Section: .. / 0512-exploits /
| /// File Name: |
alisveristrSQL.txt |
Description:
|
Alisveristr E-Commerce is susceptible to SQL injection attacks during the login phase of usage.
| | Author: | B3g0k | | File Size: | 1018 | | Last Modified: | Dec 6 20:47:58 2005 |
| MD5 Checksum: | 9ba76e5ba7fdd0e4f2889d7965f9b150 |
|
| /// File Name: |
zencart_126d_xpl.html |
Description:
|
Zen-Cart versions 1.2.6d and below are susceptible to blind SQL injection and remote command execution attacks. Exploit included.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 16138 | | Last Modified: | Dec 3 01:22:36 2005 |
| MD5 Checksum: | a507099ecbfb1ccd22d23ed6ed3eca57 |
|
| /// File Name: |
freeHelpInject.txt |
Description:
|
It appears that the Free Help Desk software by Help Desk Reloaded leaves the install.php file in place post installation, allowing remote attackers to create accounts without any authentication or access.
| | Author: | BiPi_HaCk | | Homepage: | http://www.NightmareSecurity.net | | File Size: | 2210 | | Last Modified: | Dec 3 01:19:51 2005 |
| MD5 Checksum: | 59d3001cc14911fe89d6c74dc9fab115 |
|
| /// File Name: |
AD20051202.txt |
Description:
|
WinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
| | Author: | Sowhat | | Homepage: | http://secway.org/ | | File Size: | 3352 | | Last Modified: | Dec 3 00:40:55 2005 |
| MD5 Checksum: | e2a03f701231a1f11975df0e44fadadb |
|
| /// File Name: |
phpMyChat0146.txt |
Description:
|
phpMyChat version 0.14.6 is susceptible to cross site scripting flaws in start_page.css.php, style.css.php, and users_popupL.php.
| | Author: | Louis Wang | | Homepage: | http://www.fortinet.com/ | | File Size: | 1630 | | Last Modified: | Dec 3 00:38:22 2005 |
| MD5 Checksum: | aca7825d44871757fae3eb67dd784b18 |
|
| /// File Name: |
EdgewallSQL.txt |
Description:
|
Edgewall Trac version 0.9 is susceptible to a SQL injection attack due to a lack of sanity checking on the group variable.
| | Author: | David Maciejak | | File Size: | 800 | | Last Modified: | Dec 3 00:27:47 2005 |
| MD5 Checksum: | 7df147c2ac1998ed9869129658f50506 |
|
| /// File Name: |
GameFlyXSS.txt |
Description:
|
GameFly, the popular online video game rental service, suffers from a cross site scripting flaw.
| | Author: | Matthew Benenati | | File Size: | 417 | | Last Modified: | Dec 3 00:25:45 2005 |
| MD5 Checksum: | fd363324b7ba22cd1ed151f9e8b1cda4 |
|
| /// File Name: |
webCalSQL.txt |
Description:
|
WebCalendar version 0.1.0 is susceptible to SQL injection attacks via activity_log.php and edit_report_handler.php. layers_toggle.php is susceptible to CRLF injection. Exploitation details provided.
| | Author: | lwang | | File Size: | 2068 | | Last Modified: | Dec 2 11:57:58 2005 |
| MD5 Checksum: | 46ca1f68ff71adaff29ee3145854d376 |
|
| /// File Name: |
winCreateExp.txt |
Description:
|
Microsoft Windows CreateRemoteThread denial of service exploit.
| | Author: | nima Salehi | | Homepage: | http://www.Ashiyane.com | | File Size: | 4990 | | Last Modified: | Dec 2 11:56:21 2005 |
| MD5 Checksum: | 5802c87f4a75cb494ecd81206bc890ba |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
