Section:  .. / 0507-exploits  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 92
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: iejavaprxyexploit.pl.txt
Description:
Microsoft Internet Explorer javaprxy.dll COM object exploit that binds a shell to port 28876. Tested on Internet Explorer 6 on Microsoft Windows XP SP1 and SP2.
Author:FrSIRT
File Size:4623
Last Modified:Jul 7 09:17:42 2005
MD5 Checksum:85b3ff1c3b9ffb9b9b514df63ca757b9

 ///  File Name: SiemensSANTIS50.txt
Description:
By sending trigger packets to the management port (280/http-mgmt) of a Siemens Santis 50 wireless router, the device freezes the web interface and allows unauthenticated access to the telnet CLI.
Author:Luca Carettoni
File Size:4612
Last Modified:Jul 28 07:51:16 2005
MD5 Checksum:542df31af7cbf3ce01745403d2ca6cd4

 ///  File Name: gforgeXSS.txt
Description:
GForge version 4.5 is susceptible to multiple cross site scripting vulnerabilities.
Author:Joxean Koret
File Size:4470
Last Modified:Aug 5 06:56:51 2005
MD5 Checksum:7c50c2216c8acfa27145c82dee23fc73

 ///  File Name: simplephpBlog040.txt
Description:
SimplePHPBlog 0.4.0 suffers from a remote password hash disclosure vulnerability due to the password file for the system being downloaded and in the webroot.
Author:pjphem, LazyCrs
File Size:4227
Last Modified:Jul 8 09:09:21 2005
MD5 Checksum:2ab4c73dd001c1f85a161ba3262f1408

 ///  File Name: druppy461.pl.txt
Description:
Exploit that makes use of a PHP injection vulnerability in Drupal.
Author:dab
File Size:4145
Last Modified:Jul 7 10:08:59 2005
MD5 Checksum:81951daa3052f541a863856b7b3dc803

 ///  File Name: multihtml.c.exploit.txt
Description:
The multihtml.c exploit from r00tabega suffers from a format string vulnerability.
Homepage:http://potkettle.net
File Size:4078
Last Modified:Jul 1 07:21:21 2005
MD5 Checksum:43651182da596a64ec6e9807431a4710

 ///  File Name: mysqlEventum.txt
Description:
MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.
Author:James Bercegay
Homepage:http://www.gulftech.org
Related Exploit:eventum.pl.txt"
File Size:4063
Last Modified:Aug 5 07:55:59 2005
MD5 Checksum:c8b779ab6b2e1864f7cb003b1be9e023

 ///  File Name: Greasemonkey.txt
Description:
Greasemonkey Firefox extension arbitrary file disclosure exploit.
Author:Mark Pilgrim
File Size:4042
Last Modified:Jul 21 08:41:06 2005
MD5 Checksum:0b330270ab58f2f33d90e60ed1baee82

 ///  File Name: pear130.txt
Description:
PEAR XML_RPC is vulnerable to a very high risk PHP code injection vulnerability due to unsanitized data being passed into an eval() call. Versions 1.3.0 and below are affected.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3934
Last Modified:Jul 2 01:35:45 2005
MD5 Checksum:4f028a69b6014e640b03edd28e8da86d

 ///  File Name: kayakoBad.txt
Description:
Kayako liveResponse versions 2.x suffer from cross site scripting, SQL injection, script insertion, and other vulnerabilities.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3929
Last Modified:Aug 5 07:48:34 2005
MD5 Checksum:d12783db84eb4ba42f09805d1c50be4b

 ///  File Name: c050503-001.txt
Description:
Corsaire Security Advisory - The SAP Internet Graphics Server versions below 6.40 Patch 11 are susceptible to a directory traversal attack.
Author:Martin O'Neal
Homepage:http://www.corsaire.com
File Size:3661
Related CVE(s):CAN-2005-1691
Last Modified:Jul 28 07:44:26 2005
MD5 Checksum:c57f7857ee66e0891ff0c3c753f36c95

 ///  File Name: r57xoops.pl
Description:
Remote SQL injection exploit for xmlrpc.php that makes use of Xoops versions 2.0.11 and below.
Author:1dt.w0lf
Homepage:http://rst.void.ru
File Size:3652
Last Modified:Jul 7 09:26:59 2005
MD5 Checksum:5637d751a81db26e75464412b59ea4fa

 ///  File Name: pc26sql.txt
Description:
Product Cart 2.6 is susceptible to a SQL injection attack.
Author:Zinho
Homepage:http://www.hackerscenter.com/
File Size:3608
Last Modified:Jul 28 19:02:24 2005
MD5 Checksum:cef1d8f6a210a35f96070664dacd3f5e

 ///  File Name: gnats.txt
Description:
GNATS, the GNU problem report management system, allows attackers to overwrite any files when installed setuid root. Versions 4.1.0 and 4.0 are confirmed vulnerable.
Author:pi3ki31ny
Homepage:http://www.pi3.int.pl
File Size:3254
Last Modified:Jul 7 15:47:58 2005
MD5 Checksum:63e55fb92ffc90fb49366dcd2157f1fc

 ///  File Name: phpfreenews.html
Description:
PHPFreeNews versions 1.32 and below are susceptible to SQL injection, login bypass, and cross site scripting attacks.
Author:rgod
Homepage:http://rgod.altervista.org/
File Size:3176
Last Modified:Aug 5 07:13:13 2005
MD5 Checksum:48c666e16e02b14265a50e344fa2a745

 ///  File Name: cleverNotSo.txt
Description:
Clever Copy suffers from multiple cross site scripting and path disclosure flaws. Versions 2.0 and 2.0a are affected.
Author:Lostmon
File Size:3097
Last Modified:Jul 28 08:57:30 2005
MD5 Checksum:7e31b64773a60d4db45f35bab4fa8e73

 ///  File Name: atmailXSS.txt
Description:
@Mail 4.03 WebMail for Windows and 4.11 for Unix variants suffers from multiple cross site scripting flaws. Detailed exploitation provided.
Author:Lostmon
File Size:3067
Last Modified:Jul 28 19:01:12 2005
MD5 Checksum:3cd06324574d1aef55b883431ef25f49

 ///  File Name: Easyxp41.txt
Description:
Easyxp41 suffers from multiple cross site scripting and data disclosure flaws. An excessive amount of detailed exploitation is provided.
Author:FalconDeOro
File Size:3043
Last Modified:Aug 5 07:46:25 2005
MD5 Checksum:2895b06398aa7518a481acc5a04b9899

 ///  File Name: DMA-2005-0712b.txt
Description:
Nokia Affix Bluetooth btsrv/btobex makes poor use of system() allowing for remote command execution as root.
Author:Kevin Finisterre
File Size:2895
Last Modified:Jul 13 08:39:54 2005
MD5 Checksum:b67ea83126035bcc43724c4785e998d3

 ///  File Name: HPRadiaManagement.txt
Description:
NGSSoftware Insight Security Research Advisory - HP OpenView Radia Management Portal versions 2.x and 1.x running the Radia Management Agent suffer from a remote command execution flaw via a directory traversal. By connecting to the TCP port and sending a crafted packet, it is possible to traverse out of C:\Program Files\Novadigm and run any executable that is located on the same logical disk partition.
Author:David Morgan, Dominic Beecher
Homepage:http://www.ngssoftware.com
File Size:2727
Last Modified:Jul 28 18:59:55 2005
MD5 Checksum:746992e1a974b65a8b4f2abc6eab9a03

 ///  File Name: pearxmlrpc.pl.txt
Description:
Pear XML-RPC Library 1.3.0 remote PHP code execution exploit.
File Size:2686
Last Modified:Jul 7 09:13:15 2005
MD5 Checksum:978fb4153547584645cc895a7c8598d6

 ///  File Name: dosPlanet.txt
Description:
PlanetFileServer version 2.0.1.3 is susceptible to a denial of service attack that causes the server to crash. Exploit provided.
Author:fRoGGz, SecuBox Labs
File Size:2633
Last Modified:Jul 7 09:57:11 2005
MD5 Checksum:266810817f0afeceb334e20eb179f510

 ///  File Name: xmlrpcGeneric.txt
Description:
Basic XMLRPC exploit written for Metasploit.
Author:peasant
File Size:2597
Last Modified:Jul 13 08:40:49 2005
MD5 Checksum:8d3074f1510918dfea2f402a421c43f9

 ///  File Name: xmlrpcAnti.pl.txt
Description:
XMLRPC remote command execution exploit. Original flaw discovered by the people at gulftech.org.
Author:dukenn
Homepage:http://asteam.org
File Size:2550
Last Modified:Jul 7 09:47:27 2005
MD5 Checksum:31d402a21fca21b53f7c2c8d3d2c50b8

 ///  File Name: bmforumXSS.txt
Description:
BMForum Datium! 3.0 RC1-4, Plus! 3.0 RC1-4, Plus! 2.6.1, and PlusMX 3.0.0.5 all suffer from multiple cross site scripting flaws.
Author:Lostmon
File Size:2547
Last Modified:Jul 28 08:56:04 2005
MD5 Checksum:ea70bf5ccd6f398a6c4cdb84fdca4c28