Section: .. / 1002-exploits /
| /// File Name: |
izumi-rfilfi.txt |
Description:
|
Izumi versions 1.1.0 and below suffer from local file inclusion and remote file inclusion vulnerabilities.
| | Author: | cr4wl3r | | File Size: | 886 | | Last Modified: | Feb 12 14:29:19 2010 |
| MD5 Checksum: | d786b97e8ad48bac6a53fa224187e5f5 |
|
| /// File Name: |
jag-disclose.txt |
Description:
|
J.A.G. aka Just Another Guestbook suffers from a database disclosure vulnerability.
| | Author: | Phenom | | File Size: | 1039 | | Last Modified: | Feb 12 02:15:33 2010 |
| MD5 Checksum: | 36d8efec1b5d273552a8c5961da9bab6 |
|
| /// File Name: |
JAHx101.txt |
Description:
|
Huski Retail suffers from multiple remote SQL injection vulnerabilities.
| | Homepage: | http://www.justanotherhacker.com/ | | File Size: | 1652 | | Last Modified: | Feb 5 17:57:24 2010 |
| MD5 Checksum: | 7d34ba16705e32a5a07fcff935f9bff7 |
|
| /// File Name: |
JAHx102.txt |
Description:
|
Huski CMS suffers from a local file inclusion vulnerability.
| | Homepage: | http://www.justanotherhacker.com/ | | File Size: | 2130 | | Last Modified: | Feb 5 17:58:56 2010 |
| MD5 Checksum: | f9bb584d8fabdd6a981eeb33bb50d02a |
|
| /// File Name: |
java_signed_applet.rb.txt |
Description:
|
This exploit dynamically creates an applet via the Msf::Exploit::Java mixin, converts it to a .jar file, then signs the .jar with a dynamically created certificate containing values of your choosing. This is presented to the end user via a web page with an applet tag, loading the signed applet. The user's JVM pops a dialog asking if they trust the signed applet and displays the values chosen. Once the user clicks 'accept', the applet executes with full user permissions. The java payload used in this exploit is derived from Stephen Fewer's and HDM's payload created for the CVE-2008-5353 java deserialization exploit. This Metasploit module requires the rjb rubygem, the JDK, and the $JAVA_HOME variable to be set. If these dependencies are not present, the exploit falls back to a static, signed JAR.
| | Author: | natron | | Homepage: | http://www.metasploit.com | | File Size: | 13877 | | Last Modified: | Feb 5 18:56:35 2010 |
| MD5 Checksum: | 582aae1c0eff51e3f30d79add62758eb |
|
| /// File Name: |
javapont-lfi.txt |
Description:
|
JavaPont suffers from a local file inclusion vulnerability.
| | Author: | Palyo34 | | File Size: | 449 | | Last Modified: | Feb 25 01:25:46 2010 |
| MD5 Checksum: | d5838ca38a5ac4cb4faf2b76da840c00 |
|
| /// File Name: |
jaxcms-lfi.txt |
Description:
|
JaxCMS version 1.0 suffers from a local file inclusion vulnerability.
| | Author: | MizoZ | | File Size: | 395 | | Last Modified: | Feb 8 17:50:39 2010 |
| MD5 Checksum: | c6fd81a40467587f9b04c1a7b9b0f957 |
|
| /// File Name: |
jboss_maindeployer.rb.txt |
Description:
|
This Metasploit module can be used to execute a payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:MainDeployer functionality. To accomplish this, a temporary HTTP server is created to serve a WAR archive containing our payload. This method will only work if the target server allows outbound connections to us.
| | Author: | jduck | | Homepage: | http://www.metasploit.com | | File Size: | 6266 | | Related OSVDB(s): | 33744 | | Related CVE(s): | CVE-2006-1036 | | Last Modified: | Feb 23 01:19:27 2010 |
| MD5 Checksum: | 99b80c8a2b487c1ef70b58ea0a45407a |
|
| /// File Name: |
jdownloader-exec.txt |
Description:
|
JDownloader versions below 2010-01-25 with Click n Load 2 support suffer from a code execution vulnerability. Proof of concept included.
| | Author: | apoc | | Homepage: | http://apoc.sixserv.org/ | | File Size: | 3673 | | Last Modified: | Feb 8 20:28:00 2010 |
| MD5 Checksum: | f02e18d147b9e1dfcc34e8cf5cfa5186 |
|
| /// File Name: |
joomlaacstartseite-sql.txt |
Description:
|
The Joomla ACStartSeite component suffers from a remote SQL injection vulnerability.
| | Author: | AtT4CKxT3rR0r1ST | | File Size: | 976 | | Last Modified: | Feb 17 18:53:30 2010 |
| MD5 Checksum: | d49fec76357c4c804dcaa39f29e6bad8 |
|
| /// File Name: |
joomlaacteammember-sql.txt |
Description:
|
The Joomla ACTeamMember component suffers from a remote SQL injection vulnerability.
| | Author: | altbta | | File Size: | 1080 | | Last Modified: | Feb 17 18:50:45 2010 |
| MD5 Checksum: | b9a10aed5a79959cebcc0d0f7178c5f3 |
|
| /// File Name: |
joomlaallvideos-download.txt |
Description:
|
Joomla Jw_allVideos version 1.0 suffers from a remote file download vulnerability.
| | Author: | Pouya Daneshmand | | File Size: | 794 | | Last Modified: | Feb 15 15:40:13 2010 |
| MD5 Checksum: | a1767756176be632833ca1e16bac4756 |
|
| /// File Name: |
joomlaallvideos31-disclose.txt |
Description:
|
The Joomla AllVideos plugin version 3.1 suffers from a remote file download vulnerability.
| | Author: | Mehul Revankar | | Related Exploit: | joomlaallvideos-download.txt | | File Size: | 520 | | Last Modified: | Feb 17 18:58:13 2010 |
| MD5 Checksum: | db81c2cf3e02fe5df667c57d027a9eb5 |
|
| /// File Name: |
joomlacomice-sql |
Description:
|
The Joomla Ice component suffers from a remote blind SQL injection vulnerability.
| | Author: | Snakespc | | File Size: | 2534 | | Last Modified: | Feb 23 20:02:55 2010 |
| MD5 Checksum: | 06551bd0aa6e52d373c03bc9f30bf652 |
|
| /// File Name: |
joomlacommodel-sql.txt |
Description:
|
The Joomla Model component suffers from a remote SQL injection vulnerability.
| | Author: | Fl0riX | | Related Exploit: | joomlamodel-sql.txt | | File Size: | 1191 | | Last Modified: | Feb 8 17:12:56 2010 |
| MD5 Checksum: | 3ab784b44d144f6984ef998c42689daf |
|
| /// File Name: |
joomlacp-lfi.txt |
Description:
|
The Joomla Community Polls component suffers from a local file inclusion vulnerability.
| | Author: | kaMtiEz | | Homepage: | http://www.indonesiancoder.com/ | | File Size: | 1619 | | Last Modified: | Feb 19 16:00:21 2010 |
| MD5 Checksum: | 231b0080cfec609c4a5154dca2612837 |
|
| /// File Name: |
joomlaerotik-sql.txt |
Description:
|
The Joomla Erotik component suffers from a remote SQL injection vulnerability.
| | Author: | Fl0riX | | File Size: | 1190 | | Last Modified: | Feb 5 17:55:57 2010 |
| MD5 Checksum: | ce33f1557e3c3cc8d93c04f94042e555 |
|
| /// File Name: |
joomlaflashmagdeluxe-sql.txt |
Description:
|
The Joomla FlashMagazineDeluxe component suffers from a remote blind SQL injection vulnerability.
| | Author: | Snakespc | | File Size: | 906 | | Last Modified: | Feb 15 18:13:13 2010 |
| MD5 Checksum: | 858d3ff0caca458476d5e51bd1ce15cb |
|
| /// File Name: |
joomlagambling-sql.txt |
Description:
|
The Joomla Gambling component suffers from a remote SQL injection vulnerability.
| | Author: | md.r00t | | File Size: | 777 | | Last Modified: | Feb 1 21:14:45 2010 |
| MD5 Checksum: | 9f70bdade337441f6f2bb52db1de9e00 |
|
| /// File Name: |
joomlagirls-sql.txt |
Description:
|
The Joomla Girls component suffers from a remote SQL injection vulnerability.
| | Author: | Fl0riX | | File Size: | 799 | | Last Modified: | Feb 8 17:17:34 2010 |
| MD5 Checksum: | d8b4034f335f460ae66c03493eb25c54 |
|
| /// File Name: |
joomlahdvideoshare-sql.txt |
Description:
|
The Joomla HDVideoShare component suffers from a remote SQL injection vulnerability.
| | Author: | Snakespc | | File Size: | 808 | | Last Modified: | Feb 15 18:09:37 2010 |
| MD5 Checksum: | ea89b69e44a5137c15dd8f40a7113936 |
|
| /// File Name: |
joomlaimages-sql.txt |
Description:
|
The Joomla Images component suffers from a remote SQL injection vulnerability.
| | Author: | Snakespc | | File Size: | 799 | | Last Modified: | Feb 15 15:25:45 2010 |
| MD5 Checksum: | 05124f200085d57792232b5855e46c3a |
|
| /// File Name: |
joomlajcb-sql.txt |
Description:
|
The Joomla JoomlaConnect_be component suffers from a remote SQL injection vulnerabilities.
| | Author: | Snakespc | | File Size: | 3420 | | Last Modified: | Feb 26 13:54:30 2010 |
| MD5 Checksum: | 32ce44e64c0359cb57c8d30f04c505ef |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
