Section:  .. / 1008-exploits  /

Page 1 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 1 - 25 of 422
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: cartxpress-shelldisclose.txt
Description:
CartXpress suffers from backup related, file disclosure and shell upload vulnerabilities.
Author:indoushka
File Size:4270
Last Modified:Aug 31 19:53:35 2010
MD5 Checksum:d0cde3459bec460f5333b1b809fff27d

 ///  File Name: keepass-dllhijack.tgz
Description:
KeePass Password Safe versions 2.12 and below suffer from a DLL hijacking vulnerability.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6405
Last Modified:Aug 31 19:48:41 2010
MD5 Checksum:4df8443bd6e31f1e8500adef4f594bb2

 ///  File Name: wp301-redir.txt
Description:
WordPress versions 3.0.1 and below suffer from an URL redirection bug.
Author:ItSecTeam
File Size:2384
Last Modified:Aug 31 19:46:05 2010
MD5 Checksum:e65e12163ee044a64fbf4b4115b4c734

 ///  File Name: webideas-sql.txt
Description:
Web-Ideas Web Shop Standard suffers from a remote SQL injection vulnerability.
Author:Ariko-Security
File Size:1303
Last Modified:Aug 31 14:45:20 2010
MD5 Checksum:8b0ebafe552baf5accfa95d7cbe31b57

 ///  File Name: ninga.zip
Description:
This is a proof of concept, self replicating, social network based malware for NING.
Author:James Bercegay
File Size:1750
Last Modified:Aug 31 14:43:01 2010
MD5 Checksum:5a18d712327fbb7191111ebeddc05e49

 ///  File Name: joomlajefaqpro-sql.txt
Description:
The Joomla JE FAQ component suffers from a remote blind SQL injection vulnerability.
Author:Chip D3 Bi0s
File Size:1623
Last Modified:Aug 31 14:39:36 2010
MD5 Checksum:1197b45ece79014db6580ecc0355c99b

 ///  File Name: joomlapicsell-disclose.txt
Description:
The Joomla PicSell component suffers from a file disclosure vulnerability.
Author:Craw
File Size:636
Last Modified:Aug 31 14:34:04 2010
MD5 Checksum:1237cdeb9b8aad75ee580ced114fd4ee

 ///  File Name: R7-0036.txt
Description:
Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.
Author:H D Moore,Rapid7,Will Vandevanter
Homepage:http://www.rapid7.com/
File Size:2277
Related CVE(s):CVE-2009-4444
Last Modified:Aug 30 19:10:27 2010
MD5 Checksum:734bd64d3ff9aa05f3b480e0cd0300eb

 ///  File Name: apple_quicktime_marshaled_punk.rb.t..>
Description:
This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.
Author:Ruben Santamarta,jduck
Homepage:http://www.metasploit.com
File Size:7052
Related CVE(s):CVE-2010-1818
Last Modified:Aug 30 19:00:59 2010
MD5 Checksum:7ad044f928efe468c6ea9c5cb5d51a74

 ///  File Name: appleqtmp-exec.txt
Description:
Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.
Author:Ruben Santamarta
Homepage:http://www.reversemode.com/
File Size:14998
Last Modified:Aug 30 18:57:48 2010
MD5 Checksum:e93ace586ff41f998cf0bacbb39e6d88

 ///  File Name: safarisgv-dos.txt
Description:
Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll.
Author:MustLive
File Size:2164
Last Modified:Aug 30 18:42:46 2010
MD5 Checksum:7ec3fe1793cf146cc5e0d313c9ed5fc4

 ///  File Name: mop-exec.txt
Description:
Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.
Author:Abhishek Lyall
Homepage:http://www.aslitsecurity.com/
File Size:35475
Related CVE(s):CVE-2006-2389
Last Modified:Aug 30 18:35:49 2010
MD5 Checksum:0b8748008d4dae5d86c97975f64bc3c6

 ///  File Name: seagull-rfi.txt
Description:
Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities.
Author:FoX HaCkEr
File Size:1107
Last Modified:Aug 30 18:12:58 2010
MD5 Checksum:698dcf5ebca0a2a60aa3b33cdc5d5a44

 ///  File Name: cfimagehosting-disclose.txt
Description:
CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability.
Author:Dr.Saudi
File Size:549
Last Modified:Aug 30 18:11:23 2010
MD5 Checksum:7973b8d7314f0256d73262283b3dc3df

 ///  File Name: virtdj-vuln.txt
Description:
Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.
Author:Classity Security Scans
Homepage:http://www.classity.nl/
File Size:666
Last Modified:Aug 30 18:08:33 2010
MD5 Checksum:6552b5ef24190ba330da50f0888896e5

 ///  File Name: bsplayer-vuln-ehtraceDLL.txt
Description:
BS Player version 2.56 DLL hijacking exploit.
Author:Classity Security Scans
Homepage:http://www.classity.nl/
File Size:661
Last Modified:Aug 30 18:07:47 2010
MD5 Checksum:35c98e79724baf98aa0880e4afedff7c

 ///  File Name: windowsbackup-dllhijack.txt
Description:
Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit.
Author:Christian Heinrich
File Size:1296
Last Modified:Aug 30 18:05:27 2010
MD5 Checksum:585e03acfe30337026381ca0d0ab85bc

 ///  File Name: daemontools-dllhijack.txt
Description:
Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit.
Author:Christian Heinrich
File Size:1297
Last Modified:Aug 30 18:03:59 2010
MD5 Checksum:77ef249904bd3ac9c7b90e298e229746

 ///  File Name: guestbookplus-redir.txt
Description:
GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities.
Author:MiND
File Size:1568
Last Modified:Aug 30 18:01:23 2010
MD5 Checksum:03ca280256ec1a44fa5b99d689d410db

 ///  File Name: qtweb-dllhijack.tgz
Description:
QtWeb Browser version 3.3 build 043 DLL hijacking exploit.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6842
Last Modified:Aug 30 17:57:10 2010
MD5 Checksum:a61ba519336b8cb290a240a5a1997066

 ///  File Name: maxthon-dllhijack.tgz
Description:
Maxthon Browser version 2.5.15.1000 DLL hijacking exploit that leverages dwmapi.dll.
Author:Aung Khant
Homepage:http://yehg.net/
File Size:6808
Last Modified:Aug 30 17:54:17 2010
MD5 Checksum:daebc041ed83ae09d1c932d3fb0c4c61

 ///  File Name: diycms-rfi.txt
Description:
DiY-CMS version 1.0 suffers from multiple remote file inclusion vulnerabilities.
Author:LoSt.HaCkEr
File Size:1077
Last Modified:Aug 30 17:45:31 2010
MD5 Checksum:cc1c0d0c533eb654c795580f19e0575d

 ///  File Name: nginx-heapcorrupt.txt
Description:
Nginx version 0.6.38 heap corruption exploit.
Author:aaron conole
File Size:6520
Last Modified:Aug 30 17:44:10 2010
MD5 Checksum:36ed98b3f0337da621ba6ffcaebd7ce9

 ///  File Name: snackamp312-overflow.txt
Description:
SnackAmp version 3.1.2 malicious .smp file buffer overflow SEH exploit.
Author:James Fitts
File Size:1512
Last Modified:Aug 30 16:34:45 2010
MD5 Checksum:6bf157239c630e65eb2271eeb254893e

 ///  File Name: snackamp-overflow.txt
Description:
SnackAmp version 3.1.2 malicious .wav file buffer overflow proof of concept exploit.
Author:James Fitts
File Size:374
Last Modified:Aug 30 16:33:08 2010
MD5 Checksum:f4d6d52372b33981592f67fdaecd4eb2