Section: .. / 0612-exploits /
| /// File Name: |
ftpd-ldpreload.pl.txt |
Description:
|
FTP server (GNU inetutils 1.4.2) remote root exploit.
| | Author: | kingcope | | File Size: | 2734 | | Last Modified: | Dec 21 16:39:26 2006 |
| MD5 Checksum: | 03ce0835a862b051c0be5bb8d1524075 |
|
| /// File Name: |
genesistrader10.txt |
Description:
|
GenesisTrader version 1.0 suffers from source code disclosure, arbitrary file upload, and cross site scripting vulnerabilities.
| | Author: | Mr_KaLiMaN | | File Size: | 1199 | | Last Modified: | Dec 15 04:35:20 2006 |
| MD5 Checksum: | a1314f3695547f5748c103e537d9c638 |
|
| /// File Name: |
google-XSS.txt |
Description:
|
Google G-Mail is susceptible to a cross site scripting issue.
| | Author: | SwEET-DeViL | | File Size: | 322 | | Last Modified: | Dec 21 17:54:56 2006 |
| MD5 Checksum: | c777d64482952dde53269fcf9bedbf02 |
|
| /// File Name: |
hlstats-sql.txt |
Description:
|
HLStats versions between 1.34 and 1.20 suffer from a SQL injection vulnerability. Exploit included.
| | Author: | Michael Brooks | | File Size: | 13387 | | Last Modified: | Dec 27 19:28:27 2006 |
| MD5 Checksum: | ad6c9c262da52bf4c358930ad1be5fe4 |
|
| /// File Name: |
hypervm-xss.txt |
Description:
|
HyperVM suffers from a cross site scripting flaw.
| | Homepage: | http://www.aria-security.com/ | | File Size: | 372 | | Last Modified: | Dec 21 18:10:28 2006 |
| MD5 Checksum: | cb91e003dca933f5907b17a4c8353fb7 |
|
| /// File Name: |
ibmwebsphere-bypass.txt |
Description:
|
IBM WebSphere Host On-Demand (HOD) versions 6.0 through 9.0 suffer from a URL manipulation flaw that allows for administrative bypass. Version 10.0 may also be susceptible.
| | Author: | Dave Ferguson | | File Size: | 3336 | | Last Modified: | Dec 12 10:32:03 2006 |
| MD5 Checksum: | 8d1f77ce243e309da8c4cb17e3c8d82c |
|
| /// File Name: |
ig207-sql.txt |
Description:
|
Invision Gallery version 2.0.7 suffers from a SQL injection vulnerability.
| | Author: | infection | | File Size: | 233 | | Last Modified: | Dec 5 23:24:47 2006 |
| MD5 Checksum: | 91ecb1f59a22459c686574007ad0114f |
|
| /// File Name: |
inetmedia.txt |
Description:
|
Multiple cross site scripting and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain confidential information and/or modify the database.
| | Author: | kahir, Filip Palian | | File Size: | 1493 | | Last Modified: | Dec 21 18:52:23 2006 |
| MD5 Checksum: | f8b84ae188e1e794c2f0e08dbb241966 |
|
| /// File Name: |
intel-race.txt |
Description:
|
The Intel 2200BG card suffers from a race condition vulnerability. Proof of concept code included.
| | Author: | Breno Silva, Johnny Cache | | File Size: | 4440 | | Last Modified: | Dec 21 18:09:35 2006 |
| MD5 Checksum: | 6c40fbf83154c14c190a6c246566af79 |
|
| /// File Name: |
ISAA-2006-007.txt |
Description:
|
The BlueSocket web administration interface is vulnerable to a cross site scripting attack. Versions below 5.2 are susceptible.
| | Author: | Jesus Olmos Gonzalez | | File Size: | 3020 | | Last Modified: | Dec 5 23:53:15 2006 |
| MD5 Checksum: | cde2ee3ca53a545cca5919eb8071d8df |
|
| /// File Name: |
ISAA-2006-010.txt |
Description:
|
ISMail version 2.0 is vulnerable to a cross site scripting attack.
| | Author: | Vicente Aguilera Diaz | | File Size: | 3334 | | Last Modified: | Dec 6 00:10:29 2006 |
| MD5 Checksum: | 2e7ceb53b334e4eea7a4ae911a0112e9 |
|
| /// File Name: |
ISAA-2006-011.txt |
Description:
|
Improper command and information validation transmitted by Hastymail to the mail servers during the normal use of this application facilitates that an authenticated malicious user could inject arbitrary IMAP/SMTP commands into the mail servers used by Hastymail across parameters used by the webmail front-end in its communication with these mail servers. This vulnerability has been found in development version 1.5 and stable version 1.0.2.
| | Author: | Vicente Aguilera Diaz | | File Size: | 5044 | | Last Modified: | Dec 6 00:12:33 2006 |
| MD5 Checksum: | 04f55c3688204ba691e9c3cae8912fdf |
|
| /// File Name: |
ixprim12-sql.txt |
Description:
|
Ixprim version 1.2 remote blind SQL injection exploit.
| | Author: | DarkFig | | File Size: | 7282 | | Last Modified: | Dec 21 22:08:03 2006 |
| MD5 Checksum: | 6fc316346c50c165c7912d9525431184 |
|
| /// File Name: |
kdpics116.txt |
Description:
|
KDPics versions 1.16 and below suffer from remote file inclusion and cross site scripting vulnerabilities.
| | Author: | Mr_KaLiMaN | | File Size: | 689 | | Last Modified: | Dec 11 10:54:08 2006 |
| MD5 Checksum: | e5218520e6f3920ec66035cddb10fe57 |
|
| /// File Name: |
kisgb-remote.txt |
Description:
|
Keep It Simple Guest Book version 5.0.0 suffers from remote file inclusion vulnerabilities.
| | Author: | 0o_zeus_o0 | | Homepage: | http://www.diosdelared.com | | File Size: | 1631 | | Last Modified: | Dec 27 18:39:35 2006 |
| MD5 Checksum: | ffca534a92ee430714123da60d9d94d4 |
|
| /// File Name: |
kms1.py.txt |
Description:
|
Kerio MailServer version 6.2.2 preauth remote denial of service exploit.
| | Author: | Evgeny Legerov | | File Size: | 2999 | | Last Modified: | Dec 15 04:57:48 2006 |
| MD5 Checksum: | 208c006d41e70ee157fb0122ff3b9a5d |
|
| /// File Name: |
ldu-sql.txt |
Description:
|
Land Down Under versions 8.x and below suffer from a SQL injection vulnerability in journal.php.
| | Author: | St@rExT | | File Size: | 749 | | Last Modified: | Dec 29 21:05:01 2006 |
| MD5 Checksum: | e10fbbe3af6d09cff1e42e79286fd66b |
|
| /// File Name: |
limboCMS-rfi.txt |
Description:
|
The Limbo CMS event module suffers from a remote file inclusion vulnerability.
| | Author: | xoron | | File Size: | 1229 | | Last Modified: | Dec 29 10:06:16 2006 |
| MD5 Checksum: | 7bcbd878335f7313831cb3d75e5e1ec8 |
|
| /// File Name: |
listpics.txt |
Description:
|
Listpics version 5 suffers from a direct database download vulnerability.
| | Author: | blasterim | | File Size: | 506 | | Last Modified: | Dec 6 00:08:55 2006 |
| MD5 Checksum: | 7466ff0190830498310099b39bb38254 |
|
| /// File Name: |
luckybot3-rfi.txt |
Description:
|
LuckyBot version 3 suffers from a remote file inclusion vulnerability.
| | Author: | Red_Casper | | File Size: | 1264 | | Last Modified: | Dec 27 19:59:58 2006 |
| MD5 Checksum: | c3452200e4626d8ffaaa41243ef542d0 |
|
| /// File Name: |
m20xsssql.txt |
Description:
|
Messageriescripthp version 2.0 suffers from SQL injection and cross site scripting vulnerabilities.
| | Author: | Mr_KaLiMaN | | File Size: | 943 | | Last Modified: | Dec 11 10:56:15 2006 |
| MD5 Checksum: | c984db7b1af4bbc7690a171b0714f6b3 |
|
| /// File Name: |
maviportal-xss.txt |
Description:
|
MaviPortal suffers from a cross site scripting flaw in credits.php.
| | Author: | St@rExT | | File Size: | 676 | | Last Modified: | Dec 29 21:05:48 2006 |
| MD5 Checksum: | 2a48b3d8f70a8d9d7e58263fe9873255 |
|
| /// File Name: |
metyus.txt |
Description:
|
Metyus Okul Ynetim Sistemi version 1.0 suffers from a SQL injection vulnerability.
| | Author: | ShaFuck31 | | File Size: | 991 | | Last Modified: | Dec 5 23:56:01 2006 |
| MD5 Checksum: | 9e3eaf904ec8a8029c8451f9e94d3f80 |
|
| /// File Name: |
midiripoff.txt |
Description:
|
Midicart is susceptible to multiple vulnerabilities, including price manipulation.
| | Author: | iFX | | File Size: | 3155 | | Last Modified: | Dec 8 17:50:38 2006 |
| MD5 Checksum: | 4e34b154b359a8013ad1a744e247a5d5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
