Section:  .. / 1002-exploits  /

Page 3 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 50 - 75 of 396
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: cmsmadesimple-lfixss.txt
Description:
CMSMadeSimple version 1.6.6 suffers from cross site scripting and local file inclusion vulnerabilities.
Author:Beenu Arora
File Size:1780
Last Modified:Feb 12 15:57:14 2010
MD5 Checksum:d896c727049f245a6d704b63b4cd0e11

 ///  File Name: codeigniter-rfi.txt
Description:
CodeIgniter version 1.0 suffers from a remote file inclusion vulnerability.
Author:eidelweiss
File Size:1692
Last Modified:Feb 15 15:27:37 2010
MD5 Checksum:e42b281f07784839e5c718b222adc869

 ///  File Name: coffienet-bypass.txt
Description:
CoffieNet CMS suffers from a direct access administrative bypass vulnerability.
Author:indoushka
File Size:1935
Last Modified:Feb 15 18:03:49 2010
MD5 Checksum:c62cd508fb14111e6ee10c9abb07932e

 ///  File Name: comptelinstantlink-xss.txt
Description:
The Comptel InstantLink system suffers from a cross site scripting vulnerability.
Author:thebluegenius
File Size:1366
Last Modified:Feb 26 14:05:50 2010
MD5 Checksum:4e59a6d642da4b0d3b730c8ef9f437dd

 ///  File Name: coppermine_piceditor.rb.txt
Description:
This Metasploit module exploits a vulnerability in the picEditor.php script of Coppermine Photo Gallery. When configured to use the ImageMagick library, the 'quality', 'angle', and 'clipval' parameters are not properly escaped before being passed. NOTE: Use of the ImageMagick library is a non-default option. However, a user can specify its use at installation time.
Author:Janek Vind aka waraxe
Homepage:http://www.metasploit.com
File Size:3842
Related OSVDB(s):41676
Related CVE(s):CVE-2008-0506
Last Modified:Feb 20 14:41:10 2010
MD5 Checksum:348630ab822d73fca3d6902525794666

 ///  File Name: CORE-2009-0625.txt
Description:
Core Security Technologies Advisory - This advisory describes two vulnerabilities that provide access to any file stored in on a user's desktop system if it is running a vulnerable version of Internet Explorer. These vulnerabilities can be used in attacks combined with a number of insecure features of Internet Explorer to provide remote access to locally stored files without the need for any further action from the victim after visiting a website controlled by the attacker.
Author:Core Security Technologies,Federico Muttis,Jorge Luis Alvarez Medina
Homepage:http://www.coresecurity.com/corelabs/
File Size:18432
Related CVE(s):CVE-2010-0255
Last Modified:Feb 4 02:20:01 2010
MD5 Checksum:36320648119fe6322abfd8ce8887f87e

 ///  File Name: CORE-2010-0104.txt
Description:
Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a result, an attacker can remove the firewall and load a kernel module, allowing root access to the appliance. It also can be used as a non-persistent XSS.
Author:Adrian Manrique,Aureliano Calvo,Core Security Technologies
Homepage:http://www.coresecurity.com/corelabs/
File Size:10300
Related CVE(s):CVE-2010-0368, CVE-2010-0369
Last Modified:Feb 5 19:16:11 2010
MD5 Checksum:92cacafd80234bf0eb614d89411c5edb

 ///  File Name: CORE-2010-0106.txt
Description:
Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.
Author:Core Security Technologies
Homepage:http://www.coresecurity.com/corelabs/
File Size:7791
Related CVE(s):CVE-2010-0440
Last Modified:Feb 1 20:45:49 2010
MD5 Checksum:43bf3b5f149665627a5281e53af94e5a

 ///  File Name: CORE-2010-0121.txt
Description:
Core Security Technologies Advisory - This advisory describes multiple vulnerabilities based on quirks in how Windows handles file names. Nginx, Cherokee, Mongoose, and LightTPD webservers suffer from related vulnerabilities. Details are provided.
Author:Core Security Technologies,Dan Crowley
Homepage:http://www.coresecurity.com/corelabs/
File Size:16509
Last Modified:Feb 5 20:42:15 2010
MD5 Checksum:8e5f421a8e3147938908dd4d9a608315

 ///  File Name: coreftp.py.txt
Description:
CoreFTP version 2.1 b1637 password field universal buffer overflow exploit.
Author:corelanc0d3r,mr_me
File Size:5472
Last Modified:Feb 2 16:32:02 2010
MD5 Checksum:41a135ea6e8049a11c9d8ec050efe027

 ///  File Name: coreimpact-dos.txt
Description:
Core Impact version 7.5 denial of service exploit.
Author:Beenu Arora
Homepage:http://www.beenuarora.com/
File Size:5333
Last Modified:Feb 12 01:16:07 2010
MD5 Checksum:45f8e65d67bc9a66b88a0fc46dc7c1dc

 ///  File Name: corelan-10-008-evalmsi.txt
Description:
Evalsmsi version 2.1.03 suffers from authentication bypass, cross site scripting and remote SQL injection vulnerabilities.
Author:corelanc0d3r
File Size:4546
Last Modified:Feb 5 18:25:42 2010
MD5 Checksum:4e7f78c58e5eef2a0cf77410c4835a99

 ///  File Name: corelan-10-009-ipswitch-imail.txt
Description:
Ipswitch IMail server version 11.01 suffers from a reversible encryption vulnerability.
Author:sinn3r
File Size:6623
Last Modified:Feb 5 18:28:00 2010
MD5 Checksum:c0af0f3102545f2df46f09690d825db9

 ///  File Name: CORELAN-10-010.txt
Description:
GeFest Web HomeServer version 1.0 suffers from a directory traversal vulnerability.
Author:MarkoT
Homepage:http://www.corelan.be/
File Size:2801
Last Modified:Feb 8 20:43:57 2010
MD5 Checksum:0e7f9fafc9f7fcb06b0568d00318a9a8

 ///  File Name: coupons-bypass.txt
Description:
Coupons suffers from a direct access administrative bypass vulnerability.
Author:indoushka
File Size:1763
Last Modified:Feb 20 13:47:23 2010
MD5 Checksum:5887f82eafb23b35b11b2de6d5e62b05

 ///  File Name: cpanel-xsrf.tgz
Description:
cPanel suffers from multiple cross site request forgery vulnerabilities.
Author:SecurityRules
Homepage:http://sec-r1z.com/
File Size:1380
Last Modified:Feb 23 01:20:29 2010
MD5 Checksum:dc962d229e8eab1a4a68fb5e51559edd

 ///  File Name: croogo-xsrf.txt
Description:
Croogo version 1.2.1 suffers from a cross site request forgery vulnerability.
Author:Milos Zivanovic
File Size:2460
Last Modified:Feb 8 17:39:40 2010
MD5 Checksum:f52707b51eba2f300845199d785ba7b4

 ///  File Name: cubecartindex-sql.txt
Description:
CubeCart suffers from a remote SQL injection vulnerability.
Author:AtT4CKxT3rR0r1ST
File Size:941
Last Modified:Feb 18 21:23:18 2010
MD5 Checksum:fb74314baf44c6f9b0ffc3fb5150e4f8

 ///  File Name: cve-2010-0453.c
Description:
This is a denial of service (kernel panic) proof of concept exploit for the UCODE_GET_VERSION ioctl NULL pointer dereference vulnerability on Solaris / OpenSolaris.
Author:Tobias Klein
Homepage:http://www.trapkit.de/
Related File:TKADV2010-001.txt
File Size:1671
Related CVE(s):CVE-2010-0453
Last Modified:Feb 8 19:59:42 2010
MD5 Checksum:2a0447bcfa866c531eb52571f1f41998

 ///  File Name: cybershadecms-insecure.txt
Description:
Cybershade CMS version 0.2b suffers from a session hijacking vulnerability.
Author:JosS
Homepage:http://www.spanish-hackers.com/
File Size:4390
Last Modified:Feb 26 14:16:37 2010
MD5 Checksum:5ce2049ea26b2667d01fde43abb66140

 ///  File Name: dachooch-sql.txt
Description:
Dachooch suffers from a remote SQL injection vulnerability.
Author:Snakespc
File Size:872
Last Modified:Feb 12 17:51:04 2010
MD5 Checksum:c4e0d3588005cd860401af7351a5286d

 ///  File Name: damailinglist-sqldisclose.txt
Description:
DA Mailing List version 2 suffers from remote SQL injection and database disclosure vulnerabilities.
Author:Phenom
File Size:2943
Last Modified:Feb 8 19:29:55 2010
MD5 Checksum:788ce3a808958d671ddad91b8303fb9d

 ///  File Name: deepburner.c
Description:
Deepburner Pro version 1.9.0.228 dbr file universal buffer overflow exploit.
Author:fl0 fl0w
File Size:16371
Last Modified:Feb 2 22:19:33 2010
MD5 Checksum:3947416e25068b90cb387e048c42cebe

 ///  File Name: deepburner_path.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in versions 1.9.0.228, 1.8.0, and possibly other versions of AstonSoft's DeepBurner (Pro, Lite, etc). An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded DBR file within a browser, since the DBR extension is registered to DeepBurner.
Author:Expanders,fl0 fl0w
Homepage:http://www.metasploit.com
File Size:3874
Related OSVDB(s):32356
Related CVE(s):CVE-2006-6665
Last Modified:Feb 5 18:58:19 2010
MD5 Checksum:35c9773dc0a7fa04a697d0a53ee89484

 ///  File Name: digitalampmp3-dos.txt
Description:
Digital Amp MP3 version 3.1 local crash proof of concept exploit.
Author:SkuLL-HacKeR
File Size:521
Last Modified:Feb 4 01:06:05 2010
MD5 Checksum:4f9a3b88e0975b5ba45f99cb81a7b8d3