Section: .. / 0612-exploits /
| /// File Name: |
fi-xsssql.txt |
Description:
|
Future Internet suffers from cross site scripting and SQL injection vulnerabilities.
| | Author: | Linux_Drox | | Homepage: | http://www.LeZr.Com/vb | | File Size: | 659 | | Last Modified: | Dec 27 19:07:58 2006 |
| MD5 Checksum: | 6966f44ea176174449cd312526959c5f |
|
| /// File Name: |
kisgb-remote.txt |
Description:
|
Keep It Simple Guest Book version 5.0.0 suffers from remote file inclusion vulnerabilities.
| | Author: | 0o_zeus_o0 | | Homepage: | http://www.diosdelared.com | | File Size: | 1631 | | Last Modified: | Dec 27 18:39:35 2006 |
| MD5 Checksum: | ffca534a92ee430714123da60d9d94d4 |
|
| /// File Name: |
efkanforum10-sql.txt |
Description:
|
Efkan Forum version 1.0 suffers from a SQL injection vulnerability., ShaFuck31
| | File Size: | 463 | | Last Modified: | Dec 27 18:37:32 2006 |
| MD5 Checksum: | 6a5538f5c10fb1820cbe5f7735095cc4 |
|
| /// File Name: |
oracle-xss.txt |
Description:
|
Oracle Applications/Portal versions 9i and 10g suffer from cross site scripting vulnerabilities.
| | Author: | putosoft softputo | | File Size: | 911 | | Last Modified: | Dec 27 18:36:51 2006 |
| MD5 Checksum: | 1b0ccb38219a1e3fd916f31b5795e443 |
|
| /// File Name: |
xtnew01-sqlxss.txt |
Description:
|
Xt-News version 0.1 suffers from cross site scripting and SQL injection vulnerabilities.
| | Author: | Mr_KaLiMaN | | File Size: | 874 | | Last Modified: | Dec 27 18:31:49 2006 |
| MD5 Checksum: | 34247aafd68b51609f0f8d6ddf532b7d |
|
| /// File Name: |
ixprim12-sql.txt |
Description:
|
Ixprim version 1.2 remote blind SQL injection exploit.
| | Author: | DarkFig | | File Size: | 7282 | | Last Modified: | Dec 21 22:08:03 2006 |
| MD5 Checksum: | 6fc316346c50c165c7912d9525431184 |
|
| /// File Name: |
SEC-20061220-0.txt |
Description:
|
SEC-CONSULT Security Advisory - Typo3 CMS versions 4.0.0 through 4.0.3 (along with other variants) suffer from a remote command execution flaw. Proof of concept included.
| | Author: | D. Fabian, J. Greil | | Homepage: | http://www.sec-consult.com | | File Size: | 3804 | | Last Modified: | Dec 21 19:08:31 2006 |
| MD5 Checksum: | fbc0a250ce78efccab4739344f3e35ce |
|
| /// File Name: |
miniwebshop-xss.txt |
Description:
|
Mini Web Shop version 2.1.c suffers from a cross site scripting flaw.
| | Author: | Linux_Drox | | Homepage: | http://www.LeZr.Com | | File Size: | 464 | | Last Modified: | Dec 21 19:04:09 2006 |
| MD5 Checksum: | 52e0ec80ff8401bbaa5b62722c9925f2 |
|
| /// File Name: |
raptor_orafile.sql.txt |
Description:
|
Oracle 9i and 10g file system access via utl_file exploit.
| | Author: | Marco Ivaldi | | File Size: | 2470 | | Last Modified: | Dec 21 19:03:26 2006 |
| MD5 Checksum: | 56e606239e1ef343d372aa608fb5f43e |
|
| /// File Name: |
raptor_oraextproc.sql.txt |
Description:
|
This PL/SQL code exploits the Oracle extproc directory traversal bug to remotely execute arbitrary OS commands with the privileges of the DBMS user. All versions of Oracle 9i are susceptible. Oracle 10g versions prior to 10.1.0.3 are susceptible.
| | Author: | Marco Ivaldi | | File Size: | 2686 | | Related CVE(s): | CVE-2004-1364 | | Last Modified: | Dec 21 19:02:07 2006 |
| MD5 Checksum: | fbd3fbf823f6068de990e2bfdae52223 |
|
| /// File Name: |
byd-sql.txt |
Description:
|
Burak Yilmaz Download Portal suffers from a SQL injection vulnerability in down.asp.
| | Author: | ShaFuq31 | | File Size: | 564 | | Last Modified: | Dec 21 18:59:25 2006 |
| MD5 Checksum: | e6994a9a94a64f39b406a70be4968696 |
|
| /// File Name: |
dos2.4.5.py.txt |
Description:
|
Proof of concept exploit for a buffer overflow in HP printers version 2.4.5.
| | Author: | Joxean Koret | | Related File: | hpftp-dos.txt | | File Size: | 1202 | | Last Modified: | Dec 21 18:57:56 2006 |
| MD5 Checksum: | e5fdf5261f9055a6c0ef212e196b7b52 |
|
| /// File Name: |
dos2.4.py.txt |
Description:
|
Proof of concept exploit for a buffer overflow in HP printers version 2.4.
| | Author: | Joxean Koret | | Related File: | hpftp-dos.txt | | File Size: | 1185 | | Last Modified: | Dec 21 18:57:28 2006 |
| MD5 Checksum: | 4008a7cfd4ac6bf90e75e6be3cfb673a |
|
| /// File Name: |
inetmedia.txt |
Description:
|
Multiple cross site scripting and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain confidential information and/or modify the database.
| | Author: | kahir, Filip Palian | | File Size: | 1493 | | Last Modified: | Dec 21 18:52:23 2006 |
| MD5 Checksum: | f8b84ae188e1e794c2f0e08dbb241966 |
|
| /// File Name: |
webcal10-xss.txt |
Description:
|
WebCalendar version 1.0 suffers from a cross site scripting flaw.
| | Author: | 7all | | File Size: | 811 | | Last Modified: | Dec 21 18:50:39 2006 |
| MD5 Checksum: | 18e2030afb9d31e09ec2f5c021f09660 |
|
| /// File Name: |
wget-PoC.pl |
Description:
|
WGet version 1.10.2 and below suffer from an unchecked boundary condition. Proof of concept included.
| | Author: | Federico L. Bossi Bonin | | Homepage: | http://www.globalst.com.ar | | File Size: | 2099 | | Last Modified: | Dec 21 18:47:07 2006 |
| MD5 Checksum: | 2d1957252cecffa8bcc924f9383a3867 |
|
| /// File Name: |
rateme-rfi.txt |
Description:
|
All versions of RateMe suffer from a remote file inclusion vulnerability.
| | Author: | Al7ejaz Hacker | | File Size: | 4190 | | Last Modified: | Dec 21 18:14:57 2006 |
| MD5 Checksum: | c9abc4ebacea73533118716b0fb91d77 |
|
| /// File Name: |
hypervm-xss.txt |
Description:
|
HyperVM suffers from a cross site scripting flaw.
| | Homepage: | http://www.aria-security.com/ | | File Size: | 372 | | Last Modified: | Dec 21 18:10:28 2006 |
| MD5 Checksum: | cb91e003dca933f5907b17a4c8353fb7 |
|
| /// File Name: |
intel-race.txt |
Description:
|
The Intel 2200BG card suffers from a race condition vulnerability. Proof of concept code included.
| | Author: | Breno Silva, Johnny Cache | | File Size: | 4440 | | Last Modified: | Dec 21 18:09:35 2006 |
| MD5 Checksum: | 6c40fbf83154c14c190a6c246566af79 |
|
| /// File Name: |
sitecatalyst-xss.txt |
Description:
|
SiteCatalyst Web Login suffers from a cross site scripting vulnerability.
| | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1159 | | Last Modified: | Dec 21 17:58:51 2006 |
| MD5 Checksum: | 0f9bdfe969a232986e7e5dd268315f30 |
|
| /// File Name: |
contra-SQL.txt |
Description:
|
Contra Haber Sistemi version 1.0 suffers from a SQL injection vulnerability.
| | Author: | ShaFuck31 | | File Size: | 612 | | Last Modified: | Dec 21 17:57:58 2006 |
| MD5 Checksum: | e24220d748bb4b76762fd4f6674c5198 |
|
| /// File Name: |
google-XSS.txt |
Description:
|
Google G-Mail is susceptible to a cross site scripting issue.
| | Author: | SwEET-DeViL | | File Size: | 322 | | Last Modified: | Dec 21 17:54:56 2006 |
| MD5 Checksum: | c777d64482952dde53269fcf9bedbf02 |
|
| /// File Name: |
ftpd-ldpreload.pl.txt |
Description:
|
FTP server (GNU inetutils 1.4.2) remote root exploit.
| | Author: | kingcope | | File Size: | 2734 | | Last Modified: | Dec 21 16:39:26 2006 |
| MD5 Checksum: | 03ce0835a862b051c0be5bb8d1524075 |
|
| /// File Name: |
adwords-crlf-injection.pdf |
Description:
|
Multiple CRLF injection aka HTTP response splitting vulnerabilities have been identified in Google AdWords which may be exploited to inject arbitrary HTTP headers.
| | Author: | Debasis Mohanty | | Homepage: | http://hackingspirits.com/ | | File Size: | 123143 | | Last Modified: | Dec 15 05:14:08 2006 |
| MD5 Checksum: | 489827dac405b8f825bc0e35c68a8d75 |
|
| /// File Name: |
kms1.py.txt |
Description:
|
Kerio MailServer version 6.2.2 preauth remote denial of service exploit.
| | Author: | Evgeny Legerov | | File Size: | 2999 | | Last Modified: | Dec 15 04:57:48 2006 |
| MD5 Checksum: | 208c006d41e70ee157fb0122ff3b9a5d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
