Section:  .. / 1002-exploits  /

Page 3 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 50 - 75 of 396
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: wikyblog-rfishellxss.txt
Description:
WikyBlog version 1.7.3rc2 suffers from shell upload, cross site scripting, cookie manipulation, session fixation, and remote file inclusion vulnerabilities.
Author:indoushka
File Size:4263
Last Modified:Feb 25 00:41:35 2010
MD5 Checksum:3dde7809ab7fd5d926ab77cbf305ac16

 ///  File Name: ots100047-overflow.txt
Description:
OtsTurntables Free version 1.00.047 universal buffer overflow exploit that creates a malicious .olf file and binds a shell to port 4444.
Author:mr_me
File Size:4090
Last Modified:Feb 16 16:57:55 2010
MD5 Checksum:e64dcdad33b1610e958a6b302c0e83bb

 ///  File Name: dxstudio_player_exec.rb.txt
Description:
This Metasploit module exploits a command execution vulnerability within the DX Studio Player from Worldweaver. The player is a browser plugin for IE (ActiveX) and Firefox (dll). When an unsuspecting user visits a web page referring to a specially crafted .dxstudio document, an attacker can execute arbitrary commands. Testing was conducted using plugin version 3.0.29.0 for Firefox 2.0.0.20 and IE 6 on Windows XP SP3. In IE, the user will be prompted if they wish to allow the plug-in to access local files. This prompt appears to occur only once per server host. NOTE: This exploit uses additionally dangerous script features to write to local files!
Author:jduck
Homepage:http://www.metasploit.com
File Size:3980
Related OSVDB(s):54969
Related CVE(s):CVE-2009-2011
Last Modified:Feb 17 18:42:40 2010
MD5 Checksum:a5e34c10bb1819af3e1f8e7223de5072

 ///  File Name: qihoo360-escalate.txt
Description:
Qihoo 360 Security Guard version 6.1.5.1009 suffers from a local privilege escalation vulnerability.
File Size:3950
Last Modified:Feb 2 16:38:47 2010
MD5 Checksum:2bcb528c5dbc6138d7e93e57063b4c6c

 ///  File Name: vlc_smb_uri.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in the Win32AddConnection function of the VideoLAN VLC media player. Versions 0.9.9 throught 1.0.1 are reportedly affected. This vulnerability is only present in Win32 builds of VLC. This payload was found to work with the windows/exec and windows/meterpreter/reverse_tcp payloads. However, the windows/meterpreter/reverse_ord_tcp was found not to work.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3908
Related OSVDB(s):55509
Related CVE(s):CVE-2009-2494
Last Modified:Feb 15 17:09:31 2010
MD5 Checksum:02c364203a4d1094c2b1e9c21f293ef3

 ///  File Name: elcms-sql.txt
Description:
Entry Level CMS suffers from a remote SQL injection vulnerability.
Author:HaMaDa SCoOoRPioN
File Size:3899
Last Modified:Feb 23 02:14:35 2010
MD5 Checksum:33cacbf378ae508c3e1d5aa615d71be3

 ///  File Name: hyleoschemview-heap.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow within HyleosChemView.ocx of Hyleos ChemView 1.9.5.1. By setting an overly long value to 'SaveAsMolFile()', an attacker can overrun a buffer and execute arbitrary code.
Author:Dz_attacker
Homepage:http://www.metasploit.com
File Size:3888
Last Modified:Feb 12 02:24:20 2010
MD5 Checksum:1527e6a3da9b43249f002a2e8f3edcb6

 ///  File Name: deepburner_path.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in versions 1.9.0.228, 1.8.0, and possibly other versions of AstonSoft's DeepBurner (Pro, Lite, etc). An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded DBR file within a browser, since the DBR extension is registered to DeepBurner.
Author:Expanders,fl0 fl0w
Homepage:http://www.metasploit.com
File Size:3874
Related OSVDB(s):32356
Related CVE(s):CVE-2006-6665
Last Modified:Feb 5 18:58:19 2010
MD5 Checksum:35c9773dc0a7fa04a697d0a53ee89484

 ///  File Name: coppermine_piceditor.rb.txt
Description:
This Metasploit module exploits a vulnerability in the picEditor.php script of Coppermine Photo Gallery. When configured to use the ImageMagick library, the 'quality', 'angle', and 'clipval' parameters are not properly escaped before being passed. NOTE: Use of the ImageMagick library is a non-default option. However, a user can specify its use at installation time.
Author:Janek Vind aka waraxe
Homepage:http://www.metasploit.com
File Size:3842
Related OSVDB(s):41676
Related CVE(s):CVE-2008-0506
Last Modified:Feb 20 14:41:10 2010
MD5 Checksum:348630ab822d73fca3d6902525794666

 ///  File Name: tomcat_mgr_deploy.rb.txt
Description:
This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3822
Related OSVDB(s):60317
Related CVE(s):CVE-2009-3843
Last Modified:Feb 18 20:47:27 2010
MD5 Checksum:d73ec93fdbad878f033e319661b1c7c1

 ///  File Name: tinymce-sqlxss.txt
Description:
TinyMCE suffers from cross site scripting and SQL injection vulnerabilities.
Author:mc2_s3lector
File Size:3808
Last Modified:Feb 8 18:40:13 2010
MD5 Checksum:b070a6c1bde1b062131fc4fd656a5231

 ///  File Name: shortcms-sql.txt
Description:
ShortCMS version 1.2.0 suffers from a remote SQL injection vulnerability.
Author:Thibow
File Size:3797
Last Modified:Feb 15 17:04:09 2010
MD5 Checksum:6a452007642bb025c7c79e833c7fe1fd

 ///  File Name: wpurl-bypass.txt
Description:
WordPress versions 2.9 and above suffer from a failure to restrict URL access.
Author:Ryan Dewhurst,Tom Mackenzie
File Size:3787
Last Modified:Feb 15 14:41:25 2010
MD5 Checksum:0419438e3dc87cd2be7c4658cd254a98

 ///  File Name: twiki_history.rb.txt
Description:
This Metasploit module exploits a vulnerability in the history component of TWiki. By passing a 'rev' parameter containing shell metacharacters to the TWikiUsers script, an attacker can execute arbitrary OS commands.
Author:B4dP4nd4
Homepage:http://www.metasploit.com
File Size:3756
Related OSVDB(s):19403
Related CVE(s):CVE-2005-2877
Last Modified:Feb 23 01:14:09 2010
MD5 Checksum:2484d1f845372d8b4a4a3cc3df399f1e

 ///  File Name: phpsessionsavepath-bypass.txt
Description:
PHP versions 5.2.12 and 5.3.1 suffer from session.save_path safe_mode and open_basedir bypass vulnerabilities.
Author:Grzegorz Stachowiak
Homepage:http://securityreason.com/
File Size:3750
Last Modified:Feb 12 01:33:19 2010
MD5 Checksum:43a18fee0c45ef20bd66b0e25a68417b

 ///  File Name: tinypug-xssxsrf.txt
Description:
Tinypug versions 0.9.5 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
Author:AmnPardaz Security Research Team
Homepage:http://www.bugreport.ir/
File Size:3737
Last Modified:Feb 2 22:35:40 2010
MD5 Checksum:b8c60769140bdf00721a83b2b7365ee9

 ///  File Name: drupaltwitter-disclose.txt
Description:
Drupal 6.15 with Twitter module version 6.x-2.6 suffers from a clear text credential storage vulnerability.
Author:Justin C. Klein Keane
File Size:3679
Last Modified:Feb 16 14:16:58 2010
MD5 Checksum:28a374e9b98cc401707c02f28353cf71

 ///  File Name: jdownloader-exec.txt
Description:
JDownloader versions below 2010-01-25 with Click n Load 2 support suffer from a code execution vulnerability. Proof of concept included.
Author:apoc
Homepage:http://apoc.sixserv.org/
File Size:3673
Last Modified:Feb 8 20:28:00 2010
MD5 Checksum:f02e18d147b9e1dfcc34e8cf5cfa5186

 ///  File Name: twiki_search.rb.txt
Description:
This Metasploit module exploits a vulnerability in the search component of TWiki. By passing a 'search' parameter containing shell metacharacters to the 'WebSearch' script, an attacker can execute arbitrary OS commands.
Homepage:http://www.metasploit.com
File Size:3671
Related OSVDB(s):11714
Related CVE(s):CVE-2004-1037
Last Modified:Feb 23 01:14:32 2010
MD5 Checksum:8a1c0adb616767083eb6ecbd1589827c

 ///  File Name: novelliprint_target-frame.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3666
Related OSVDB(s):60803
Related CVE(s):CVE-2009-1568
Last Modified:Feb 5 19:05:37 2010
MD5 Checksum:ed7494832b423837a82986e57fc24d46

 ///  File Name: novelliprint_target_frame.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3666
Related OSVDB(s):60803
Related CVE(s):CVE-2009-1568
Last Modified:Feb 23 19:30:09 2010
MD5 Checksum:3c93b9922ed66b323be31f7349ec51d0

 ///  File Name: iis_webdav_upload_asp.rb.txt
Description:
This Metasploit module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script using a WebDAV PUT request.
Homepage:http://www.metasploit.com
File Size:3629
Related OSVDB(s):397
Last Modified:Feb 9 21:12:45 2010
MD5 Checksum:82c7cccc401998d74c7ac1163e6b8cca

 ///  File Name: novelliprint_datetime.rb.txt
Description:
This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3605
Related OSVDB(s):60804
Related CVE(s):CVE-2009-1569
Last Modified:Feb 5 19:05:53 2010
MD5 Checksum:1baa5f1892dc7e563aacd2917138431b

 ///  File Name: sambar6_search_results.rb.txt
Description:
This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only changes made were to the nops and payload. This exploit causes the service to die, whether you provided the correct target or not.
Author:Andrew Griffiths,H D Moore,patrick
Homepage:http://www.metasploit.com
File Size:3465
Related OSVDB(s):5786
Related CVE(s):CVE-2004-2086
Last Modified:Feb 15 17:10:32 2010
MD5 Checksum:2dde7f15d5178a785d5c0f1b9e726fd5

 ///  File Name: vbulletin402-xss.txt
Description:
vBulletin version 4.0.2 suffers from a cross site scripting vulnerability.
Author:indoushka
File Size:3428
Last Modified:Feb 20 13:54:26 2010
MD5 Checksum:36a5005ae53eb8772ae6e2a6f1192a52