exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 51 RSS Feed

Files Date: 2010-10-28 to 2010-10-29

Publimark Steganographic Tool 0.1.4
Posted Oct 28, 2010
Authored by Gaetan Le Guelvouit | Site perso.wanadoo.fr

Publimark is a command line tool to secretly embed text in an audio file. Like cryptography, it uses a pair of keys: the public one can be shared, whereas the private one must be kept secret. Anybody can send a steganographic message, but only the private key owner will be able read it. Marked audio files are still playable.

Changes: Publimark is now compatible with Botan 1.8 APIs. It also features a brand new and much more secure random generator.
tags | encryption, steganography
SHA-256 | 17577d506ae0ca6f3d1114800cf84b173cf629dc1d1c8991e832a2f18c695054
NinkoBB 1.3RC5 Cross Site Scripting
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

NinkoBB version 1.35RC5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5f17224c535b3e365f37fcaaef25df946cebc430ee5f7e8408c5691d819be76d
Winamp VP6 Content Parsing Buffer Overflow
Posted Oct 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the VP6 codec (vp6.w5s) when parsing VP6 video content. This can be exploited to cause a heap-based buffer overflow via a specially crafted media file or stream. Successful exploitation may allow execution of arbitrary code. Version 5.581 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-1523
SHA-256 | 589a067f3f1289bab05e944bfaf2f2cc31e132d0938bcb4b2965adc396c3972b
Zero Day Initiative Advisory 10-224
Posted Oct 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-224 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx page which is exposed through an IIS extension on the default web server port. By setting the 'rdReport' argument to the value 'SummaryReportGroup' an attacker can force the server to load the SummaryReportGroup.lgx definition file. This file contains multiple SQL injections within the following parameters: 'selclause', 'whereTrendTimeClause', 'TrendTypeForReport', 'whereProtocolClause' and 'groupClause'. An attacker can abuse this to inject arbitrary SQL statements to be evaluated by the back-end database.

tags | advisory, remote, web, arbitrary, sql injection
advisories | CVE-2010-0112
SHA-256 | 5afe335679de5f033e5e0a1a662607fc21b3e926d2aee1e4691d33b4ad33c86e
Oracle BI Publisher HTTP Response Splitting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BI Publisher suffers from a HTTP response splitting vulnerability.

tags | exploit, web
SHA-256 | a16b4a5d2e42764c015a89ca8d14b3e7d1594fc9ccef544177abbde6f3759df3
phpLiterAdmin 1.0 RC1 Authentication Bypass
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

phpLiterAdmin version 1.0 RC1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | f1d430adf9f4a44baf102108163205360dc773aafc1aa7a2ae8eeecd65e8d038
HP Security Bulletin HPSBMI02582 SSRT100269
Posted Oct 28, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBMI02582 SSRT100269 - A potential security vulnerability has been identified with the webOS camera application. This vulnerability could be exploited by a local user on the device to overwrite arbitrary files on the filesystem. Revision 1 of this advisory.

tags | advisory, arbitrary, local
advisories | CVE-2010-4027
SHA-256 | 857b99783d1e2835a7b00bc42db477b3536fb55b576566b755a1f166bd5bc70d
Alstrasoft E-Friends 4.96 Local File Inclusion / Shell Upload / SQL Injection
Posted Oct 28, 2010
Authored by Salvatore Fresta

Alstrasoft E-Friends version 4.96 suffers from local file inclusion, shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, sql injection, file inclusion
SHA-256 | 3f7c78cec9a527c7d099e788ad41efa89efbd352edf3f4d1674bf8a4003f378f
MyBB 1.6 Path Disclosure
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

MyBB version 1.6 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | fb61889e93832fed75b7cd0efb437c32d5e0103f8c4933dfeab205d1b680e937
DZCP 1.5.4 Local File Inclusion
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

DZCP version 1.5.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 6b96d2bb7ae63af23c43a5f8f2a0228c43841ab939560ff58c6915d3a55a4798
Zero Day Initiative Advisory 10-223
Posted Oct 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-223 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx and rdPage.aspx pages which is exposed through an IIS extension on the default web server port. By setting the 'rdReport' argument to the value 'LoggedInUsers' an attacker can force the server to load the LoggedInUSers.lgx definition file. This file contains multiple SQL injections within the following parameters: 'loginTimeStamp', 'dbo', 'dateDiffParam' and 'whereClause'. An attacker can abuse this to inject arbitrary SQL statements to be evaluated by the back-end database.

tags | advisory, remote, web, arbitrary, sql injection
advisories | CVE-2010-0112
SHA-256 | ceb74fd58c461aa0e284d9ade21196015768b8397e112aefb567c5900c3a68a9
Zero Day Initiative Advisory 10-222
Posted Oct 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-222 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx page which is exposed through an IIS extension on the default web server port. This page does not properly filter the arguments to the following parameters: 'selclause', 'whereTrendTimeClause', 'TrendTypeForReport', 'whereProtocolClause' and 'groupClause'. An attacker can abuse this to inject arbitrary SQL statements to be evaluated by the back-end database.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-0112
SHA-256 | 68f2d97d3e125f5189468d6de7f56e3cb443df79990296aa6526bb203d2d6aef
HP Security Bulletin HPSBMI02580 SSRT100254
Posted Oct 28, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBMI02580 SSRT100254 - A potential security vulnerability has been identified with a Palm webOS service API. This vulnerability could be exploited by a local user on the device, who already has gained the ability to issue privileged webOS service calls, to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, local
advisories | CVE-2010-4026
SHA-256 | 1d17140c3eb6cc1162e5f385abb54a47406a923d9865f2affbf057a7c421b2a9
HP Security Bulletin HPSBMI02573 SSRT100227
Posted Oct 28, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBMI02573 SSRT100227 - A potential security vulnerability has been identified with Palm webOS Doc Viewer. This vulnerability could be exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2010-4025
SHA-256 | dae51172ad538f02153983ec359d699ad737fa8188afd60db9044a70da13a9aa
ACC IMoveis 4.0 SQL Injection
Posted Oct 28, 2010
Authored by EraGoN

ACC IMoveis version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a5a8363e5190c06712687d4aacd8f94a10f0c2f4834c62d7fd7a214f6f579ef3
ARM Bind UDP Shell Port 68
Posted Oct 28, 2010
Authored by Daniel Godas-Lopez

ARM shellcode that will bind to port 68 on any local address and plug a UDP shell onto port 67 on 192.168.0.1.

tags | shell, local, udp, shellcode
SHA-256 | ea55946f1d2135c2f64a2b75dd4d650fe47934b1e2ddaf8df4468700d0dc0010
ARM Bindshell Port 0x1337 Shellcode
Posted Oct 28, 2010
Authored by Daniel Godas-Lopez

ARM shellcode that binds a shell to port 0x1337 on any local address and waits for a connection.

tags | shell, local, shellcode
SHA-256 | 221ed20bbd37d60e3897a978ea438c38acd1ee8dfc4ca56f72ee0c746f8870da
Firefox Interleaving Denial Of Service
Posted Oct 28, 2010

Firefox Interleaving document.write and appendChild denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2010-3765
SHA-256 | a43b05010abfc8a21721223d7f181abcebccf2f3c2f17bf1541dcc9a4be55167
DATAC RealWin SCADA 1.06 Buffer Overflow
Posted Oct 28, 2010
Authored by Blake

DATAC RealWin SCADA version 1.06 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 6818f87a91e009b671fe428a53fdce95774746ae0a3c4d078f33d078501fe807
Novaboard 1.1.4 Local File Inclusion
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Novaboard version 1.1.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ad3152110254e0c465425d7ab2b2b398133f8bc85097d5989f37953b09687241
BloofoxCMS 0.3.5 Information Disclosure
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

BloofoxCMS version 0.3.5 suffers from information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 410e3d2d80986f2be076e0dc21d60c5d985769e1bb60a9e8999032bfd54e7fb3
BlogBird Cross Site Scripting
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

BlogBird suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 69687c4161f06f9b0c5cabc45b8632182d0c7ca95f0dd7a229b4717c7999fb1c
Zomplog 3.9 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Zomplog version 3.9 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 5c5fd1b8bbc0a9423a14d73f6c6032b11eaf728c85485b9ebe3a7cfc92de5c79
Energine CMS SQL Injection
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Energine CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9d322793eef93151511e9b868a2729d8c8d3635a89209ec5cccff447faab4997
BloofoxCMS 0.3.5 SQL Injection
Posted Oct 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

BloofoxCMS version 0.3.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4ccf8e1916bc33bcf1ed20adcdfb80f6ce671f9ff51eec7d0cb626fdad438b6b
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close