Section:  .. / 1003-exploits  /

Page 16 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 375 - 400 of 424
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: sparta-xss.txt
Description:
The Sparta Systems TrackWise TeamAccess module suffers from a cross site scripting vulnerability.
Author:Yaniv Miron
File Size:1740
Last Modified:Mar 2 21:15:25 2010
MD5 Checksum:8ca2d27ef0659a7c440bb17b0fd75f8f

 ///  File Name: springsourcehyperic-xss.txt
Description:
SpringSource Hyperic HQ suffers from multiple stored cross site scripting vulnerability.
Author:SpringSource Security Team
File Size:2346
Related CVE(s):CVE-2009-2907
Last Modified:Mar 23 19:36:49 2010
MD5 Checksum:a75883b5f860fc0f859902c571f61ece

 ///  File Name: stack-lfi.txt
Description:
Stack version 1.1 suffers from a local file inclusion vulnerability.
Author:R3VAN_BASTARD
File Size:1106
Last Modified:Mar 22 18:35:49 2010
MD5 Checksum:8668628905227ce7b75885a37e548eca

 ///  File Name: stats-poc.py.txt
Description:
Media Player Classic StatsReader stack buffer overflow proof of concept exploit that creates a malicious .stats file.
Author:Itsecteam
File Size:1086
Last Modified:Mar 12 18:03:53 2010
MD5 Checksum:23fb69200d1764e5d964d003d94d447d

 ///  File Name: stud_pe.py.txt
Description:
Stud_PE versions 2.6.05 and below stack overflow proof of concept exploit.
Author:zha0
File Size:10153
Last Modified:Mar 28 18:38:36 2010
MD5 Checksum:99884063743004e77704c4a3ef64411a

 ///  File Name: subdreamer-upload.txt
Description:
Subdreamer CMS version 3.0.1 suffers from an arbitrary file upload vulnerability.
Author:indoushka
File Size:1982
Last Modified:Mar 15 22:51:20 2010
MD5 Checksum:ff371a3a2960d4b3bf18321c42fe8cdf

 ///  File Name: sudoedit-escalate.txt
Description:
Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.
Author:Kingcope
File Size:461
Last Modified:Mar 3 15:58:30 2010
MD5 Checksum:60d786b17fad28be13d0a0d2dab5ae2c

 ///  File Name: sugarcrm-xss.txt
Description:
SugarCRM versions prior to 5.5.0a and 5.2.0l suffer from a cross site scripting vulnerability.
Author:Jeromie Jackson
File Size:2111
Related CVE(s):CVE-2010-0465
Last Modified:Mar 16 19:41:43 2010
MD5 Checksum:65028fdd56e01094100a9af2f5680c25

 ///  File Name: sunjava-xsrf.txt
Description:
Sun Java System Communications Express suffers from a cross site request forgery vulnerability.
Author:Edgard Chammas
File Size:2024
Last Modified:Mar 15 16:32:21 2010
MD5 Checksum:91c2be7e959dc2e9197ec90378b16180

 ///  File Name: super-vulns.tgz
Description:
SUPERAntiSpyware and Super Ad Blocker have almost identical device drivers in order to set up hooks and perform other duties from kernel space. These device drivers suffer from lack of validation of parameters passed from user mode. Additionally, some of the functions accessible from user mode are inherently insecure and lead to easy privilege escalation. All vulnerabilities are applicable to both applications. Proof of concept code included with full advisory.
Author:Luka Milkovic
File Size:33557
Last Modified:Mar 10 21:30:19 2010
MD5 Checksum:3170b366c6223e86743528719242746a

 ///  File Name: swingette-dos.txt
Description:
Swingette version 1.1 buffer overflow denial of service exploit that creates a malicious .mp3 file.
Author:cr4wl3r
File Size:3102
Last Modified:Mar 16 00:22:33 2010
MD5 Checksum:1eef33283d881afdf0885f51df41ca63

 ///  File Name: topdownloadmp3-dos.txt
Description:
TopDownloads MP3 Player version 1.0 crash exploit that creates a malicious .m3u file.
Author:l3D
File Size:295
Last Modified:Mar 8 15:48:44 2010
MD5 Checksum:147839fea06f877a9bc57766373c2860

 ///  File Name: torrenthoster-shellxss.txt
Description:
Torrent Hoster suffers from cross site scripting and shell upload vulnerabilities.
Author:El-Kahina
File Size:1993
Last Modified:Mar 15 22:56:32 2010
MD5 Checksum:6728da522ea89ad62f28da2d3d152f08

 ///  File Name: tpop3d-dos.txt
Description:
tPop3d version 1.5.3 suffers from a denial of service vulnerability.
Author:OrderZero
File Size:1123
Last Modified:Mar 28 15:12:30 2010
MD5 Checksum:3cec2d02a92a7a5ca7efa187097cbecb

 ///  File Name: tribisur-lfi.txt
Description:
Tribisur versions 2.0 and below suffer from a local file inclusion vulnerability.
Author:cr4wl3r
File Size:1965
Last Modified:Mar 8 17:07:44 2010
MD5 Checksum:b57f7e0fba10b70409a963b0229fc35a

 ///  File Name: troubleticket-exec.txt
Description:
Trouble Ticket Express versions 3.01, 3.0, 2.24, and 2.21 suffer from code execution and directory traversal vulnerabilities.
Author:zombiefx
File Size:813
Last Modified:Mar 15 19:08:34 2010
MD5 Checksum:f29811215e7a73a665449b2351cb871b

 ///  File Name: tsokacms-sqlxss.txt
Description:
TSOKA:CMS versions 1.1, 1.9 and 2.0 suffer from cross site scripting and remote SQL injection vulnerabilities.
Author:d3v1l
File Size:981
Last Modified:Mar 28 18:24:40 2010
MD5 Checksum:f6b28b7acacb7d81f4ccd10ec7519ffb

 ///  File Name: uebimiauwebmail-disclose.txt
Description:
Uebimiau Webmail version 3.2.0-2.0 suffers from a remote email disclosure vulnerability.
Author:R4vax,Z3r0c0re
File Size:1018
Last Modified:Mar 9 17:35:11 2010
MD5 Checksum:d8986001128e37ed03e54a8e5d292448

 ///  File Name: uebimiauwebmail-xssdisclose.txt
Description:
Uebimiau Webmail versions 2.7.2 and below suffer from cross site scripting and path disclosure vulnerabilities.
Author:cp77fk4r
File Size:2098
Last Modified:Mar 28 16:46:41 2010
MD5 Checksum:c3f1c95861559d5324d55f8ad733034b

 ///  File Name: uhttp-traversal.txt
Description:
UHTTP server version 0.1.0-alpha suffers from a path traversal vulnerability that allows for file disclosure.
Author:Salvatore Fresta
File Size:1258
Last Modified:Mar 23 18:16:16 2010
MD5 Checksum:b5d6fe3b6e965985778702ac8f150bbe

 ///  File Name: uigachurchportal-sql.txt
Description:
Uiga Church Portal suffers from a remote SQL injection vulnerability.
Author:Easy Laster
File Size:1676
Last Modified:Mar 1 15:01:34 2010
MD5 Checksum:13aa22e3ddf64b9844a11a1d8cbce79c

 ///  File Name: ultraiso_ccd.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CCD files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an CCD file. NOTE: A file with the same base name, but the extension of "img" must also exist. Opening either file will trigger the vulnerability, but the files must both exist.
Author:jduck
Homepage:http://www.metasploit.com
File Size:6578
Related OSVDB(s):53275
Related CVE(s):CVE-2009-1260
Last Modified:Mar 25 03:51:42 2010
MD5 Checksum:36c2df44ed7225208b22572d6985a69d

 ///  File Name: ultraiso_cue.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CUE files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an CUE file. NOTE: A file with the same base name, but the extension of "bin" must also exist. Opening either file will trigger the vulnerability, but the files must both exist.
Author:jduck
Homepage:http://www.metasploit.com
File Size:3810
Related OSVDB(s):36570
Related CVE(s):CVE-2007-2888
Last Modified:Mar 29 22:42:25 2010
MD5 Checksum:51bf024fb6d7f9dc9c86340abf590c67

 ///  File Name: ultraoffice_httpupload.rb.txt
Description:
This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.
Author:jduck ,shinnai
Homepage:http://www.metasploit.com
File Size:3850
Related OSVDB(s):47866
Related CVE(s):CVE-2008-3878
Last Modified:Mar 4 22:53:30 2010
MD5 Checksum:aefc32154c02bb9668cd3b779b48f669

 ///  File Name: uploadifysc-shell.txt
Description:
Uploadify Sample Collection suffers from a shell upload vulnerability.
Author:indoushka
File Size:1727
Last Modified:Mar 2 21:21:29 2010
MD5 Checksum:6a45a18e0abf7713afbcd8a33b9a71da