what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 61 RSS Feed

Files Date: 2009-09-16 to 2009-09-17

PaoBacheca 2.1 Cross Site Scripting
Posted Sep 16, 2009
Authored by Moudi

PaoBacheca version 2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0d4661b7ad401ebfc727d18676967eb13fe1de749f18821dad2ce496adb98e40
Morris Guestbook Cross Site Scripting
Posted Sep 16, 2009
Authored by Moudi

Morris Guestbook suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c3e22a88add72d66d36ccc178622619fbfd1e4bfe370c795ddc854599e4b507
MFH 1.2 Cross Site Scripting
Posted Sep 16, 2009
Authored by Moudi

MFH version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c6adcdecabe34e064a85554b244715e5b13b7e219e42579c14ce4e734983b837
Ardguest 1.8 Cross Site Scripting
Posted Sep 16, 2009
Authored by Moudi

Ardguest version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2c953d70220af77932f7ae7e0208756e677628f9af1d909d7aa52be6dce1b689
RFIDIOt Python Library For RFID Readers - 0.1z Windows
Posted Sep 16, 2009
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r). This is the Windows version.

Changes: Added xorcheck.py and transit.py.
tags | tool, python, wireless
systems | windows
SHA-256 | 5f2548f9d68b401baaa7daff67bdc6bbcc032e54b52f5f462ff2009bea7426fe
RFIDIOt Python Library For RFID Readers - 0.1z Linux
Posted Sep 16, 2009
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: Added xorcheck.py and transit.py.
tags | tool, python, wireless
SHA-256 | 245685362a49126ab4eabdb33c35415011cdf9a60a4b48031380023b393455f9
Debian Linux Security Advisory 1888-1
Posted Sep 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1888-1 - Certificates with MD2 hash signatures are no longer accepted by OpenSSL, since they're no longer considered cryptographically secure.

tags | advisory
systems | linux, debian
advisories | CVE-2009-2409
SHA-256 | 88d5f8e0192f0be8665ed90a45aa84ccb48c9ed00b752dea60a8068421209f01
Adobe Shockwave Player 11.5.1.601 Buffer Overflow
Posted Sep 16, 2009
Authored by Francis Provencher

Adobe Shockwave Player version 11.5.1.601 Active-X related buffer overflow proof of concept exploit.

tags | exploit, overflow, activex, proof of concept
SHA-256 | 045e17e1a623573516f590193f401dd66ecc85a798bb9ca7aafcdd76178ed69b
Chief CMS SQL Injection
Posted Sep 16, 2009
Authored by kaMtiEz | Site indonesiancoder.com

Chief CMS suffers from a remote SQL injection vulnerability in news.php.

tags | exploit, remote, php, sql injection
SHA-256 | fad803ffc972cc7600b18f2c25167a246cb10cc3cf7052681f6b1b1084c62127
Clicknet CMS 2.1 Remote File Inclusion
Posted Sep 16, 2009
Authored by Don Tukulesto | Site indonesiancoder.com

Clicknet CMS version 2.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2e5ac3f550451836d5e63f820c0ddcc814e7c06655f7f1b137ea473023b3aa7a
Novell Groupwise Client 7.0.3.1294 Denial Of Service
Posted Sep 16, 2009
Authored by Francis Provencher

Novell Groupwise Client version 7.0.3.129 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | a9adc3cfdce33e12b448d8399e80eca61df8b0622d76863d8ade78bd194312cb
EasyMail Quicksoft 6.0.2.0 Code Execution
Posted Sep 16, 2009
Authored by Francis Provencher

EasyMail Quicksoft version 6.0.2.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | d45ccf0c6529ec57992181bf8ddc446abb5d6c148bd3e767e38401ea98b97b0a
EasyMail Quicksoft 6.0.2.0 Denial Of Service
Posted Sep 16, 2009
Authored by Francis Provencher

EasyMail Quicksoft version 6.0.2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | b95a436dada2e1a2192e355faee83ed7665cb3af1730d01c283c50a4cd7b190a
Debian Linux Security Advisory 1887-1
Posted Sep 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1887-1 - Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.

tags | advisory, web, xss, ruby
systems | linux, debian
advisories | CVE-2009-3009
SHA-256 | e9db881d48510c6e213b5d71a715500f7af077e97ce065212eede46bfda25193
Mandriva Linux Security Advisory 2009-235
Posted Sep 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-235 - Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions. Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users. This update provides a solution to these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3051, CVE-2009-3163
SHA-256 | cf29ab20dfb02d1acfb394baa328e5ca9ba75bc356f74d70e641c7d0d2e54046
Mandriva Linux Security Advisory 2009-234
Posted Sep 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-234-1 - Multiple vulnerabilities was discovered and corrected in silc-toolkit. Packages for MES5 was not provided previously, this update addresses this problem.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3051, CVE-2008-7159, CVE-2008-7160, CVE-2009-3163
SHA-256 | a51514cfad73cb0fd5f059dc25c98f0dd860e2efc681c5539304259b50a7f217
Mandriva Linux Security Advisory 2009-234
Posted Sep 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-234 - Multiple vulnerabilities was discovered and corrected in silc-toolkit.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3051, CVE-2008-7159, CVE-2008-7160, CVE-2009-3163
SHA-256 | d2d335c7fee04bb290f003b33d57677946c5ac8ee24f25bc7797d651892312ab
sXid Monitoring Program 4.2
Posted Sep 16, 2009
Authored by Ben Collins

sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.

Changes: A bug where many false positive MD5 sum changes were reported was fixed along with resource leaks found by cppcheck.
tags | tool, intrusion detection
systems | unix
SHA-256 | f335286261474cb77ef4f89a5c4b452edabdbaf19b6b789f195c6a769cd32765
BigAnt Server 2.50 Buffer Overflow
Posted Sep 16, 2009
Authored by Blake

BigAnt server version 2.50 GET request buffer overflow exploit that spawns a shell on port 4444.

tags | exploit, overflow, shell
SHA-256 | 2a18b8c27c22b5848e54aed583ed0da892e6b3be2d25e6f17c5df52d7aa4efb5
NetAccess IP3 Command Injection
Posted Sep 16, 2009
Authored by r00t

NetAccess IP3 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | fce11ff0afb25454ee10efa70bb5080b29c7801b75050b83cf95a6ba5c816157
Graudit Source Code Analysis Tool 1.1
Posted Sep 16, 2009
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

systems | unix
SHA-256 | 3e1a35d86f38060fb3dd3056661099be48c961d41dbb19aba33d9763da7aee55
DJ Studio Pro 4.2 Crash
Posted Sep 16, 2009
Authored by prodigy

DJ Studio Pro version 4.2 local crash exploit that creates a malicious .pls file.

tags | exploit, local
SHA-256 | 539a03299abdef7dff0d73ede3f6894a01ad85b8eec0a7d282e0f547c3d3ef05
SAP Player 0.9 Buffer Overflow
Posted Sep 16, 2009
Authored by mr_me

SAP Player version 0.9 universal local buffer overflow exploit that creates a malicious .pla file.

tags | exploit, overflow, local
SHA-256 | 0f24223620020d2ae18d7bdd55bfaefe558f05bc5e5e61a0bd6ca4a648616505
iBoutique.MALL 1.2 SQL Injection
Posted Sep 16, 2009
Authored by Cyb3r-1sT

iBoutique.MALL version 1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 224c60fd2e9dd05bf8a06421ed2116ab589b37d6ad33f81bbbf8b928791d9167
efront 3.5.4 Remote File Inclusion
Posted Sep 16, 2009
Authored by cr4wl3r

efront versions 3.5.4 and below suffer from a remote file inclusion vulnerability in database.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | dcdc9dcee43240147ed616dab4a97841292f47641a24582ec83b2ab26a046710
Page 2 of 3
Back123Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close