad2b4dfeNuSchool version 1.0 remote SQL injection exploit that makes use of CampusNewsDetails.asp.
53a60d584db1acb1253dcf280957b4de51241dfcfc7eb17ec003b812953bc2c6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed