Embedthis Appweb version 3.1.2 remote denial of service exploit.
ba154d0b11a211b6d23de88823245b3b47942976389c8e0fba1e257a275ff35dhttpdx version 1.5.3b remote pre-authentication denial of service proof of concept exploit.
585d744956b19dde8b38791dfcca4761b2b16c8555c7a44ae6ce69bd4ae46dc5Media Player version 6.4.9.1 with K-Lite Codec Pack denial of service exploit that creates a malicious .avi file.
d8a6f2009741ecce1daa45aed288808ae33187fc8050a199303864c752d09b4dGOM Player version 2.1.21 denial of service exploit that creates a malicious .avi file.
3586ef38c50d1e2b9951d218d55c3329164824bf7a2614699fed54cce3b516c6QuickZip version 4.60.019 stack buffer overflow exploit for XP SP3.
c249e4b1ead7403ecda55a227cb5bf69e66217aaf1853b178e0c25e90293670bGNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
650a5d4bc8dd0f9726545daee450684d5dfefeef3b24c3ccb5e63a1432b1f774This Metasploit module exploits a stack overflow in the USER verb in Open & Compact FTPd version 1.2. The program will crash once the payload is sent, so bind shell payloads are not effective.
1ae431d61e50c5b14fa336ca601d49fc1d63997a3d2836735d649f9123e42bf4phpAdsNew, OpenAds and OpenX suffer from a cross site scripting vulnerability in banner.swf.
5aa539503c5152a93dca15cb865e8674896c69a43668e2240159823d394fd87aWhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 70 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.
20c3ad738e1fdee029d4aba2f9a577f770fe605f58b1eb9399aca929dc716c33sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
7e815be1c57fe444aa3aa1d74c19fa2f05fe4a28a56ab7185596070d893e360fThe Joomla GCalendar component version 2.1.5 suffers from a local file inclusion vulnerability.
84575ae6dddbf32d2821b9beb9db0ed79e3e86c51bad61191b3f522e974fc32dPHP Classifieds version 7.5 suffers from a remote blind SQL injection vulnerability.
d7725a7ddac54e6687eca8f23299ec9e1c5f7780e3d9b449b9d2db6889cba9adThe Joomla Ninja RSS Syndicator component version 1.0.8 suffers from a local file inclusion vulnerability.
ece581ee4b421fcc5654775abba243b7d22dbbecdb33237ebb5b159b62ec3c7fPhenix version 3.5b suffers from a remote SQL injection vulnerability.
4e374cdaa4d09edeecaaac146e041367152a784e5fc2ab117e367283bbb71d2cThe Joomla Bidding component suffers from a remote SQL injection vulnerability.
650b19e9d4b45c03f5ff96feb56195efca04d692a39e01082f6da57705260c57The Joomla Ulti RPX component version 2.1.0 suffers from a local file inclusion vulnerability.
a66e0f7cc74482d42d716de96486f80dfda5e6fee7ef3660f30412f912d08751Duhok Forum version 1.0 suffers from a cross site scripting vulnerability.
d95a27848465ccf884060cf969b0f5164f2ac7939a2a461c1577354d2464b600FreeHost version 1.00 suffers from a remote shell upload vulnerability.
3fc030a232ad4fe18352528ad36453e3c873ddb1a3ee0e5dd02e54b4091bf7a2Torrent Hoster suffers from cross site scripting and shell upload vulnerabilities.
d561d9c57c4c45153f35b831159f2adc36530ceae6b48149640597bf2a53c274CH-CMS.ch version 2 suffers from a remote shell upload vulnerability.
6142c7de2ef087aae21422a27e98d6be2e3adfd23f5f9a4654168adfa86b13c3Interspire Shopping Cart version 5.5.4 suffers from backup related and shell upload vulnerabilities.
962a0ebd3ed3dad8404d9343414b3ef3b237a4bde0fcc41eaa1bb3d3e3a5caacSubdreamer CMS version 3.0.1 suffers from an arbitrary file upload vulnerability.
f9487d7b9b1845c831ad2476561d097a2931de7e558706084ae6be9a7c60f70bZero Day Initiative Advisory 10-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the WebCore's HTMLObjectElement::renderFallBackContent() method. By rewriting an HTML element via the document's innerHTML() method a memory corruption occurs resulting from a call-after-free. This can be leveraged to execute arbitrary code under the context of the current user.
96ac047753aa8b572260a0c5d67b5b0fbef2fd3f84eeab18e24c2bba4a0d4823Andromeda version 1.9.2 suffers from cross site scripting and cookie manipulation vulnerabilities.
308dc803cb67dc0c0ef0e4a2e133cf2a21c0aeb85464470a9992a17ec80893f6This is a list of Iranian names to be used for cracking.
34fa5cb2b56956318d60d6f09dea83f2ffca66a495cced31641a6cad9574b721
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed