Section: .. / 0706-exploits /
| /// File Name: |
6alblog-sql.txt |
Description:
|
6ALBlog suffers from a remote SQL injection vulnerability.
| | Author: | Crackers_Child | | File Size: | 2148 | | Last Modified: | Jun 26 16:27:24 2007 |
| MD5 Checksum: | f71611450ae2fa85e67d9012aac87f0b |
|
| /// File Name: |
aceftp-dos.txt |
Description:
|
Ace-FTP client version 1.24a remote buffer overflow denial of service exploit.
| | Author: | n00b | | File Size: | 3630 | | Last Modified: | Jun 10 20:15:40 2007 |
| MD5 Checksum: | d52a831f8900ae5960b184332a920318 |
|
| /// File Name: |
amx-activex.txt |
Description:
|
AMX Corp. VNC ActiveX control remote buffer overflow exploit that takes advantage of AmxVnc.dll version 1.0.13.0.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 2912 | | Last Modified: | Jun 29 01:14:25 2007 |
| MD5 Checksum: | 5a542260d691cdb83d713acfe3cfdbfb |
|
| /// File Name: |
atomphotoblog-xss.txt |
Description:
|
Atom Photoblog versions 1.0.9 and below suffer from a cross site scripting vulnerability.
| | Homepage: | http://www.serapis.net/ | | File Size: | 2018 | | Last Modified: | Jun 10 19:37:17 2007 |
| MD5 Checksum: | 315119dff9a9aea902c3c625f15cb8ed |
|
| /// File Name: |
avaxswf-write.txt |
Description:
|
Avaxswf.dll, a library included in the Avax Vector ActiveX version 1.3 software package from the Company Civitech, has a flaw that allows for arbitrary file overwrite on the underlying system.
| | Author: | callAX | | Homepage: | http://www.shellcode.com.ar/ | | File Size: | 3823 | | Last Modified: | Jun 26 17:30:00 2007 |
| MD5 Checksum: | a0fe9869974d6c8ac20ddbae2b54e9d8 |
|
| /// File Name: |
b1gbb-rfi.txt |
Description:
|
b1gbb version 2.24.0 suffers from a remote file inclusion vulnerability in footer.inc.php.
| | Author: | Rf7awy | | File Size: | 441 | | Last Modified: | Jun 26 16:25:00 2007 |
| MD5 Checksum: | ceb82d73cdbe3ba189576cf25452f7ae |
|
| /// File Name: |
b1gbb-sql.txt |
Description:
|
b1gbb version 2.24.0 suffers from SQL injection and cross site scripting vulnerabilities.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 895 | | Last Modified: | Jun 29 01:10:23 2007 |
| MD5 Checksum: | f73b85189616edcd37f4e1e1fca2ea8a |
|
| /// File Name: |
Bluecoat-k9.pdf |
Description:
|
The CSIS Security Group has discovered a remote exploitable arbitrary overwrite in the Blue Coat K9 Web Protection local Web configuration manager on 127.0.0.1 and port 2372. Proof of concept code included.
| | Author: | Dennis Rand | | Homepage: | http://www.csis.dk/ | | File Size: | 159405 | | Related CVE(s): | CVE-2007-1685 | | Last Modified: | Jun 10 20:05:52 2007 |
| MD5 Checksum: | 921a46ab8f5312c750f461b6636871ca |
|
| /// File Name: |
BTP00000P006KA.zip |
Description:
|
Demonstration code that shows how Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
| | Homepage: | http://www.matousec.com/ | | Related File: | kaspersky-is6.txt | | File Size: | 4615 | | Last Modified: | Jun 15 14:46:50 2007 |
| MD5 Checksum: | 2b850cd487a5e401ac1758376d3a5a05 |
|
| /// File Name: |
BTP00002P004AO.zip |
Description:
|
Demonstration code that exploits Outpost 4.0 which fails to sufficiently protect its own mutex outpost_ipc_hdr.
| | Homepage: | http://www.matousec.com/ | | Related File: | outpost40-insuff.txt | | File Size: | 4169 | | Last Modified: | Jun 6 19:11:39 2007 |
| MD5 Checksum: | 6cc8670357ac69ea20311c7a792d5202 |
|
| /// File Name: |
buddy-sql.txt |
Description:
|
Buddy Zone version 1.5 suffers from a SQL injection vulnerability in view_sub_cat.php.
| | Author: | t0pp8uzz, xprog | | File Size: | 1294 | | Last Modified: | Jun 29 23:25:06 2007 |
| MD5 Checksum: | 6b02a46081981df486cc15d6e714f36b |
|
| /// File Name: |
bugmall-xss.txt |
Description:
|
BugMall Shopping Cart version 2.5 suffers from SQL injection and cross site scripting vulnerabilities.
| | Author: | t0pp8uzz, xprog | | File Size: | 2112 | | Last Modified: | Jun 26 16:26:18 2007 |
| MD5 Checksum: | f2850d1b865478d159081e43295eb491 |
|
| /// File Name: |
cactushop-mdb.txt |
Description:
|
Cactushop version 6 allows direct download of the database which may contain credit cards.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1132 | | Last Modified: | Jun 6 21:06:43 2007 |
| MD5 Checksum: | 5d5c506a327c7911e3150fa5818e2a37 |
|
| /// File Name: |
cissp-sql.txt |
Description:
|
The CISSP web site is susceptible to a SQL injection vulnerability.
| | Author: | Bozo Bad | | File Size: | 79 | | Last Modified: | Jun 21 15:10:05 2007 |
| MD5 Checksum: | f5b6a22b4b2e056c43e2ab9bdc9962e2 |
|
| /// File Name: |
cjay-rfi.txt |
Description:
|
XOOPS module Cjay Content 3 suffers from a remote file inclusion vulnerability.
| | Author: | FiSh | | Homepage: | http://www.g00ns.net/ | | File Size: | 1877 | | Last Modified: | Jun 14 23:19:20 2007 |
| MD5 Checksum: | 6e8805d75ab6dc32d7dd1043feced108 |
|
| /// File Name: |
comdevecom-rfi.txt |
Description:
|
Comdev eCommerce version 4.1 suffers from a remote file inclusion vulnerability.
| | Author: | L.T.C | | File Size: | 907 | | Last Modified: | Jun 6 20:57:14 2007 |
| MD5 Checksum: | ca330c49b817d47c0e702d963e1d4037 |
|
| /// File Name: |
comdevwb-rfi.txt |
Description:
|
Comdev Web Blogger version 4.1 suffers from a remote file inclusion vulnerability.
| | Author: | L.T.C | | File Size: | 905 | | Last Modified: | Jun 6 20:57:44 2007 |
| MD5 Checksum: | a605fb128e9ed2f39e28bf5da0f9b657 |
|
| /// File Name: |
comicsense-sql.txt |
Description:
|
Comicsense suffers from a SQL injection vulnerability in index.php.
| | Author: | s0cratex | | Homepage: | http://plexinium.net/ | | File Size: | 848 | | Last Modified: | Jun 7 01:23:02 2007 |
| MD5 Checksum: | 7fd75c4a36c4b7878539b01c02bf4066 |
|
| /// File Name: |
comicsense02-sql.txt |
Description:
|
Comicsense version 0.2 remote SQL injection exploit that makes use of index.php.
| | Author: | Silentz | | Homepage: | http://www.w4ck1ng.com/ | | File Size: | 2764 | | Last Modified: | Jun 7 02:22:01 2007 |
| MD5 Checksum: | 24f79e506185df3a94dfb9c6d924e859 |
|
| /// File Name: |
contiftp-dos.txt |
Description:
|
Conti FTP server version 1.0 remote denial of service exploit.
| | Author: | 35c666 | | File Size: | 1164 | | Last Modified: | Jun 29 01:02:49 2007 |
| MD5 Checksum: | 0d50024b84b54ca804ec478b2474ba52 |
|
| /// File Name: |
csc-sqlxss.txt |
Description:
|
Comersus Shop Cart version 7.07 suffers from SQL injection and cross site scripting vulnerabilities.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 2530 | | Last Modified: | Jun 21 14:53:38 2007 |
| MD5 Checksum: | cfcfc7f81ef8c0d771a03091cd266aa9 |
|
| /// File Name: |
CVE-2007-2449.txt |
Description:
|
Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.
| | Homepage: | http://tomcat.apache.org/ | | File Size: | 1046 | | Related CVE(s): | CVE-2007-2449 | | Last Modified: | Jun 14 22:59:09 2007 |
| MD5 Checksum: | 5db7d9a21a4e3f3633a9d6f0dd748c6a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
