Section: .. / 0506-exploits /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 88

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	adv14-theday-2005.txt
Description:	Liberum Help Desk versions greater than 0.97.3 suffer from various cross site scripting and SQL injection flaws.
Author:	theday
Homepage:	http://theday.echo.or.id/
File Size:	5808
Last Modified:	Jun 18 21:47:21 2005
MD5 Checksum:	b92dee53f638603d3cf3072d7956e72f

/// File Name:	adv18-theday-2005.txt
Description:	Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.
Author:	Dedi Dwianto
Homepage:	http://echo.or.id/adv/adv18-theday-2005.txt
File Size:	3196
Last Modified:	Jun 21 07:17:38 2005
MD5 Checksum:	2653ef9ff31d1fb8373b63f08748f37d

/// File Name:	adv19-theday-2005.txt
Description:	A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.
Author:	the_day
Homepage:	http://theday.echo.or.id/
File Size:	3653
Last Modified:	Jun 23 09:23:53 2005
MD5 Checksum:	c5fe79c7777b3ae8f5b10525761c8ff8

/// File Name:	adv21-theday-2005.txt
Description:	SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.
Author:	the_day
Homepage:	http://theday.echo.or.id/
File Size:	2463
Last Modified:	Jun 25 09:10:22 2005
MD5 Checksum:	ee5551b4a5153e5d71c800e2d028bb19

/// File Name:	ASPNuke.pl
Description:	ASPNuke versions 0.80 and below SQL injection exploit that makes use of article.asp.
Author:	mh_p0rtal
File Size:	1896
Last Modified:	Jun 29 10:31:28 2005
MD5 Checksum:	50df7997265f2e27e14b828757e8416f

/// File Name:	ASPNukeSQL080.txt
Description:	ASPNuke versions 0.80 and below remote SQL injection exploit using comment_post.asp.
Author:	Alberto Trivero
File Size:	1215
Last Modified:	Jul 1 06:59:53 2005
MD5 Checksum:	17f91b9995ed195bdd4d9b6322b7a733

/// File Name:	backupexec_agent.pm.txt
Description:	Veritas Backup Exec Agent CONNECT_CLIENT_AUTH Request exploit that makes use of a stack overflow.
Related File:	06.23.05-1.txt
File Size:	5477
Related CVE(s):	CAN-2005-0773
Last Modified:	Jun 29 10:26:11 2005
MD5 Checksum:	0de18c58e6ab3fabdfbfa6b59a0a5c3b

/// File Name:	bitrix40xInclusion.txt
Description:	Bitrix Site Manager 4.0.x suffers from a remote file inclusion and execution vulnerability.
Author:	d_bug
File Size:	1005
Last Modified:	Jun 21 06:56:05 2005
MD5 Checksum:	36b1b7457acd7c67150480cd54c8d2f1

/// File Name:	cacti.pl.txt
Description:	Cacti versions 0.8.6d and below remote command execution exploit.
Author:	Alberto Trivero
File Size:	1364
Last Modified:	Jun 23 09:37:23 2005
MD5 Checksum:	129bbc13dc26c639b3050ca8f8b72254

/// File Name:	CAU-launchd.c
Description:	Mac OS X 10.4 launchd race condition exploit.
Author:	intropy
File Size:	1798
Last Modified:	Jun 18 19:55:31 2005
MD5 Checksum:	1dace8c5356c34bdc3cccbc74efc4d78

/// File Name:	CAU-netpmon.c
Description:	IBM AIX netpmon elevated privileges exploit. Tested on 5.2.
Author:	intropy
File Size:	2869
Last Modified:	Jun 18 19:57:42 2005
MD5 Checksum:	409a5624dc0bd1ab461a6d6f1b63a2cf

/// File Name:	CAU-paginit.c
Description:	IBM AIX paginit root exploit. Tested on 5.2.
Author:	intropy
File Size:	2836
Last Modified:	Jun 18 19:58:45 2005
MD5 Checksum:	7532c7a5f32e58dc2dedf289996a3a3f

/// File Name:	claroline16.txt
Description:	Claroline e-Learning versions 1.6 and below remote password hash extraction SQL injection exploit.
Author:	Sieg Fried, MH_p0rtal
File Size:	2089
Last Modified:	Jun 21 07:07:50 2005
MD5 Checksum:	4a6202bc89d4af70e45042da387bf656

/// File Name:	communityXSS.txt
Description:	Community forum suffers from a cross site scripting flaw. Exploitation provided.
Author:	abducter_minds
File Size:	417
Last Modified:	Jun 29 10:45:39 2005
MD5 Checksum:	3eda9b0e950a5224de3379c5dd0b1c9e

/// File Name:	cuteNewsExec.txt
Description:	Providing an attacker already has administrative access to CuteNews, they can further execute commands on the underlying filesystem due to a failure in sanitizing user input.
Author:	John Cantu
File Size:	958
Last Modified:	Jun 18 21:45:21 2005
MD5 Checksum:	13c639ae677a2d9eb126ecd057e36988

/// File Name:	enterasys.txt
Description:	Enterasys Vertical Horizon switches have a default account embedded in them. Additionally, a denial of service vulnerability exists.
Author:	Jacek Lipkowski
File Size:	2216
Last Modified:	Jun 21 07:28:28 2005
MD5 Checksum:	3c55a0c2a378a2559de3b5e1742f103a

/// File Name:	eping.txt
Description:	eping, the ping plugin for the e107 portal system, has an arbitrary command execution flaw.
Homepage:	http://www.RedC0de.org
File Size:	1156
Last Modified:	Jun 21 06:19:39 2005
MD5 Checksum:	530e9ab0c93aca92d494ba14a45ab9da

/// File Name:	epsxe-e.c
Description:	ePSXe version 1.6.0 and below nogui() local exploit.
Author:	Qnix
File Size:	1882
Last Modified:	Jun 18 19:24:35 2005
MD5 Checksum:	6370ed74f1cebe6583b53e9d959801c2

/// File Name:	ExhibitSQL.txt
Description:	Exhibit Engine versions 1.22 and 1.54 RC4 are susceptible to SQL injection attacks.
Author:	sk0L
Homepage:	http://www.sec-consult.com
File Size:	3906
Last Modified:	Jun 18 21:49:56 2005
MD5 Checksum:	e2cf2a019fc4e8df82bb3d4fb1114445

/// File Name:	EXPL-A-2005-009.txt
Description:	Cool Cafe Chat 1.2.1 suffers from a SQL injection vulnerability via an unsanitized password variable.
Author:	Donnie Werner
Homepage:	http://exploitlabs.com
File Size:	1790
Last Modified:	Jun 21 07:01:29 2005
MD5 Checksum:	e392b48b21b9e092a495d83dbad304b0

/// File Name:	flatnuke_253_referer.pm.gz
Description:	FlatNuke 2.5.3 Referer poisoning remote command execution exploit created with the Metasploit Framework.
Author:	arkanoid
Homepage:	http://arkanoid.altervista.org
File Size:	1133
Last Modified:	Jun 21 06:14:23 2005
MD5 Checksum:	213c47f8075f975adbe15d1fdbdd0817

/// File Name:	fortinetBackdoor.txt
Description:	A backdoor exists in Fortinet's Fortigate firewall that allows for maintainer access.
Author:	Johan Andersson
File Size:	341
Last Modified:	Jun 18 21:43:31 2005
MD5 Checksum:	8fe53a36cec7a3f93b344324a23c7f91

/// File Name:	fusionBB.txt
Description:	FusionBB versions .11 Beta and earlier suffer from local file inclusion and SQL injection flaws.
Author:	James Bercegay
Homepage:	http://www.gulftech.org/
File Size:	2845
Last Modified:	Jun 21 06:38:07 2005
MD5 Checksum:	26d84d86e210a2af225ece325d416cc8

/// File Name:	fusionDB.pl.txt
Description:	PHP-Fusion versions 6.00.105 and below suffer from allowing their database backups to be remotely downloadable due to being accessible in the webroot.
Homepage:	http://dark-assassins.com/
File Size:	2733
Last Modified:	Jun 26 08:51:32 2005
MD5 Checksum:	5e6eabb5d51a59ceae4f51a7ae65acd4

/// File Name:	goodtechDoS.txt
Description:	GoodTech SMTP Server for Windows NT/2000/XP version 5.14 is susceptible to a denial of service vulnerability.
Author:	Reed Arvin
Homepage:	http://reedarvin.thearvins.com/
File Size:	1444
Last Modified:	Jun 20 08:59:15 2005
MD5 Checksum:	865e9cb2d4c6232438f6ab88a1e22c39