Section:  .. / 0503-exploits  /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 141
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: UblogXSS.txt
Description:
Ublog versions below 1.0.5 suffer from a cross site scripting flaw.
Author:3nitro
Homepage:http://www.PersianHacker.NET
File Size:1322
Last Modified:Apr 2 06:57:27 2005
MD5 Checksum:ed934839be2ce48b491000051e9d7fb2

 ///  File Name: phpCoin.txt
Description:
There is a file inclusion and three SQL injection vulnerabilities in phpCoin versions 1.2.1b and below.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:2310
Last Modified:Apr 2 06:52:19 2005
MD5 Checksum:8eb196d960961c4d2af5d20984a065bd

 ///  File Name: squirrelSQL.txt
Description:
Squirrelcast PHP Shopping Cast is susceptible to SQL injection attacks. Sample exploitation details provided.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com
File Size:8426
Last Modified:Mar 30 11:45:25 2005
MD5 Checksum:568ffebf08ecc4d9abd2b3b1a6c4b296

 ///  File Name: r57punbb.pl.txt
Description:
PunBB versions 1.2.2 and below remote authentication bypass exploit.
Author:1dt.w0lf
Homepage:http://www.rst.void.ru
File Size:3295
Last Modified:Mar 30 11:36:42 2005
MD5 Checksum:14ac58d49c7c030c98bb28f9d9ed98c4

 ///  File Name: un-lkernel2.6.10.c
Description:
Linux kernel versions 2.6.10 and below denial of service exploit.
Author:ChoiX
Homepage:http://www.unl0ck.org/
File Size:1645
Last Modified:Mar 30 11:22:51 2005
MD5 Checksum:f8d6bef5011ac4b4c14927182effb090

 ///  File Name: unrealmagic.c
Description:
Cyrus IMAPd versions 2.2.4 through 2.2.8 remote exploit. Original flaw discovered by Stefan Esser.
Author:crash-x
Homepage:http://www.unl0ck.org/
File Size:12728
Related CVE(s):CAN-2004-1011, CAN-2004-1012, CAN-2004-1013
Last Modified:Mar 30 11:22:01 2005
MD5 Checksum:b925255b5f9ec763597486c1d7614a73

 ///  File Name: 0x666-ftpd.c
Description:
mtftp versions 0.0.3 and below remote root exploit.
Author:darkeagle
Homepage:http://www.unl0ck.org/
File Size:6860
Last Modified:Mar 30 11:18:35 2005
MD5 Checksum:3157bcd0790a55cc79fa53c28ebd5220

 ///  File Name: tripodXSS.txt
Description:
Tripod.com suffers from multiple cross site scripting flaws.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com/
File Size:10841
Last Modified:Mar 30 11:00:06 2005
MD5 Checksum:871f583080aca0b5d0f100628625877b

 ///  File Name: invision203.txt
Description:
Invision Power Board version 2.0.3 is susceptible to cross site scripting attacks.
Author:hoang yen
File Size:1940
Last Modified:Mar 30 10:44:56 2005
MD5 Checksum:50b26457115de6ae46e31dd967810418

 ///  File Name: 897.cpp
Description:
phpBB versions 2.0.12 and below Change User Rights authentication bypass exploit.
Homepage:http://www.milw0rm.com/
File Size:1911
Last Modified:Mar 30 10:43:02 2005
MD5 Checksum:87b1a7d3b64fc21371f9332c95baf906

 ///  File Name: AspApp.txt
Description:
Multiple SQL injection and cross site scripting vulnerabilities have been discovered in AspApp. Sample exploitation provided.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com/
File Size:6473
Last Modified:Mar 29 08:14:13 2005
MD5 Checksum:ae23a77026d9b3bedf11cebcfb6cda1d

 ///  File Name: portalApp.txt
Description:
Multiple SQL injection and cross site scripting vulnerabilities have been discovered in PortalApp. Sample exploitation provided.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com/
File Size:5199
Last Modified:Mar 29 08:13:38 2005
MD5 Checksum:bceb796bebe444666bac3de88067f3e6

 ///  File Name: ACSblog111.txt
Description:
ACS Blog version 1.1.1 is susceptible to multiple cross site scripting attacks.
Author:Dan Crowley
File Size:915
Last Modified:Mar 29 08:12:09 2005
MD5 Checksum:57849662df466151336be8e56f7b2d01

 ///  File Name: smack.c.gz
Description:
Remote root exploit for the preparse_address_1() heap buffer overflow in Smail versions 3.20.120 and below.
Author:infamous41md
Related File:smailHeap.txt
File Size:3840
Last Modified:Mar 29 07:30:58 2005
MD5 Checksum:07ebc36eaafbfaba94becbce88dcec6b

 ///  File Name: photopostSQLXSS.txt
Description:
Photopost PHP Pro Photo Gallery software is susceptible to multiple cross site scripting and SQL injection attacks. Detailed exploitation provided.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com/
File Size:3524
Last Modified:Mar 29 07:25:08 2005
MD5 Checksum:2ca859abb7fbc89929c944b1a579a590

 ///  File Name: answerbook2.txt
Description:
PTT Security Advisory - Sun Answerbook2 version 1.4.4 is susceptible to cross site scripting and administration attacks. Exploitation provided.
Author:Thomas Liam Romanis
File Size:2589
Related CVE(s):CAN-2005-0548, CAN-2005-0549
Last Modified:Mar 29 07:22:37 2005
MD5 Checksum:8ee1ec524755884a03990353dce0043c

 ///  File Name: tincat2bof.zip
Description:
Proof of concept exploit for a remotely exploitable buffer overflow in the Tincat network library used in various games.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:tincat2bof.txt
File Size:10775
Last Modified:Mar 29 07:07:35 2005
MD5 Checksum:e35a68e27f1cc93387ac11089310ac07

 ///  File Name: thaiXSS.txt
Description:
THai's Shoutbox is susceptible to a cross site scripting bug.
Author:CorryL
Homepage:http://www.x0n3-h4ck.org
File Size:2128
Last Modified:Mar 29 07:01:32 2005
MD5 Checksum:29757cec0a44beb39486c0c2b8f7c0c8

 ///  File Name: vladersoft30.txt
Description:
Vladersoft Shopping Cart version 3.0 is susceptible to multiple cross site scripting and SQL injection vulnerabilities. Sample exploitation provided.
Author:Diabolic Crab
Homepage:http://www.hackerscenter.com/
File Size:3109
Last Modified:Mar 29 06:54:57 2005
MD5 Checksum:f838d6bd02ba2a9e0fa1f27daf3cda88

 ///  File Name: dcrab-e-xoops.txt
Description:
Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.
Author:dcrab
Homepage:http://icis.digitalparadox.org/~dcrab
File Size:2221
Last Modified:Mar 28 12:53:42 2005
MD5 Checksum:c403d0741fe94de0e0392d54e9113057

 ///  File Name: timbuktu_userbrute.c
Description:
Timbuktu Pro Remote Control user enumeration program. Wordlist-based bruteforce tool that checks whether a given username exists on the target server or not, which is possible due to a difference in the error message returned when the username is invalid versus when the password is invalid.
Author:Conehead
File Size:6971
Last Modified:Mar 28 12:27:28 2005
MD5 Checksum:160f3e45e55a5354c371fafb59082f05

 ///  File Name: ZH2005-03SA.txt
Description:
NukeBookmarks version 6 contains SQL injection, cross site scripting, and path-disclosure vulnerabilities. Advisory contains example exploit URLs.
Author:astharot
Homepage:http://zone-h.org
File Size:2585
Last Modified:Mar 28 04:00:12 2005
MD5 Checksum:64e1892c99959780e13d89efbbe7ba94

 ///  File Name: limehack.pl
Description:
Limewire directory traversal exploit. Exploits bug in versions 4.1.2 - 4.5.6, inclusive.
Author:Marco van Berkum
Homepage:http://jammerjoh.xs4all.nl
Related Exploit:limewire480.txt"
File Size:2198
Last Modified:Mar 27 12:26:18 2005
MD5 Checksum:dfa8a4ee0a01e7310d4c9ee1e46e77c3

 ///  File Name: dcrab-estore.txt
Description:
E-Store Kit-2 PayPal Edition is susceptible to file include and cross site scripting vulnerabilities.
Author:Dcrab
Homepage:http://icis.digitalparadox.org/~dcrab
File Size:5072
Last Modified:Mar 26 00:41:06 2005
MD5 Checksum:fedf099104a5e7b7f2ff5b77d763ee35

 ///  File Name: dcrab-paypal.txt
Description:
Various cross-site scripting and (possible) SQL injection vulnerabilities exist in ESMIstudio's PayPal storefront scripts. It may not always be possible to exploit some of these depending on how PHP, Apache, and MySQL have been configured, however.
Author:Dcrab
Homepage:http://icis.digitalparadox.org/~dcrab/
File Size:1929
Last Modified:Mar 26 00:40:07 2005
MD5 Checksum:bd48a913809534b86c6b01d28239201d