exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Chamilo LMS 1.11.14 Cross Site Scripting / Account Takeover
Posted Feb 2, 2022
Authored by sirpedrotavares

Chamilo LMS version 1.11.14 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-37391
SHA-256 | 46aaae3bca75f14ca4182e929dd60940d30948fc966d3884b3e4d144172812eb

Related Files

PhpMesFilms 1.8 SQL Injection
Posted Apr 15, 2010
Authored by indoushka

PhpMesFilms version 1.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6af31a7d1ab136392d9d4d8c0728ec3110d58b4152f41bc4865633ae347e9e1c
Squid NTLM Authenticate Overflow
Posted Oct 27, 2009
Authored by skape

This is an exploit for Squid's NTLM authenticate overflow (libntlmssp.c). Due to improper bounds checking in ntlm_check_auth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length.

tags | exploit, overflow
advisories | CVE-2004-0541
SHA-256 | c43f943216a1703933afd0ce0708c0542f099b2ad7ed5a159c445291d16c2bc5
ILIAS LMS Information Disclosure
Posted Jul 15, 2009
Authored by YEnH4ckEr

ILIAS LMS versions 3.10.7 and below and 3.9.9 and below suffer from arbitrary information disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure
SHA-256 | 4385c99e7757b56e265ad1d18a7a6fe42c3809549e9c70771062653194e4ed55
Secunia Security Advisory 35429
Posted Jun 18, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in CAE LMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 120948a2703cdd1d471b1427bcbe0ab1fac8b5c8e411a7e338c0f21038461edc
Campus Virtual-LMS XSRF / XSS / SQL Injection
Posted Jun 12, 2009
Authored by Yasion

Campus Virtual-LMS suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | bb6332159cb50b38e5e2b49954b10e245a98a4aaff0da919b5c154fb4be2675a
VisionLMS 1.0 Password Changer
Posted Apr 28, 2009
Authored by Mr.tro0oqy

VisionLMS version 1.0 remote password changing exploit that leverages changePW.php.

tags | exploit, remote, php
SHA-256 | 355b4c9b088d211fb2b41e0d50a9c7539901f3429c0cfb67173f956a4cac54b8
Dokeos LMS 1.8.5 Code Execution
Posted Apr 22, 2009
Authored by StAkeR

Dokeos LMS versions 1.8.5 and below remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 584e9c9177950ed4da6042062cf94c76c7970a655f991c438239afb234bb2919
Dokeos LMS 1.8.5 PHP Code Injection
Posted Apr 21, 2009
Authored by EgiX

Dokeos LMS versions 1.8.5 and below remote php code injection exploit that kicks back a reverse shell and leverages whoisonline.php.

tags | exploit, remote, shell, php
SHA-256 | f0b09e2882fc239f1226e9456fc3ce190720e3cab172daab59ab0400fac16e39
PhpMesFilms 1.0 SQL Injection
Posted Jan 6, 2009
Authored by SuB-ZeRo | Site dz-security.com

PhpMesFilms version 1.0 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | 588aae46cd4a93fea4694195af913a6aec372bf08de1266adc82299a747442cf
Secunia Security Advisory 33332
Posted Jan 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SuB-ZeRo has discovered a vulnerability in PhpMesFilms, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6373819a8be573d1b9ab5c41aa8f8175445da87ea959f58e84c7638b39bec2ae
Zero Day Initiative Advisory 08-053
Posted Aug 15, 2008
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows an attacker to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists in the functionality exposed by the Storage Foundation for Windows Scheduler Service, VxSchedService.exe, which listens by default on TCP port 4888. The management console allows NULL NTLMSSP authentication thereby enabling a remote attacker to add, modify, or delete snapshots schedules and consequently run arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
systems | windows
SHA-256 | 3652171caf78ee8bd5e8d4dffd1352e18b45cce0e160d428be5706660113a647
joomlalms-sql.txt
Posted Apr 4, 2008
Authored by The-0utl4w | Site aria-security.net

The Joomla com_lms component suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | e35664abe9b055a846b17c7e948902c20e3dd3399a09d819e244cf76e51d37b3
efront-312-xss.txt
Posted Jan 24, 2008
Authored by fuzion

efront e-learning LMS version 3.1.2 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e6144a7c9d5d381e91195a19b7116260cfd5cf614fa5cc0937251ccf3c3e12ad
Zero Day Initiative Advisory 07-055
Posted Oct 11, 2007
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows remote attackers to crash systems with vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC runtime library rpcrt4.dll during the parsing of RPC-level authentication messages. When parsing packets with the authentication type of NTLMSSP and the authentication level of PACKET, an invalid memory dereference can occur if the verification trailer signature is initialized to 0 as opposed to the standard NTLM signature. Successful exploitation crashes the RPC service and subsequently the entire operating system.

tags | advisory, remote
systems | windows
advisories | CVE-2007-2228
SHA-256 | 81c3eb66a83ea337ccd5a2db389db399942be188bee24be99a592d845a95a2b3
lms-rfi.txt
Posted Mar 24, 2007
Authored by Kacper | Site rahim.webd.pl

LMS versions 1.8.9 and below suffer from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | e98137712f1609c94065ad9df58a42ab4d44cda1a679fe4434e8e70b5dc539c8
angellms71-sql.txt
Posted Mar 6, 2007
Authored by Guns

Angel LMS version 7.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c27594fcc35b3cf24a6d9e52bf0c74e8c65a6eea3a58eb662db1517786b82bed
DoceboLms303.txt
Posted Jun 12, 2006
Authored by Federico Fazzi

Docebo Lms version 3.0.3 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 7e5f86b1ae364da574479a6b204798c843c00e20b2d557a1cd3194972103a9b9
DoceboLMS2.05.txt
Posted May 29, 2006
Authored by beford

Docebo LMS 2.05 suffers from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 4fd03771dd7ffd588c5319b2efe27f26fe51697d032fa7df2c325c5dc2e1a2bc
Secunia Security Advisory 20298
Posted May 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - beford has discovered some vulnerabilities in DoceboLMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 4500dcb77866c1a7de12747fe0e18e8c32e9735cff6619e4c588485055e999b1
Secunia Security Advisory 17870
Posted Dec 9, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - lms has reported a weakness in QNX RTOS, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | c4e399a9a7ac1f3c8ca77add0649100e261c4e54ba11dbfd99aea4a61671a154
Secunia Security Advisory 17896
Posted Dec 7, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has reported two vulnerabilities in DoceboLMS, which can be exploited by malicious people to disclose system information and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | b5a338102a35618129f20d75813a283b81cff7e3399b9e51eae1d23ef1e7f272
Gentoo Linux Security Advisory 200409-4
Posted Sep 9, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-04 - Squid 2.5.x versions contain a bug in the functions ntlm_fetch_string() and ntlm_get_string() which lack checking the int32_t offset o for negative values. A remote attacker could cause a denial of service situation by sending certain malformed NTLMSSP packets if NTLM authentication is enabled.

tags | advisory, remote, denial of service
systems | linux, gentoo
SHA-256 | 37ad8ea0eca8fc282782f4e7b3c6eec6fcad6254abf2c27267ceae3fb1035f74
ms01-008
Posted Feb 12, 2001

Microsoft Security Advisory MS01-008 - A flaw in the NTLM Security Support Provider (NTLMSSP) service allows a non-administrative user to gain administrative control over the system. In order to perform this attack the user would need a valid login account and the ability to execute arbitrary code on the system. Microsoft FAQ on this issue available here.

tags | arbitrary
SHA-256 | fd372dce83d40400b88e4302defae7822e466e7f14d6a75ba1e1441d17864a81
sfs-0.5.tar.gz
Posted Feb 17, 2000
Authored by David Mazieres | Site fs.net

SFS is a secure, global file system with completely decentralized control. SFS lets you access your files from anywhere and share them with anyone, anywhere. Anyone can set up an SFS server, and any user can access any server from any client. At the same time, SFS uses strong cryptography to provide security over untrusted networks. Thus, you can safely share files across administrative realms without involving administrators or certification authorities.

Changes: Full linux support and removal of source code export restrictions.
tags | encryption
SHA-256 | 798cd8a703502cf681454ac0cf54df040463558e56f714bf5d6d7916b131fa50
sfs-0.4a.tar.gz
Posted Dec 14, 1999

SFS is a network file system that provides strong security over untrusted networks. At the same time, SFS goes to great lengths to prevent security from hurting performance or becoming an administrative burden. SFS is also a global file system. Users can access any server from any client in the world, and share files with anyone anywhere. There is no need to rely on system administrators or trusted third parties to coordinate the sharing of files across administrative realms. Thus, SFS provides convenient file sharing over the Internet even where security is not a priority.

tags | encryption
SHA-256 | febe984ca610aa5d321e23eac13504e78add07a053b402d77a52d2b782d1d7f2
Page 4 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close