exploit the possibilities
Showing 26 - 43 of 43 RSS Feed

Files Date: 2010-02-10 to 2010-02-11

ApartmentSearch Insecure Cookie Handling / SQL Injection
Posted Feb 10, 2010
Authored by jiko

ApartmentSearch suffers from remote SQL injection and insecure cookie handling vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, insecure cookie handling
MD5 | d73f66e452c8fc1cb865546f79336b34
BannerExchange Insecure Cookie Handling
Posted Feb 10, 2010
Authored by jiko

BannerExchange suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 75fb6312e6f6f89e87879fa02cd903de
ClassifiedUltra Insecure Cookie Handling / SQL Injection
Posted Feb 10, 2010
Authored by jiko

ClassifiedUltra suffers from remote SQL injection and insecure cookie handling vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, insecure cookie handling
MD5 | b052427a25e724f7f988a38a3d5fb115
GameRoom Shell Upload
Posted Feb 10, 2010
Authored by jiko

GameRoom suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | 5f067d884b2b87a86b949e821a993cd4
Fonts Site Script Remote File Disclosure
Posted Feb 10, 2010
Authored by jiko

Fonts Site Script suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | f5659c65145dc221a787521425ff5d30
PLS PLA WMDownloader Denial Of Service
Posted Feb 10, 2010
Authored by jiko

PLS PLA WMDownloader proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | 999596f37e714fad9d31dd2d3e28c928
osTicket 1.6 RC5 SQL Injection
Posted Feb 10, 2010
Authored by N. Grisolia

osTicket version 1.6 RC5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ec1529f995756f640c70fa6a43bf4af8
osTicket 1.6 RC5 Cross Site Scripting
Posted Feb 10, 2010
Authored by N. Grisolia

osTicket version 1.6 RC5 suffers from a reflected cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9ac54fb81c95c8a33e75c2502f8895b0
Windows SMB NTLM Authentication Weak Nonce
Posted Feb 10, 2010
Authored by Hernan Ochoa, Agustin Azubel | Site hexale.org

Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.

tags | exploit, remote, arbitrary, protocol, proof of concept
advisories | CVE-2010-0231
MD5 | bda076f3b77016ef22d44fd963cc382f
Building Your Own Shellcode
Posted Feb 10, 2010
Authored by FB1H2S

Whitepaper called Building Your Own Shell-codes.

tags | paper, shell, shellcode
MD5 | 9f60a60777555799f1f7e50aaf46775c
UltraISO 9.3.6.2750 Buffer Overflow
Posted Feb 10, 2010
Authored by Dz_attacker

UltraISO version 9.3.6.2750 local buffer overflow exploit that spawns calc.exe. Written in Python.

tags | exploit, overflow, local, python
MD5 | c4e941d6591ab57eefc3217efe704485
Zomorrod CMS SQL Injection
Posted Feb 10, 2010
Authored by Pouya Daneshmand

Zomorrod CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d5df107229e6ab942a1a4c035810ea2e
Newsletter Tailor Remote File Inclusion
Posted Feb 10, 2010
Authored by Snakespc

Newsletter Tailor suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 9917bbeb48754fe7c06eb52a2c3178e9
ARWScripts.com Products Cross Site Scripting / SQL Injection
Posted Feb 10, 2010
Authored by jiko

Various product from ARWScripts.com suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 8170870daba32fac5f3ae3a664d0075c
Microsoft Office PowerPoint Viewer TextCharsAtom Record Code Execution
Posted Feb 10, 2010
Authored by Cody Pierce | Site dvlabs.tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious PowerPoint PPT file. The specific flaw exists in the handling of TextCharsAtom (0x0fa0) records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy copies user-supplied data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0034
MD5 | 5275dff0fa65e6141a8ddb09dcd5348a
Limny Remote Shell Upload
Posted Feb 10, 2010
Authored by jiko

Limny suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | bf8754327426c6eef507e91ed94e0212
phpMiniSite Insecure Cookie Handling
Posted Feb 10, 2010
Authored by jiko

phpMiniSite suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | a688404d667797c3c8b5e64452647b6b
vBulletin Adsense SQL Injection
Posted Feb 10, 2010
Authored by jiko

vBulletin Adsense suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0ce13bc40731ec3f64f4a98e6aeb3405
Page 2 of 2
Back12Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close