what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

Zoho BugTracker Cross Site Scripting
Posted Aug 7, 2012
Authored by LiquidWorm | Site zeroscience.mk

Zoho BugTracker suffers from multiple stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5f84abf0fd32b20d83731d75e8fa472c4d86148ea3ded99941f4e9ec38a9a318

Related Files

Online Grades Project Team 3.2.5 Cross Site Scripting
Posted Jul 25, 2011
Authored by LiquidWorm | Site zeroscience.mk

Online Grades version 3.2.5 suffers from multiple cross site scripting vulnerabilities. The issue is triggered when input passed via multiple parameters to the 'admin/admin.php' script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

tags | exploit, arbitrary, php, vulnerability, xss
SHA-256 | 97dac1462d3751baa282b6d6356f3f5c1af9936b2fe7fc9e1f21af38da27da98
PG eLMS Pro DEC_2007_01 Blind SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f33c1f60fe48012757d4de9d5b369cbdd1b4511201f7d9fa55519f099d092a34
PG eLMS Pro DEC_2007_01 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple POST cross site scripting vulnerabilities in contact_us.php.

tags | exploit, php, vulnerability, xss
SHA-256 | 3cb7f482a30aa8222e39a62050d674c0b4201c4a9b953dc76fb7e986a91915bf
TCExam 11.2.011 SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 914e1468f043c743fbcb3539d34a062ed28fec35ba1be0ed6dab33cd0deb9e05
TCExam 11.2.011 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple pre and post auth cross site scripting vulnerabilities when parsing user input to multiple parameters via GET and POST method in multiple scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 124989b21ffded644a3bd7fb5253e0bf4a9f3a0f8cf17bb80608ab44fd14748f
Tugux CMS 1.2 Remote Arbitrary File Deletion
Posted Jul 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Tugux CMS version 1.2 remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | b322ce3279d241071e6638005f0f9486916adab50fcebbdaf25046904c8aa330
ESTsoft ALPlayer 2.0 ASX Playlist File Handling Buffer Overflow
Posted Jul 7, 2011
Authored by LiquidWorm | Site zeroscience.mk

ESTsoft ALPlayer version 2.0 suffers from a buffer overflow vulnerability. It is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens e.g. a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.

tags | exploit, overflow, arbitrary
systems | linux
SHA-256 | 5a582f57cd6e6df287f9f89eb693be5d651a9317c7ec5a7a9f97332fdc138cd4
Valve Steam Client Application v1559/1559 Local Privilege Escalation
Posted Jun 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Valve Steam Client Application version 1.0.968.628 is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice.

tags | exploit
SHA-256 | f07cacb244ba2aac638b1faad553f41232c12f69350fa60ab20117331e3e88cc
NetServe Web Server 1.0.58 XSS / RFI / Denial Of Service
Posted Jun 24, 2011
Authored by LiquidWorm | Site zeroscience.mk

NetServe Web Server version 1.0.58 suffers from denial of service, cross site scripting, various inclusion vulnerabilities and more.

tags | advisory, web, denial of service, vulnerability, xss
SHA-256 | 57730836287f5775bff301c266cccc018712462def19a33875a91e36190e4b13
Sitemagic CMS 2010.04.17 Cross Site Scripting
Posted Jun 21, 2011
Authored by LiquidWorm | Site zeroscience.mk

Sitemagic CMS suffers from a XSS vulnerability when parsing user input to the 'SMExt' parameter via GET method in 'index.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, php
SHA-256 | 8e9bd0f1156742f2d83faa0606fca5304a8e3b055624c9077f24c1a8e274c310
Pacer Edition CMS 2.1 Local File Inclusion
Posted Jun 10, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS version 2.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 5bbc400a3b056ed47a8368ad140f7af63b51536812fa050098dffb2917feeca0
Pacer Edition CMS 2.1 Cross Site Scripting
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS suffers from a cross site scripting vulnerability when parsing user input to the 'email' parameter via POST method in 'admin/login/forgot/index.php'.

tags | exploit, php, xss
SHA-256 | 64bc139cdd713e79b7734f3138011ce6e67d334d1b7864e2e6bdfe1443bb8d2f
Pacer Edition CMS 2.1 Arbitrary File Deletion
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS version 2.1 remote arbitrary file deletion exploit.

tags | exploit, remote, arbitrary
SHA-256 | fdecec4cbc4da2ca8fcd5a0044f5cd5bc62041abb616b0c109cf1b0546d42c3d
Ushahidi 2.0.1 SQL Injection
Posted Jun 3, 2011
Authored by LiquidWorm | Site zeroscience.mk

Ushahidi version 2.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d01cdcded440360442982a5fb7af9499f790a2c758263ac5ac1fa99bf04e8d80
Kentico CMS 5.5R2.23 Cross Site Scripting
Posted May 31, 2011
Authored by LiquidWorm | Site zeroscience.mk

Kentico CMS versions 5.5R22.23 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9f11fec3060e9fb15201282364d5cc0bf0d5d681f43c5b204bee3e6115fd40af
Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection
Posted May 22, 2011
Authored by LiquidWorm | Site zeroscience.mk

Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | b5b2ff3bd99d5a8b947cc3f1d1e8127651974a13726a26182e02c17102388137
Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow
Posted May 13, 2011
Authored by LiquidWorm | Site zeroscience.mk

Adobe Audition version 3.0 build 7238 suffers from a buffer overflow vulnerability when dealing with .SES (session) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service.

tags | exploit, denial of service, overflow, arbitrary
advisories | CVE-2011-0614
SHA-256 | 9b67de74e1b59979e50e46473885f2db10f38f73ea7066d0c426d94586d1f897
DreamBox DM500+ File Download
Posted May 12, 2011
Authored by LiquidWorm | Site zeroscience.mk

Dreambox versions DM500, DM500+, DM500HD, and DM500S suffer from a file download vulnerability through a directory traversal with appending the '/' character in the HTTP GET method of the affected host address. The attacker can get to sensitive information like paid channel keys, usernames, passwords, config and plug-ins info, etc.

tags | exploit, web
SHA-256 | 7de9ae16a5edaef40053e9ca76b575139e48f8e65b6eb897bc0e17c7605f45dc
Gesytec ElonFmt Active-X 1.1.14 Buffer Overflow
Posted Apr 21, 2011
Authored by LiquidWorm | Site zeroscience.mk

The Gesytec ElonFmt active-x control module suffers from a buffer overflow vulnerability. When a large buffer is sent to the pid item of the GetItem1 function in the elonfmt.ocx module, a few memory registers get overwritten including the SEH. Proof of concept exploit included. Version 1.1.14 is affected.

tags | exploit, overflow, activex, proof of concept
SHA-256 | d243509ba1defdb6a43cd5e44c3842fe251b3364720483e0de16bec5c0e5ef92
docuFORM Mercury WebApp 6.16a / 5.20 Cross Site Scripting
Posted Apr 20, 2011
Authored by LiquidWorm | Site zeroscience.mk

docuFORM Mercury versions 6.16a and 5.20 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 04fd5a5de85dc05c646203a774ae5ea162a41d6deb351adee000c5cda968c91d
Help And Manual Professional Edition 5.5.1 DLL Hijack
Posted Apr 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

Help and Manual Professional Edition version 5.5.1 ijl15.dll DLL hijacking exploit.

tags | exploit
systems | windows
SHA-256 | ed443b5344c664ad0b6e377f3582578ad1f8a8c439eea4320164fd0a63b67c77
Anfibia Reactor 2.1.1 Cross Site Scripting
Posted Apr 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

Anfibia Reactor version 2.1.1 suffers from a cross site scripting POST injection vulnerability in login.do.

tags | exploit, xss
SHA-256 | 586debeac011f1b5df9fe27f6bebf0c0142a76112f15487253577175eb3505c0
TutorialMS 1.4 SQL Injection
Posted Apr 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

TutorialMS version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 05dc88cc41754a5b425398dbff864e6b5d579f95a6559c9bfbdc906f75486443
DoceboLMS 4.0.4 Cross Site Scripting
Posted Apr 4, 2011
Authored by LiquidWorm | Site zeroscience.mk

DoceboLMS version 4.0.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f05d2fc8f18a0ffba23d0c365e3e620e537c53fcdd2ae8528167afa9108942cd
Antamedia Internet Cafe Software 7.1 DLL Hijack
Posted Apr 3, 2011
Authored by LiquidWorm | Site zeroscience.mk

Antamedia Internet Cafe Software version 7.1 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 2cfaa2ba266c95b6c2c1ccc52ea1a90642d2fe2083343a19e2517a9131ab83a4
Page 2 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close