Section:  .. / 1002-exploits  /

Page 16 of 16
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 >> Files 375 - 396 of 396
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: webadministratorlite-sql.txt
Description:
WebAdministrator Lite CMS suffers from a remote SQL injection vulnerability.
Author:Ariko-Security
File Size:1174
Last Modified:Feb 26 13:29:21 2010
MD5 Checksum:5d6c72289d8abe0f322f9839127b6a0b

 ///  File Name: webnetsolutions-sql.txt
Description:
Web-Net Solutions CMS suffers from remote SQL injection vulnerabilities.
Author:t@nzo0n
File Size:409
Last Modified:Feb 16 17:07:31 2010
MD5 Checksum:029bce125cb1ed1bfb45902e29475b04

 ///  File Name: wikyblog-rfishellxss.txt
Description:
WikyBlog version 1.7.3rc2 suffers from shell upload, cross site scripting, cookie manipulation, session fixation, and remote file inclusion vulnerabilities.
Author:indoushka
File Size:4263
Last Modified:Feb 25 00:41:35 2010
MD5 Checksum:3dde7809ab7fd5d926ab77cbf305ac16

 ///  File Name: wireshark_lwres_getaddrbyname.rb.tx..>
Description:
The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue.
Author:babi,jduck
Homepage:http://www.metasploit.com
File Size:7491
Related OSVDB(s):61987
Related CVE(s):CVE-2010-0304
Last Modified:Feb 5 18:57:03 2010
MD5 Checksum:40cfc04732b379ed5f4261da9cf95bf6

 ///  File Name: wireshark_lwres_getaddrbyname_loop...>
Description:
The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue. This version loops, sending the packet every X seconds until the job is killed.
Author:babi,jduck
Homepage:http://www.metasploit.com
File Size:8189
Related OSVDB(s):61987
Related CVE(s):CVE-2010-0304
Last Modified:Feb 12 02:22:27 2010
MD5 Checksum:fefa56761067c379f074cba485e83adc

 ///  File Name: wiresharklwres-overflow.txt
Description:
Wireshark version 1.2.5 LWRES getaddrbyname stack buffer overflow exploit that spawns calc.exe.suffers from a buffer overflow vulnerability.
Author:Nullthreat,Pure
File Size:2261
Last Modified:Feb 15 17:16:11 2010
MD5 Checksum:a71296a0fdbe0f9c5871b0d179bdb5af

 ///  File Name: wmp11-overflow.txt
Description:
Windows Media Player version 11.0.5721.5145 buffer overflow exploit that creates a malicious .mpg file.
Author:cr4wl3r
File Size:1147
Last Modified:Feb 23 02:32:36 2010
MD5 Checksum:51ba7454392661870435cca35f0476cc

 ///  File Name: worksimple-shelldisclose.txt
Description:
WorkSimple version 1.3.2 suffers from shell upload and password disclosure vulnerabilities.
Author:jiko
File Size:1173
Last Modified:Feb 23 19:57:18 2010
MD5 Checksum:d38d53d528630b4017c6966ed9ca47c9

 ///  File Name: wpcopperleaf-sql.txt
Description:
WordPress Copperleaf Photolog version 0.16 suffers from a remote SQL injection vulnerability.
Author:kaMtiEz
Homepage:http://www.indonesiancoder.com/
File Size:2235
Last Modified:Feb 15 17:34:09 2010
MD5 Checksum:1a285b0103c6638503dd3b3a0009834b

 ///  File Name: wpurl-bypass.txt
Description:
WordPress versions 2.9 and above suffer from a failure to restrict URL access.
Author:Ryan Dewhurst,Tom Mackenzie
File Size:3787
Last Modified:Feb 15 14:41:25 2010
MD5 Checksum:0419438e3dc87cd2be7c4658cd254a98

 ///  File Name: wsccms-sql.txt
Description:
WSC CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Author:Phenom
File Size:1387
Last Modified:Feb 20 13:17:59 2010
MD5 Checksum:8e0d13e098b3311e67ede3b4f67af506

 ///  File Name: wsnguest102-sql.txt
Description:
WSN Guest version 1.02 suffers from a remote SQL injection vulnerability.
Author:Gamoscu
File Size:774
Last Modified:Feb 15 14:50:37 2010
MD5 Checksum:f7ecc4cee0a76ef98f1a14ccfcffb253

 ///  File Name: wsnguestdb-disclose.txt
Description:
WSN Guest Database appears to suffer from a database disclosure vulnerability.
Author:HackXBack
File Size:584
Last Modified:Feb 8 20:43:06 2010
MD5 Checksum:495339c224d0283cb54de303975d36cf

 ///  File Name: xcartpro-sql.txt
Description:
X-Cart Pro version 4.0.13 suffers from a remote SQL injection vulnerability.
Author:sasquatch
File Size:2730
Last Modified:Feb 12 01:50:05 2010
MD5 Checksum:c5f571ef8b2c041be30ae79221d59075

 ///  File Name: xlite-wav.py.txt
Description:
X-Lite SIP version 3 memory corruption heap overflow exploit that creates a malicious .wav file.
Author:TecR0c
File Size:1005
Last Modified:Feb 8 17:33:49 2010
MD5 Checksum:192049c6b120ca1fdc5385359ad2c434

 ///  File Name: yarahosting-sql.txt
Description:
Yara Hosting suffers from a remote SQL injection vulnerability.
Author:Meister,Quimo
File Size:817
Last Modified:Feb 5 17:47:45 2010
MD5 Checksum:ed3098fbc007515fddd6d5bdbc3a4c40

 ///  File Name: yessolutions-sql.txt
Description:
Yes Solutions suffers from a remote SQL injection vulnerability.
Author:HackXBack
File Size:1445
Last Modified:Feb 9 18:06:48 2010
MD5 Checksum:2a903b9d93e0cef07ce50f2537447b93

 ///  File Name: zblog-disclose.txt
Description:
Z-Blog suffers from a database disclosure vulnerability.
Author:SkuLL-HacKeR
File Size:1106
Last Modified:Feb 16 14:13:07 2010
MD5 Checksum:ff620f7cf545cc36ecf8e9002a42adc2

 ///  File Name: zentracking-sql.txt
Description:
Zen Tracking versions 2.2 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
Author:cr4wl3r
File Size:954
Last Modified:Feb 8 19:48:37 2010
MD5 Checksum:2a32fa6d979a15dfb5330ad321d9c3ba

 ///  File Name: zeus-lfidisclose.txt
Description:
ZeusCMS version 0.2 suffers from backup related and local file inclusion vulnerabilities.
Author:ViRuSMaN
File Size:1872
Last Modified:Feb 15 14:46:48 2010
MD5 Checksum:31bb4b366d91924688f7ee08b05f2e1b

 ///  File Name: zomorrodcms-sql.txt
Description:
Zomorrod CMS suffers from a remote SQL injection vulnerability.
Author:Pouya Daneshmand
File Size:660
Last Modified:Feb 9 19:52:54 2010
MD5 Checksum:d5df107229e6ab942a1a4c035810ea2e