LoveCMS version 1.6.2 suffers from a cross site request forgery vulnerability.
726e20be981d56722f8df943a67f52902b69be74f0a714802ce0a86b8c03495fChaosmap is an information gathering tool and dns / whois / web server scanner written in Python. It can be used to lookup DNS names with a dictionary with or without using a salt. Salting for DNS means it will append numbers from 1-9 to the name in the dictionary with or without a - and _ or a leading 0. Salting for Web stuff will try double slashes and some directory traversal tricks. You can do reverse dns lookups of a whole ip range (with optional whois lookup) or make a dictionary scan for hidden paths on one webserver or a range of ip addresses. Optionally you can encode the path with url encoding and with google dict lookup mode chaosmap will first try to find the path on Google and only query the webserver if google has no search result. Last but not least it can be used to extract email addresses from domains using a Google search.
bf73d4cb1d32e0df0ecccd0cbb285bf3ff4d17b0920ed02e9651f4a9caf7ef69This tool helps discover local file inclusion vulnerabilities. It creates a random user agent for the connection, supports nullbytes, supports common Unix systems, and more.
0c1637f07029317c9015b1f6d44d3a4c08567372e22ad7436e02997621345c13Yektaweb CMS suffers from a cross site scripting vulnerability.
4c52f3fb3a8ad5ab5e504bf25d55286e9607ff57b3a92665a332d0b7dc4c03dfPHP-AddressBook version 6.2.4 suffers from a remote SQL injection vulnerability.
699461b0386c5ae9684e0d4dd201f5c9e12adc221d1fe75c3b3dfb2c36c35b83Wordpress version 3.0.3 suffers from a stored cross site scripting vulnerability.
9fb14b53fbb56ffa5270d4dc71d95690a5e6bd33f24cd8dc2302f6ab6ab05158TYPSoft FTP Server version 1.10 RETR CMD denial of service exploit.
b1a032c7a23e25e191a8ec4affeb06545de872512fdf8c538cfd46edf16d5960QuickTime Picture Viewer version 7.6.6 JP2000 denial of service exploit.
1b272c90310e2f697d556cc594f9158912fdda2d7ccfccb110c11915e8ced017IrfanView version 4.27 JP2000.dll plugin denial of service exploit.
e83acc426333f3d230a7b331ef523b100443545f6d3d6007fb5dd3fc15364a7aSiteframe version 3.2.3 suffers from a remote SQL injection vulnerability.
eee08bed75cbe86dde01afdaad3ef91e331e05032966436d4bc12b0f96961df3DGNews version 2.1 suffers from a remote SQL injection vulnerability.
d3895df37fd062e432d4d44936591ef08cc8afe61fbc5be2b9b52c37270a9092TYPO3 unauthenticated arbitrary file retrieval exploit. Affects versions 4.2.15, 4.3.7, and 4.4.4.
2a2b3e4555ad13f58b384edbe8d46660c60151646bfc4b76dba4acdbbd9df710ardeaCore version 2.2.5 PHP Framework suffers from multiple remote file inclusion vulnerabilities.
457a2767d371d2321b79482da1102c4c91ec0c06d59c00b1bdca19b338355bd6News Script PHP Pro suffers from a shell upload vulnerability.
65efe74876147eb4b57a978db4c006848440b1f9511eafeca100ee49f8afd22bHotWeb Rentals suffers from a remote SQL injection vulnerability.
8cb39327a8568ed7be92b8abe0f4a184346e1c420f665f031f8a779ffd5ccc6bSecunia Security Advisory - rgod has discovered some vulnerabilities in the Chilkat FTP-2 ActiveX component, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
6a6cc501f44e2948515e4b065294a68ae319eb5943009e21d7eceaeb9b91891aSecunia Security Advisory - John Leitch has discovered a vulnerability in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.
ef45afaf047982f1f343294b198714e64f15a4e8fdb6a3ff4cfa10965f8b2785Secunia Security Advisory - A vulnerability has been reported in LiveZilla, which can be exploited by malicious people to conduct cross-site scripting attacks.
2f27e8af78f3061fe899fc6684ed9260832ccfd233440f97f42031a862d53760Secunia Security Advisory - High-Tech Bridge SA has discovered some vulnerabilities in KaiBB, which can be exploited by malicious users to conduct script insertion attacks and SQL injection attacks and by malicious people to conduct SQL injection attacks..
c4a71f0cf43f4d36d273f6ea555ab99b0961000ef3fa18907d489d2f38c73bdfChilkat Software FTP2 ActiveX component (ChilkatFtp2.DLL version 2.6.1.1) remote code execution proof of concept exploit.
1be60aacf90140597a4d6917a51a0c31334daed2001fe839a5375afa0481c9f3Mongoose version 2.11 suffers from a denial of service vulnerability.
096869f520cafef100004bb289be87002b4e3afae065df699409f5abb0f75702QuickPHP Web Server version 1.9.1 suffers from a directory traversal vulnerability.
d37999e37febc0c2505a8fc4996ac4369bd10b0bcb411ec74fe3eafb76bb1534httpdASM version 0.92 suffers from a directory traversal vulnerability.
55fd5686b91769bd5470387d8ce679f661312835161b3fdc62aebdaf85dbecb5THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
66023f94460abe76e76c1c6b187d44e82bafafb4c517314261bbd34429f913a7Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
66edca59a0dae98f7f3f1a847e0cbca6457205fe9069f9a1d43ef40f4d8ae598
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed