Section: .. / 1001-exploits /
| /// File Name: |
googlemaps-xss.txt |
Description:
|
Google Maps suffered from a cross site scripting vulnerability. This was patched the same day as it was publicly disclosed.
| | Author: | Gaurav Baruah,Pratul Agrawal | | File Size: | 519 | | Last Modified: | Jan 12 17:38:53 2010 |
| MD5 Checksum: | 888f54e7c1d88d88df037210a4b74f12 |
|
| /// File Name: |
gridcc-sqlxss.txt |
Description:
|
Gridcc version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
| | Author: | R3d-D3v!L | | File Size: | 1879 | | Last Modified: | Jan 7 16:47:54 2010 |
| MD5 Checksum: | a10dd902462c531120f441628613db82 |
|
| /// File Name: |
hawhaw-sql.txt |
Description:
|
HAWHAW suffers from a remote SQL injection vulnerability.
| | Author: | s4r4d0 | | File Size: | 443 | | Last Modified: | Jan 31 15:00:22 2010 |
| MD5 Checksum: | 4ed9835116fd7549716ab93c3d156385 |
|
| /// File Name: |
hellcode-adv008.txt |
Description:
|
AOL version 9.5 suffers from an Active-X related heap overflow vulnerability. Proof of concept code included.
| | Author: | karak0rsan,murderkey | | Homepage: | http://tcc.hellcode.net/ | | File Size: | 817 | | Last Modified: | Jan 18 20:27:00 2010 |
| MD5 Checksum: | 388d9367ecbf4193d480a3538765b6f8 |
|
| /// File Name: |
helpdesk-xsrf.txt |
Description:
|
Hesk Help Desk suffers from a cross site request forgery vulnerability.
| | Author: | The.Morpheus | | File Size: | 3385 | | Last Modified: | Jan 13 21:31:03 2010 |
| MD5 Checksum: | 18a54b75297d34102c567ef24f40a71d |
|
| /// File Name: |
hispanicdn-sql.txt |
Description:
|
Hispanic Digital Network suffers from a remote blind SQL injection vulnerability.
| | Author: | NoGe | | File Size: | 1412 | | Last Modified: | Jan 7 00:13:59 2010 |
| MD5 Checksum: | d1fcac3e70dd9c1a1ed44b0b72cba5bb |
|
| /// File Name: |
hitcounter-xss.txt |
Description:
|
Hit Counter version 2.0 suffers from a cross site scripting vulnerability.
| | Author: | indoushka | | File Size: | 3437 | | Last Modified: | Jan 3 20:56:45 2010 |
| MD5 Checksum: | 368b315f5a65260dd9aacbbf1f98b244 |
|
| /// File Name: |
hlstats135-xss.txt |
Description:
|
HLstats version 1.35 suffers from a cross site scripting vulnerability. Same issue as previously discovered in 1.34.
| | Author: | Sora | | Related Exploit: | hlstatsXSS.txt | | File Size: | 350 | | Last Modified: | Jan 3 20:46:23 2010 |
| MD5 Checksum: | 4394a9dd628da774be25b0b4c0ffbb1a |
|
| /// File Name: |
hlstatsx165-sql.txt |
Description:
|
HLstatsX Community Edition version 1.6.5 suffers from a remote SQL injection vulnerability.
| | Author: | Babora | | Related Exploit: | hlstatsx-sql.txt | | File Size: | 865 | | Last Modified: | Jan 8 20:44:02 2010 |
| MD5 Checksum: | eae728a6b89fbfae4326c4560527b545 |
|
| /// File Name: |
hlstatsxce-xss.txt |
Description:
|
HLstatsX Community Edition version 1.6.5 suffers from a cross site scripting vulnerability.
| | Author: | Sora | | File Size: | 472 | | Last Modified: | Jan 3 21:44:02 2010 |
| MD5 Checksum: | 0c5ade7b85609bb9a6ba7038ab8696be |
|
| /// File Name: |
houtcast-xsrf.txt |
Description:
|
HOUTcast server versions 1.9.8/Win32 and below suffer from a cross site request forgery vulnerability.
| | Author: | cp77fk4r | | File Size: | 517 | | Last Modified: | Jan 14 16:52:16 2010 |
| MD5 Checksum: | d714e669daa4978abfcf950524416a6b |
|
| /// File Name: |
hp_nnm_ovalarm_lang.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.53. By sending a specially crafted CGI request to ovalarm.exe, an attacker can execute arbitrary code. This specific vulnerability is due to a call to "sprintf_new" in the "isWide" function within "ovalarm.exe". A stack buffer overflow occurs when processing an HTTP request that contains the following. 1. An "Accept-Language" header longer than 100 bytes 2. An "OVABverbose" URI variable set to "on", "true" or "1" The vulnerability is related to "_WebSession::GetWebLocale()" .. NOTE: This exploit has been tested successfully with a reverse_ord_tcp payload.
| | Author: | jduck | | Homepage: | http://www.metasploit.com | | File Size: | 3354 | | Related OSVDB(s): | 60930 | | Related CVE(s): | CVE-2009-4179 | | Last Modified: | Jan 22 01:23:21 2010 |
| MD5 Checksum: | 78f6b32633b4d5d3451e110be8b737bb |
|
| /// File Name: |
hp_omniinet_1.rb.txt |
Description:
|
This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSG_PROTOCOL (0x010b) packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP Application Recovery Manager and potentially other products. This exploit has been tested against versions 6.1, 6.0, and 5.50 of Data Protector. and versions 6.0 and 6.1 of Application Recovery Manager. NOTE: There are actually two consecutive wcscpy() calls in the program (which may be why ZDI considered them two separate issues). However, this module only exploits the first one.
| | Author: | EgiX,jduck,riaf | | Homepage: | http://www.metasploit.com | | File Size: | 5327 | | Related OSVDB(s): | 61206 | | Related CVE(s): | CVE-2007-2280 | | Last Modified: | Jan 7 01:00:29 2010 |
| MD5 Checksum: | 0bcd4a003662b75595c11d89eb98ddba |
|
| /// File Name: |
hp_omniinet_2.rb.txt |
Description:
|
This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSG_PROTOCOL (0x010b) packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP Application Recovery Manager and potentially other products. This exploit has been tested against versions 6.1, 6.0, and 5.50 of Data Protector. and versions 6.0 and 6.1 of Application Recovery Manager. NOTE: There are actually two consecutive wcscpy() calls in the program (which may be why ZDI considered them two separate issues). However, this module only exploits the second one.
| | Author: | EgiX,jduck,riaf | | Homepage: | http://www.metasploit.com | | File Size: | 5265 | | Related OSVDB(s): | 60852 | | Related CVE(s): | CVE-2009-3844 | | Last Modified: | Jan 7 01:00:00 2010 |
| MD5 Checksum: | b3687ed374a55ab5d0525a4d749456b8 |
|
| /// File Name: |
htmldoc-overflow.c |
Description:
|
HTMLDOC version 1.9.x-r1629 local .html buffer overflow exploit for Win32.
| | Author: | fl0 fl0w | | File Size: | 17117 | | Last Modified: | Jan 11 17:27:38 2010 |
| MD5 Checksum: | 9baf734bdf96474f4f1ad797a4bd10b5 |
|
| /// File Name: |
iboutique-xss.txt |
Description:
|
iBoutique version 4.0 suffers from a cross site scripting vulnerability.
| | Author: | Andrea Bocchetti | | File Size: | 428 | | Last Modified: | Jan 22 18:39:08 2010 |
| MD5 Checksum: | e217d897d4e5fa394e87e8589840311b |
|
| /// File Name: |
ie_aurora.py.txt |
Description:
|
This program acts as a web server that generates an exploit to target a vulnerability in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP2. The exploit's payload spawns the calculator.
| | Author: | Ahmed Obied | | File Size: | 6517 | | Related CVE(s): | CVE-2010-0249 | | Last Modified: | Jan 17 18:27:46 2010 |
| MD5 Checksum: | 51e9323f1f97bef10ea85d37a5d609e6 |
|
| /// File Name: |
ie_aurora.rb.txt |
Description:
|
This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the "Operation Aurora" attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
| | Homepage: | http://www.metasploit.com | | File Size: | 5107 | | Related OSVDB(s): | 61697 | | Related CVE(s): | CVE-2010-0249 | | Last Modified: | Jan 17 19:21:02 2010 |
| MD5 Checksum: | 50ede2e16f7d86132be5262085376217 |
|
| /// File Name: |
ievbdevkit-exec.txt |
Description:
|
Microsoft Internet Explorer vbDevKit.dll Active-X control code execution exploit.
| | Author: | ahwak2000 | | File Size: | 1148 | | Last Modified: | Jan 22 18:51:59 2010 |
| MD5 Checksum: | 15472276079f02167faf54833d84cf2e |
|
| /// File Name: |
iewshomocx-addadmin.txt |
Description:
|
Microsoft Internet Explorer wshom.ocx Active-X remote add administrator exploit.
| | Author: | Stack | | File Size: | 421 | | Last Modified: | Jan 22 18:46:35 2010 |
| MD5 Checksum: | 041614671780eba8526fcd7054a3fa9a |
|
| /// File Name: |
ihs-shell.txt |
Description:
|
Image Hosting Script suffers from a shell upload vulnerability.
| | Author: | R3d-D3v!L | | File Size: | 1619 | | Last Modified: | Jan 11 17:17:19 2010 |
| MD5 Checksum: | c0bd3edec7ab1e5e4ffe52a484e74af4 |
|
| /// File Name: |
imagegallery-sql.txt |
Description:
|
Image Gallery version 1.0 suffers from a remote SQL injection vulnerability.
| | Author: | Hussin X | | File Size: | 668 | | Last Modified: | Jan 22 02:38:26 2010 |
| MD5 Checksum: | 6d0bd7df9cb17e03c21df97ccb225b95 |
|
| /// File Name: |
imagoscriptsdac-sql.txt |
Description:
|
ImagoScripts Deviant Art Clone suffers from a remote SQL injection vulnerability.
| | Author: | alnjm33 | | File Size: | 390 | | Last Modified: | Jan 4 17:07:43 2010 |
| MD5 Checksum: | 9b60c25b73a129a21d01f54aad9d4d09 |
|
| /// File Name: |
IntelliTamper.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in the IntelliTamper. By sending an overly long string to the "defer" script, an attacker may be able to execute arbitrary code.
| | Author: | Stack | | Homepage: | http://www.metasploit.com | | File Size: | 2791 | | Last Modified: | Jan 24 15:51:43 2010 |
| MD5 Checksum: | 76234bf0981ba4a0af20a02164199c0f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
