Section: .. / 0805-exploits /
| /// File Name: |
phpraider-rfi.txt |
Description:
|
phpRaider version 1.0.7 suffers from a remote file inclusion vulnerability in phpbb3.functions.php.
| | Author: | Dr.Kacak | | File Size: | 878 | | Last Modified: | May 27 17:08:28 2008 |
| MD5 Checksum: | 1a8e4e8d3f80585c7ec7fd35ae3a3350 |
|
| /// File Name: |
roomphplanning15-user.txt |
Description:
|
RoomPHPlanning version 1.5 suffers from an arbitrary add user vulnerability.
| | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 2537 | | Last Modified: | May 27 16:58:54 2008 |
| MD5 Checksum: | b091f74ae76289a3484b2087cd7e6d42 |
|
| /// File Name: |
roomphplanning15-sql.txt |
Description:
|
RoomPHPlanning version 1.5 suffers from a remote SQL injection vulnerability.
| | Author: | His0k4 | | File Size: | 584 | | Last Modified: | May 27 16:57:09 2008 |
| MD5 Checksum: | f803536893c297efa99f51b2a0eb3db0 |
|
| /// File Name: |
wpupload-sql.txt |
Description:
|
The Wordpress Upload File plugin suffers from a remote SQL injection vulnerability.
| | Author: | Belsec Team | | Homepage: | http://eserg.ru/ | | File Size: | 753 | | Last Modified: | May 27 16:52:44 2008 |
| MD5 Checksum: | 2a3406f55f34ccdaea90158bdb370691 |
|
| /// File Name: |
hordekrono-xss.txt |
Description:
|
The Horde and Kronolith Calendar applications suffer from multiple cross site scripting vulnerabilities.
| | Author: | Ivan Sanchez | | Homepage: | http://www.nullcode.com.ar/ | | File Size: | 1378 | | Last Modified: | May 23 18:53:15 2008 |
| MD5 Checksum: | 4973d15ad3490d45bd75e600e5002561 |
|
| /// File Name: |
DSECRG-08-025.txt |
Description:
|
OneCMS version 2.5 suffers from a local file inclusion vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 1877 | | Last Modified: | May 23 18:51:41 2008 |
| MD5 Checksum: | 49fbe6f80c8f5e5908f71ae1d17def59 |
|
| /// File Name: |
DSECRG-08-024.txt |
Description:
|
Quate CMS version 0.3.4 suffers from remote file inclusion, local file inclusion, directory traversal, and multiple cross site scripting vulnerabilities. Everything about this application screams run away.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 4323 | | Last Modified: | May 23 18:51:04 2008 |
| MD5 Checksum: | ee132218181be1d9c36e130c92c96989 |
|
| /// File Name: |
e107blog-sql.txt |
Description:
|
The e107 BLOG Engine plugin version 2.2 suffers from another blind SQL injection vulnerability.
| | Author: | hadihadi | | Homepage: | http://www.virangar.org/ | | File Size: | 1689 | | Last Modified: | May 23 18:45:21 2008 |
| MD5 Checksum: | 57377df079d50a8ec69355d1b3cc0286 |
|
| /// File Name: |
abledating-sqlxss.txt |
Description:
|
AbleDating version 2.4 suffers from SQL injection and cross site scripting vulnerabilities.
| | Author: | Ali Jasbi | | File Size: | 857 | | Last Modified: | May 22 19:49:35 2008 |
| MD5 Checksum: | 027ae9a34f563f1b7d559493d20715c1 |
|
| /// File Name: |
bmforum-xss.txt |
Description:
|
BMForum Remote version 5.6 suffers from multiple cross site scripting vulnerabilities.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1336 | | Last Modified: | May 22 19:43:19 2008 |
| MD5 Checksum: | 7ddc7fa5253171ff16e2189b6bb97788 |
|
| /// File Name: |
exteen-disclose.txt |
Description:
|
Exteen Blog suffers from a cookie disclosure flaw using a cross site scripting vulnerability.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1693 | | Last Modified: | May 22 19:42:36 2008 |
| MD5 Checksum: | ae182887969eb5e037a793cdedb4bb93 |
|
| /// File Name: |
phpsqlitecms-xss.txt |
Description:
|
phpSQLiteCMS version 1 RC2 suffers from a cross site scripting vulnerability.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1317 | | Last Modified: | May 22 19:40:26 2008 |
| MD5 Checksum: | d879becc75038f4b12103473e95b31b5 |
|
| /// File Name: |
phpfreeforum-xss.txt |
Description:
|
PHPFreeForum versions 1.0 RC2 and below suffer from a cross site scripting vulnerability.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1019 | | Last Modified: | May 22 19:37:39 2008 |
| MD5 Checksum: | 42c4d15968866e0dcdc6afede285993e |
|
| /// File Name: |
barracuda-xss.txt |
Description:
|
The Barracuda Spam Firewall device web administration interface is vulnerable to a reflected cross site scripting vulnerability which may allow theft of administrative credentials or downloading of malicious content. IRM confirmed the presence of this vulnerability in Barracuda Spam Firewall 600 Firmware 3.5.11.020. The vendor has confirmed the issue exists in all versions prior to 3.5.11.025.
| | Homepage: | http://www.irmplc.com/ | | File Size: | 2611 | | Related CVE(s): | CVE-2008-2333 | | Last Modified: | May 22 12:06:44 2008 |
| MD5 Checksum: | f01c0c0fe4ef87f37db05af1e4b203b2 |
|
| /// File Name: |
CORE-2008-0126.txt |
Description:
|
Core Security Technologies Advisory - Three vulnerabilities discovered in the iCal application may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application and may cause a denial of service condition. iCal version 3.0.1 on MacOS X 10.5.1 (Leopard) is affected.
| | Author: | Rodrigo Carvalho | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 21492 | | Related CVE(s): | CVE-2008-1035, CVE-2008-2006, CVE-2008-2007 | | Last Modified: | May 22 02:09:15 2008 |
| MD5 Checksum: | 11a13bc43611498dc555126d0f0716ea |
|
| /// File Name: |
netbutikker-sql.txt |
Description:
|
Netbutikker versions 4 and below suffer from remote SQL injection vulnerabilities.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 3573 | | Last Modified: | May 22 01:24:45 2008 |
| MD5 Checksum: | df91650e127b8c0ae89d03098c4206f1 |
|
| /// File Name: |
McAfeeUnlocker.cpp |
Description:
|
McAfee VirusScan version 8.5.0i local exploit that allows a basic user the ability to change the unlock password.
| | Author: | Bendi | | File Size: | 2313 | | Last Modified: | May 22 01:23:10 2008 |
| MD5 Checksum: | 0b28adc5a3ab2ce69b57cbd36807c4cb |
|
| /// File Name: |
weblosninger-sqlxss.txt |
Description:
|
Weblosninger versions 4 and below suffer from cross site scripting and SQL injection vulnerabilities.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 2668 | | Last Modified: | May 22 01:18:04 2008 |
| MD5 Checksum: | c30185dc8449fb3d6b2f241681780eb5 |
|
| /// File Name: |
6rbscript-sql.txt |
Description:
|
6rbScript suffers from a remote SQL injection vulnerability in news.php.
| | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 689 | | Last Modified: | May 22 01:16:45 2008 |
| MD5 Checksum: | 4b1738ec234258ccc323697cd7b42fdf |
|
| /// File Name: |
phpjokesite-sql.txt |
Description:
|
PHP Jokesite version 2.0 suffers from a remote SQL injection vulnerability.
| | Author: | cyb3r-1st | | File Size: | 2329 | | Last Modified: | May 22 01:15:09 2008 |
| MD5 Checksum: | c5f97c7a1d89294925094a9a54d7c404 |
|
| /// File Name: |
DSECRG-08-020-1.txt |
Description:
|
Alcatel OmniPCX Office versions since 210/061.1 suffers from a remote command execution vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2882 | | Last Modified: | May 22 01:10:25 2008 |
| MD5 Checksum: | 56440552779f9dd9219d64ced52c0095 |
|
| /// File Name: |
DSECRG-08-023.txt |
Description:
|
The SAP Web Application Server version 7.0 suffers from a cross site scripting vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 1803 | | Last Modified: | May 22 01:05:27 2008 |
| MD5 Checksum: | 3b39605faa6f42c95ee6aa32c90714d2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
