exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 102 RSS Feed

Files Date: 2009-04-14 to 2009-04-15

PowerCHM 5.7 Stack Overflow
Posted Apr 14, 2009
Authored by SuB-ZeRo | Site dz-security.com

PowerCHM version 5.7 long URL local stack overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 86af43641627605cc0be92035405b9320a8686d31f85b2d927aebb196187b62e
MonGoose 2.4 Directory Traversal
Posted Apr 14, 2009
Authored by e.wiZz!

MonGoose version 2.4 suffers from a remote directory traversal vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 89c94287ba3f9ad78e79ef53ee952531ee85e7482843320cc93f44f694520ab6
W2B phpEmployment File Disclosure
Posted Apr 14, 2009
Authored by Cyb3r-1sT

W2B phpEmployment suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 493b23a19381f2c79286a65603748aa9760b1cd717bb9091a03248e4505d3f6b
RQMS 1.2.2 SQL Injection
Posted Apr 14, 2009
Authored by Dimi4

RQMS versions 1.2.2 and below suffer from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 0ce9dbb1805c4d368306551fc13dcd58602171e35a534c7c7eb6b87212d82019
AbleSpace 1.0 SQL Injection
Posted Apr 14, 2009
Site dsecrg.com

AbleSpace version 1.0 suffers from multiple remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 1db1964fcfe56f68a23c689740a47b4836a2ca7222b4291a2a939fc28c4f0ada
BugCON Security Conference 2009 Call For Papers
Posted Apr 14, 2009
Site bugcon.org

Call For Papers for the 2009 BugCON Security Conference that will be held in Mexico City from June 24th through the 26th.

tags | paper, conference
SHA-256 | 4e43e9bf067f66f15bd732b168601a224c4fed42bac10f569ca264b18793268d
Security Evaluation Of NanoCMS
Posted Apr 14, 2009
Authored by Justin C. Klein Keane

This is a security evaluation of NanoCMS version 0.4_final. It suffers from credential leakage, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 71c662dc089b12b7192e5d6e256cd945429a5a59a1d24933fb69e6fb99e8d2cc
PHP-Revista RFI / XSS / SQL Injection
Posted Apr 14, 2009
Authored by Sirdarckcat | Site sirdarckcat.net

PHP-Revista suffers from remote file inclusion, cross site scripting, credential bypass, and SQL injection vulnerabilities. Better put, it probably is not a healthy idea to use this software.

tags | exploit, remote, php, vulnerability, code execution, xss, sql injection, bypass, file inclusion
SHA-256 | 04a46e714d4bf1b3d4d79a0cb23f76acfb7c314e24ed1eff6e0dbe45a858eed1
PGP Desktop Pgpdisk.sys / Pgpwded.sys Vulnerabilities
Posted Apr 14, 2009
Authored by Nikita Tarakanov | Site securitylab.ru

Positive Technologies Research Team has discovered several vulnerabilities in PGP Desktop version 9.9.0 build 397.The IOCTL handler in pgpdisk.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. The IOCTL handler in pgpwded.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system or execute arbitrary code with SYSTEM privileges.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2009-0681
SHA-256 | fd5eb6e092f6ede62acc2131f53c5d1028be46e09b1d5723579e413840eb7309
Using ShoutBoxes To Control Malicious Software
Posted Apr 14, 2009
Authored by Feathers McGraw

Whitepaper called Using "ShoutBoxes" to control malicious software.

tags | paper, worm
SHA-256 | 91a1817d06be8df94c362006adb3692753968eda65e7b1c2b874192986c6fb0e
Hacker Space Fest 2009
Posted Apr 14, 2009
Site hackerspace.net

Call for Proposals - Hacker Space Fest 2009 will be taking place in Paris, France on June 26th through June 30th of 2009.

tags | paper, conference
SHA-256 | 5de246a1cb47121a96adb8b56bdbbc7df10177d4cb5d78982411ced8504d252e
EFIPW Apple EFI Firmware Password Changer
Posted Apr 14, 2009
Authored by Paul Makowski | Site code.google.com

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post install item) and pen tests (recovering the EFI firmware password).

tags | tool
systems | unix, apple
SHA-256 | 32600871a5188868b50004beb3b523ddca7180f0dcad55c13de60f87401435fa
Mandriva Linux Security Advisory 2009-091
Posted Apr 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-091 - Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, arbitrary, perl, xss
systems | linux, mandriva
advisories | CVE-2009-0796
SHA-256 | b9e455c3e002e062a57ef3ed94e53ec0b578330ba17bd8cad959c2f0f7bdb85b
Process Hacker - Source Release
Posted Apr 14, 2009
Site processhacker.sourceforge.net

Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the source distribution.

tags | kernel, local
SHA-256 | da3b266c94a9c9820a9c3b8c196f1a2800b25fbf9690ed85d19502f8b0eb3101
Process Hacker - Binary Release
Posted Apr 14, 2009
Site processhacker.sourceforge.net

Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the binary distribution.

tags | kernel, local
SHA-256 | 4d3bf3cf380b3fd9fd3e427570c254fe92b661e080dd85df7bcc9a5c27d327f8
e107 User Journals Menu SQL Injection
Posted Apr 14, 2009
Authored by boom3rang | Site khq-crew.ws

The userjournals_menu plugin for e107 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1018dc0c066f6b16974896560908ed2f61ce9b5297ae6825a57edb4939faf90a
X10Media MP3 Search Engine Admin Access
Posted Apr 14, 2009
Authored by THUNDER

X10Media MP3 Search Engine version 1.x suffer from an administrative access vulnerability.

tags | exploit, add administrator
SHA-256 | 466c9aafcf92b54456f5688668466be6b2ebbbe988080087469c1c3d9640befb
Shadow Stream Recorder Overflow
Posted Apr 14, 2009
Authored by AlpHaNiX

Shadow Stream Recorder universal stack overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
SHA-256 | 9648ebb103b991e149511942541c3d6c7d923bf35af76cae3b8454ad224b1997
HTML Email Creator 2.1b668 Overwrite
Posted Apr 14, 2009
Authored by dun

HTML Email Creator versions 2.1b668 and below local SEH overwrite exploit.

tags | exploit, local
SHA-256 | ed2aad125051b8d77061972988f7b5974fd2c101d19de765f0c58eea046705e9
Aqua CMS SQL Injection
Posted Apr 14, 2009
Authored by halkfild

Aqua CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5735fa6e6c4f7e8efbdcc8c540e168a72732918a5d69da256f8a03737d796bc6
GuestCal 2.1 Local File Inclusion
Posted Apr 14, 2009
Authored by SirGod | Site insecurity.ro

GuestCal version 2.1 suffers from a local file inclusion in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | 8d1f3c94e709412ee7534cd16c45b5612536d638051a777dcc008677e22a2595
BulletProof FTP Client 2009 Overflow
Posted Apr 14, 2009
Authored by His0k4

BulletProof FTP client version 2009 .bps buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 833c680f34bc905e9291a5910d8114b603849b1beda7179440e67e4f5fa19004
Steamcast Buffer Overflow
Posted Apr 14, 2009
Authored by His0k4

Steamcast HTTP request remote buffer overflow exploit with add user shellcode.

tags | exploit, remote, web, overflow, shellcode
SHA-256 | 95cfe58fbb0670054be1bf6fa12f598730d8609845c6f82c23079ebae7df308b
Steamcast Buffer Overflow
Posted Apr 14, 2009
Authored by His0k4

Steamcast HTTP request remote buffer overflow exploit.

tags | exploit, remote, web, overflow
SHA-256 | 79e21d7188bae61d6a11575962a5163ba3654fb0374fb4c1b882b41d8641fa6e
HP Deskjet 6800 Cross Site Scripting
Posted Apr 14, 2009
Authored by mcyr2

The HP Deskjet 6800 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7f48bc4cfecf813584cadef2c3f6600607ef8c8cc7f4dafc3d02049d719c613e
Page 1 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close