Section: .. / 1002-exploits /
| /// File Name: |
phpkit161-sql.txt |
Description:
|
PHP-Kit version 1.6.1 suffers from a remote SQL injection vulnerability in member.php.
| | Author: | Easy Laster | | Related Exploit: | phpkit-sql.txt | | File Size: | 1897 | | Last Modified: | Feb 19 16:04:13 2010 |
| MD5 Checksum: | 46555c0554552701c2f04dd08748fd4a |
|
| /// File Name: |
phpminisite-insecure.txt |
Description:
|
phpMiniSite suffers from an insecure cookie handling vulnerability.
| | Author: | jiko | | File Size: | 849 | | Last Modified: | Feb 9 19:34:44 2010 |
| MD5 Checksum: | a688404d667797c3c8b5e64452647b6b |
|
| /// File Name: |
phpmysite-sqlxss.txt |
Description:
|
phpMySite suffers from cross site scripting and remote SQL injection vulnerabilities.
| | Author: | Crux | | File Size: | 1196 | | Last Modified: | Feb 28 14:36:18 2010 |
| MD5 Checksum: | ec6af75bfa56f883d469987c1138b67f |
|
| /// File Name: |
phpraincheck-sql.txt |
Description:
|
phpRAINCHECK versions 1.0.1 and below suffer from a remote SQL injection vulnerability.
| | Author: | cr4wl3r | | File Size: | 467 | | Last Modified: | Feb 28 13:51:33 2010 |
| MD5 Checksum: | a5868e485b7ae4bfcae58fc09dac403e |
|
| /// File Name: |
phpsessionsavepath-bypass.txt |
Description:
|
PHP versions 5.2.12 and 5.3.1 suffer from session.save_path safe_mode and open_basedir bypass vulnerabilities.
| | Author: | Grzegorz Stachowiak | | Homepage: | http://securityreason.com/ | | File Size: | 3750 | | Last Modified: | Feb 12 01:33:19 2010 |
| MD5 Checksum: | 43a18fee0c45ef20bd66b0e25a68417b |
|
| /// File Name: |
piranha_passwd_exec.rb.txt |
Description:
|
This Metasploit module abuses two flaws - a meta-character injection vulnerability in the HTTP management server of RedHat 6.2 systems running the Piranha LVS cluster service and GUI (rpm packages: piranha and piranha-gui). The vulnerability allows an authenticated attacker to execute arbitrary commands as the Apache user account (nobody) within the /piranha/secure/passwd.php3 script. The package installs with a default user and password of piranha:q which was exploited in the wild.
| | Author: | patrick | | Homepage: | http://www.metasploit.com | | File Size: | 3041 | | Related OSVDB(s): | 1300,289 | | Related CVE(s): | CVE-2000-0322, CVE-2000-0248 | | Last Modified: | Feb 15 17:14:30 2010 |
| MD5 Checksum: | f67f90a640b118d5d59f7d2fd5dcfd0e |
|
| /// File Name: |
pixelportal-sql.txt |
Description:
|
Pixel Portal suffers from a remote SQL injection vulnerability.
| | Author: | Pouya Daneshmand | | File Size: | 816 | | Last Modified: | Feb 17 18:56:24 2010 |
| MD5 Checksum: | fffe10a909e905071cb3d7ffccbeaa54 |
|
| /// File Name: |
plspla-dos.txt |
Description:
|
PLS PLA WMDownloader proof of concept denial of service exploit.
| | Author: | jiko | | File Size: | 3053 | | Last Modified: | Feb 9 20:34:39 2010 |
| MD5 Checksum: | 999596f37e714fad9d31dd2d3e28c928 |
|
| /// File Name: |
plspla-overflow.txt |
Description:
|
PLS PLA WMDownloader proof of concept local buffer overflow exploit that creates a malicious .pls file.
| | Author: | Beenu Arora | | Homepage: | http://www.beenuarora.com/ | | File Size: | 2288 | | Last Modified: | Feb 10 15:56:08 2010 |
| MD5 Checksum: | 37a1cc49e19208d2dad488b79ebef7a4 |
|
| /// File Name: |
pogodnycms-sql.txt |
Description:
|
Pogodny CMS suffers from a remote SQL injection vulnerability.
| | Author: | Ariko-Security | | File Size: | 1003 | | Last Modified: | Feb 16 14:20:31 2010 |
| MD5 Checksum: | 0396d684f9c9cabd01993ec3ba52178f |
|
| /// File Name: |
PR09-04.txt |
Description:
|
Portwise SSL VPN version 4.6 suffers from a cross site scripting vulnerability.
| | Author: | George Christopoulos,Jan Fry,ProCheckUp | | Homepage: | http://www.procheckup.com/ | | File Size: | 1918 | | Last Modified: | Feb 17 19:35:45 2010 |
| MD5 Checksum: | e91363a6467550b7abc72a540fa512d3 |
|
| /// File Name: |
projectman-sql.txt |
Description:
|
Project Man versions 1.0 and below suffer a remote SQL injection vulnerability that allows for authentication bypass.
| | Author: | cr4wl3r | | File Size: | 500 | | Last Modified: | Feb 28 13:58:08 2010 |
| MD5 Checksum: | 700c4f769145ded7872d05c2d89799ca |
|
| /// File Name: |
proman-rfilfi.txt |
Description:
|
ProMan versions 0.1.1 and below suffer from local file inclusion and remote file inclusion vulnerabilities.
| | Author: | cr4wl3r | | File Size: | 1403 | | Last Modified: | Feb 28 13:52:39 2010 |
| MD5 Checksum: | 521faf9845c053df875294ee88fe3143 |
|
| /// File Name: |
pulsecms-xss.txt |
Description:
|
Pulse CMS version 1.2.2 suffers from a cross site scripting vulnerability.
| | Author: | Th3 RDX | | File Size: | 2662 | | Last Modified: | Feb 23 01:15:55 2010 |
| MD5 Checksum: | 6e5f2a9f3623f3ffbbd870b4ed7737df |
|
| /// File Name: |
punbbannuaire-sql.txt |
Description:
|
PunBBAnnuaire versions 0.4 and below suffer from a remote blind SQL injection vulnerability.
| | Author: | Metropolis | | File Size: | 914 | | Last Modified: | Feb 17 19:00:50 2010 |
| MD5 Checksum: | 01d72028e910bc24d6b72bbb29eba8ea |
|
| /// File Name: |
qbik_wingate_wwwproxy.rb.txt |
Description:
|
This Metasploit module exploits a stack overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code.
| | Author: | patrick | | Homepage: | http://www.metasploit.com | | File Size: | 2336 | | Related OSVDB(s): | 26214 | | Related CVE(s): | CVE-2006-2926 | | Last Modified: | Feb 18 20:47:45 2010 |
| MD5 Checksum: | 3fb1ecfa9922d452cf006b2e79743e07 |
|
| /// File Name: |
qihoo360-escalate.txt |
Description:
|
Qihoo 360 Security Guard version 6.1.5.1009 suffers from a local privilege escalation vulnerability.
| | File Size: | 3950 | | Last Modified: | Feb 2 16:38:47 2010 |
| MD5 Checksum: | 2bcb528c5dbc6138d7e93e57063b4c6c |
|
| /// File Name: |
quickdev-disclose.txt |
Description:
|
QuickDev 4 PHP suffers from a database disclosure vulnerability.
| | Author: | ViRuSMaN | | File Size: | 1470 | | Last Modified: | Feb 23 19:44:44 2010 |
| MD5 Checksum: | 082ddbc3d84705adf41d7e6aac4f4e60 |
|
| /// File Name: |
radasm-poc.c |
Description:
|
Radasm local buffer overflow proof of concept exploit that creates a malicious .rap file.
| | Author: | fl0 fl0w | | File Size: | 11856 | | Last Modified: | Feb 12 02:03:52 2010 |
| MD5 Checksum: | ed77dfa8795bd7067867bc789e7e4aa4 |
|
| /// File Name: |
radasmrap-overflow.txt |
Description:
|
Radasm universal local buffer overflow exploit that creates a malicious .rap file.
| | Author: | Dz_attacker | | File Size: | 4633 | | Last Modified: | Feb 11 19:22:32 2010 |
| MD5 Checksum: | 3b72a28a4e7e1008b86c48c353317096 |
|
| /// File Name: |
rcadcm425-dos.txt |
Description:
|
RCA DCM425 Cable Modem micro_httpd denial of service proof of concept exploit.
| | Author: | ad0nis | | File Size: | 1014 | | Last Modified: | Mar 1 16:23:28 2010 |
| MD5 Checksum: | b0a2e26ffd898f565221db867068908c |
|
| /// File Name: |
realadmin-sql.txt |
Description:
|
RealAdmin suffers from a remote blind SQL injection vulnerability.
| | Author: | AtT4CKxT3rR0r1ST | | File Size: | 1225 | | Last Modified: | Feb 2 23:22:58 2010 |
| MD5 Checksum: | f2fc207d5d972a76418f32c1996dced9 |
|
| /// File Name: |
redbanc-xss.txt |
Description:
|
RedBanc.cl, the Chilean ATM / banking network, suffers from a cross site scripting vulnerability.
| | Author: | Zerial | | File Size: | 1127 | | Last Modified: | Feb 26 13:30:43 2010 |
| MD5 Checksum: | 162ddb7ca4173c97ba8cdfdcbb5e025d |
|
| /// File Name: |
risingonline-dos.txt |
Description:
|
Rising Online Virus Scanner version 22.0.0.5 Active-X related denial of service exploit.
| | Author: | wirebonder | | File Size: | 827 | | Last Modified: | Feb 17 19:08:07 2010 |
| MD5 Checksum: | 98618b939ea996d7d5a4c97b0e32607b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
