Showing 1 - 14 of 14

Files Date: 2010-12-22 to 2010-12-23

Calibre 0.7.34 Cross Site Scripting/ Directory Traversal: Posted Dec 22, 2010; Authored by Janek Vind aka waraxe | Site waraxe.us; Calibre version 0.7.34 suffers from cross site scripting and directory traversal vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | bdada2cbfe5d06feef10c7a93b08915bba5a2569537ebbe88dce78e46581aaf2; Download | Favorite | View

WordPress Viva Thumbs Directory Traversal: Posted Dec 22, 2010; Authored by ProCheckUp, Richard Brain | Site procheckup.com; The WordPress Viva Thumbs add-on suffers from a directory traversal vulnerability.; tags | exploit; SHA-256 | e0129edf99ac555bc7e005155bad8318e57f383b886ea7b15325a3c2f6908bfb; Download | Favorite | View

Microsoft WMI Administration Tools ActiveX Buffer Overflow: Posted Dec 22, 2010; Authored by MC, jduck, WooYun | Site metasploit.com; This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control (1.50.1131.0) will treat the 'lCtxHandle' parameter to the 'AddContextRef' and 'ReleaseContext' methods as a trusted pointer. It makes an indirect call via this pointer which leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions.; tags | exploit, arbitrary, code execution, activex; systems | windows; advisories | OSVDB-69942; SHA-256 | 2fbd749099ccbb1eb6187af91f72d8f6bdafd96cce71ee281207ddc8baca9110; Download | Favorite | View

Social Share 2010-06-05 HTTP Response Splitting: Posted Dec 22, 2010; Authored by Aliaksandr Hartsuyeu | Site evuln.com; Social Share version 2010-06-05 suffers from a HTTP response splitting vulnerability.; tags | exploit, web; SHA-256 | be61d3b094ab1fcba4c6fb2a41b49b180561d65099cacb61550257e20d539e4f; Download | Favorite | View

Apple iPhone Safari JS Crash Exploit: Posted Dec 22, 2010; Authored by Pr0T3cT10n; Apple iPhone Safari JS remote crash denial of service proof of concept exploit.; tags | exploit, remote, denial of service, proof of concept; systems | apple, iphone; SHA-256 | bff45cf21bd0088c6b08763304e6028aacae1aa67e0646d0ae1cec5858940453; Download | Favorite | View

Injader CMS 2.4.4 Cross Site Scripting / SQL Injection: Posted Dec 22, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; Injader CMS version 2.4.4 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 009c9a458ef4f60ad426d89109998d86f18894c2238bb46361f232a3fa627520; Download | Favorite | View

WordPress Accept Signups 0.1 Cross Site Scripting: Posted Dec 22, 2010; Authored by clshack; WordPress Accept Signups version 0.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 8c4287e99a81fc13ac4892229c46b18aea92f975af63e24cb8f14a6417c3f21b; Download | Favorite | View

Farsicom CMS Cross Site Scripting: Posted Dec 22, 2010; Authored by d3c0der; Farsicom CMS suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 74b5d3bc05a7ade33ad3cc3851bf7c01e655fd8b0fa11f4495016c2c0bfeaf85; Download | Favorite | View

PHP Art Info SQL Injection: Posted Dec 22, 2010; Authored by jos_ali_joe; PHP Art Info suffers from a remote SQL injection vulnerability.; tags | exploit, remote, php, sql injection; SHA-256 | 2123b0510c61e8883117897895c71dc8715e52a6cc8d2ac9484ff7fbfbbf8c3b; Download | Favorite | View

WMITools Active-X Remote Command Execution: Posted Dec 22, 2010; Authored by WooYun; WMITools active-x remote command execution exploit.; tags | exploit, remote, activex; SHA-256 | 6b0a484e631d95cf807c1c83d42fe96b172b70ef9a1ca18fd64b8e1550aeee80; Download | Favorite | View

Hycus CMS 1.0.3 SQL Injection: Posted Dec 22, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; Hycus CMS version 1.0.3 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 1af2899798307f691cd7703884d440808b25101f7e1fa2f1608546c893dc7558; Download | Favorite | View

HyperStrike Integration With Snap Fitness SSO Bypass: Posted Dec 22, 2010; Authored by Mark Stanislav; HyperStrike Integration with Snap Fitness suffers from a SSO bypass vulnerability.; tags | exploit, bypass; SHA-256 | 151c41eb78f81331e9e4f12c66b7172b40a1360b1e03dc20e72be82940004f5e; Download | Favorite | View

Iran Design Group SQL Injection: Posted Dec 22, 2010; Authored by d3c0der; Iran Design Group suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 50deebe0f9fdc52a32cc667477f665dbb4e37e6255f6a3502dee4c396d71b6f7; Download | Favorite | View

Wikia.com Cross Site Scripting: Posted Dec 22, 2010; Authored by dave b; Wikia.com suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | e5f3774226d41b5c97999f22e63639ec11c78d89de4c0734c11d532b8d8a12d2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days