Section: .. / 0709-exploits /
| /// File Name: |
netjuke-sqlxss.txt |
Description:
|
Netjuke version 1.0-rc2 is susceptible to SQL injection and cross site scripting vulnerabilities.
| | Author: | cod3in | | File Size: | 480 | | Last Modified: | Sep 9 16:58:29 2007 |
| MD5 Checksum: | cb6baf51ac8de764885d477e7217f636 |
|
| /// File Name: |
mssql-overflow.txt |
Description:
|
Microsoft SQL Server Distributed Management Objects OLE DLL for SQL Enterprise Manager remote buffer overflow exploit that makes use of sqldmo.dll.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 2702 | | Last Modified: | Sep 7 20:26:12 2007 |
| MD5 Checksum: | 03d94cdb2f083fa9ef0d6fb9bdbc2cc3 |
|
| /// File Name: |
online-rfi.txt |
Description:
|
Online Fantasy Football League (OFFL) version 0.2.6 suffers from multiple remote file inclusion vulnerabilities.
| | Author: | MhZ91 | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1056 | | Last Modified: | Sep 7 20:05:30 2007 |
| MD5 Checksum: | 7a76b2f5e2d55ba8310ad2360b557309 |
|
| /// File Name: |
rwdownload-sql.txt |
Description:
|
RW::Download version 2.0.3 lite suffers from a remote SQL injection vulnerability in index.php.
| | Author: | k1tk4t | | Homepage: | http://newhack.org/ | | File Size: | 1435 | | Last Modified: | Sep 7 19:12:27 2007 |
| MD5 Checksum: | e343da3256b357cec87e703dd3a48a49 |
|
| /// File Name: |
webace-sql.txt |
Description:
|
Webace-Linkscript version 1.3 SE suffers from a remote SQL injection vulnerability in start.php.
| | Author: | k1tk4t | | Homepage: | http://newhack.org/ | | File Size: | 1648 | | Last Modified: | Sep 7 19:11:39 2007 |
| MD5 Checksum: | 3dbc3121b60190a348e126be8af4c3cf |
|
| /// File Name: |
edraw-activex.txt |
Description:
|
EDraw Office Views component version 5.2 ActiveX remote buffer overflow proof of concept exploit.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 2200 | | Last Modified: | Sep 7 19:10:32 2007 |
| MD5 Checksum: | 72f9c3f67ba960ed015aac0139785229 |
|
| /// File Name: |
magellan-traverse.txt |
Description:
|
Magellan Explorer version 3.32 build 305 suffers from a remote directory traversal vulnerability. Proof of concept code included.
| | Author: | Gynvael Coldwind | | File Size: | 5369 | | Last Modified: | Sep 7 03:04:55 2007 |
| MD5 Checksum: | dfbb2d7e0d2a6b844329758384f50199 |
|
| /// File Name: |
xdiesel-traverse.txt |
Description:
|
X-Diesel Unreal Commander version 0.92 suffers from a remote directory traversal vulnerability. Proof of concept code included.
| | Author: | Gynvael Coldwind | | File Size: | 7971 | | Last Modified: | Sep 7 03:04:00 2007 |
| MD5 Checksum: | 5b6c8cf70a7e1c9b8469316331e1b384 |
|
| /// File Name: |
tc701-traverse.txt |
Description:
|
The Total Commander FTP client versions 7.01 and below suffer from a remote directory traversal vulnerability. Proof of concept code included.
| | Author: | Gynvael Coldwind | | File Size: | 5770 | | Last Modified: | Sep 7 03:02:23 2007 |
| MD5 Checksum: | ed64e7ad4378b16d1b810bbc50936c36 |
|
| /// File Name: |
msvisfoxpro-dos.txt |
Description:
|
Microsoft Visual FoxPro version 6.0 remote stack overflow denial of service exploit that makes use of FPOLE.OCX version 6.0.8450.0.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1637 | | Last Modified: | Sep 7 02:50:27 2007 |
| MD5 Checksum: | ff28565a9854b740111e63a932ffa843 |
|
| /// File Name: |
msforums-xss.txt |
Description:
|
http://forums.microsoft.com/ appears to suffer from another cross site scripting vulnerability.
| | Author: | anonymous | | File Size: | 2092 | | Last Modified: | Sep 7 02:40:25 2007 |
| MD5 Checksum: | 1c8c1f493a3ee87500b1ad85583c88b9 |
|
| /// File Name: |
tomcat-func-xss.txt |
Description:
|
Apache Tomcat version 5.2.28 is susceptible to cross site scripting attacks in functions.jsp.
| | Author: | Handrix | | Homepage: | http://www.morx.org/ | | File Size: | 554 | | Last Modified: | Sep 7 02:10:36 2007 |
| MD5 Checksum: | bd09a32ca1d51a3b6430e1f2abf74de5 |
|
| /// File Name: |
trendmicro-overflow.txt |
Description:
|
Trend Micro ServerProtect remote stack overflow exploit that takes advantage of a boundary error condition within eng50.dll via a specially crafted RPC request to the SpntSvc.exe service. Binds a shell to TCP port 4444.
| | Author: | devcode | | File Size: | 5655 | | Related CVE(s): | CVE-2007-1070 | | Last Modified: | Sep 6 11:15:18 2007 |
| MD5 Checksum: | 6043e19f8ad08ab86b47a2925fb37874 |
|
| /// File Name: |
aa2k7x.zip |
Description:
|
Proof of concept exploit that demonstrates format string and spoofing vulnerabilities in Alien Arena 2007 versions 6.10 and below.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | aa2k7x.txt | | File Size: | 14170 | | Last Modified: | Sep 5 20:56:43 2007 |
| MD5 Checksum: | 996f0b02a954b6e086cc7104809e74de |
|
| /// File Name: |
globallink-overflow.txt |
Description:
|
GlobalLink version 2.7.0.8 dlltemCom.dll SetInfo() heap overflow exploit.
| | Author: | void | | Homepage: | http://www.ph4nt0m.org/ | | File Size: | 1584 | | Last Modified: | Sep 5 20:49:30 2007 |
| MD5 Checksum: | 8df134a1851777b7bb23f8129cbb9f3d |
|
| /// File Name: |
atomix23-overflow.txt |
Description:
|
AtomixMP3 version 2.3 pls file local buffer overflow exploit.
| | Author: | 0x58 | | File Size: | 1509 | | Last Modified: | Sep 5 20:47:56 2007 |
| MD5 Checksum: | 95df86f08686d77eb6253cf63e44a719 |
|
| /// File Name: |
anyinventory-rfi.txt |
Description:
|
AnyInventory versions 1.9.1 and below suffer from a remote file inclusion vulnerability in environment.php.
| | Author: | ThE TiGeR | | File Size: | 358 | | Last Modified: | Sep 5 20:46:51 2007 |
| MD5 Checksum: | 6f161ae1b9c006aed781186ca28d2ddb |
|
| /// File Name: |
sharelor-xss.txt |
Description:
|
Sharelor suffers from a cross site scripting vulnerability.
| | Author: | malibu.r | | File Size: | 237 | | Last Modified: | Sep 5 01:36:24 2007 |
| MD5 Checksum: | 87f0b324456e522f5df32e86e6186a6f |
|
| /// File Name: |
tomcat4131-xss.txt |
Description:
|
Apache Tomcat version 4.1.31 ships with cal2.jsp that suffers from cross site scripting and cross site request forgery vulnerabilities.
| | Author: | Tushar Vartak | | File Size: | 433 | | Last Modified: | Sep 5 00:27:41 2007 |
| MD5 Checksum: | 84ffe83965ef4435d7d7f4eea492dfc9 |
|
| /// File Name: |
212cafeboard-sql.txt |
Description:
|
212cafeBoard version 6.30 Beta suffers from a SQL injection vulnerability.
| | Author: | Lopez Bran | | File Size: | 366 | | Last Modified: | Sep 5 00:25:22 2007 |
| MD5 Checksum: | b28d781a6ac056a7c43a8472fb34138b |
|
| /// File Name: |
tomsgb10-xss.txt |
Description:
|
Toms Gästebuch version 1.0 suffers from a cross site scripting vulnerability.
| | Author: | cod3in | | File Size: | 424 | | Last Modified: | Sep 5 00:16:03 2007 |
| MD5 Checksum: | dd108ca1bf03cb60ce4620995916615c |
|
| /// File Name: |
weboddity-traverse.txt |
Description:
|
Web Oddity web server version 0.09b suffers from a directory traversal vulnerability.
| | Author: | Katatafish | | File Size: | 666 | | Last Modified: | Sep 5 00:11:54 2007 |
| MD5 Checksum: | 7dbe86bb071de2549c78f158e24a0ac0 |
|
| /// File Name: |
ccproxy-meta.txt |
Description:
|
This Metasploit module exploits the YoungZSoft CCProxy suite versions 6.2 and below Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command.
| | Author: | Patrick Webster | | File Size: | 2456 | | Related OSVDB(s): | 11593 | | Related CVE(s): | CVE-2004-2416 | | Last Modified: | Sep 5 00:10:57 2007 |
| MD5 Checksum: | ba0a0f99a7447f5bc62b7d630cd62405 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
