Section: .. / 0907-exploits /
| /// File Name: |
calendarexpress-xss.txt |
Description:
|
Calendar Express version 2 suffers from a cross site scripting vulnerability.
| | Author: | 599eme Man | | File Size: | 1437 | | Last Modified: | Jul 8 16:32:55 2009 |
| MD5 Checksum: | 4d54d73a3ea1a4cd70e99ea39397b550 |
|
| /// File Name: |
ccp-xss.txt |
Description:
|
ClassifiedsCaffePRO suffers from a cross site scripting vulnerability.
| | Author: | Moudi | | File Size: | 1910 | | Last Modified: | Jul 29 14:50:34 2009 |
| MD5 Checksum: | 29c6515581b8a8ddca61eb00315a0975 |
|
| /// File Name: |
censura-sqlxss.txt |
Description:
|
Censura version 1.16.04 suffers from cross site scripting and blind SQL injection vulnerabilities.
| | Author: | Vrs-hCk | | File Size: | 1227 | | Last Modified: | Jul 13 14:11:46 2009 |
| MD5 Checksum: | c879ae78fe03e2f27661329b2c9c0504 |
|
| /// File Name: |
cheddar_bay.tgz |
Description:
|
Linux 2.6.30+/SELinux/RHEL5 local root exploit. Works on both 32bit and 64bit kernels.
| | Author: | Brad Spengler | | File Size: | 12345 | | Last Modified: | Jul 17 15:23:06 2009 |
| MD5 Checksum: | 3c1f32c8c2d4538788f1c5fc52b1a8a5 |
|
| /// File Name: |
ciscowlc-dos.txt |
Description:
|
This Metasploit module triggers a denial of service condition in the Cisco WLC 4200 HTTP server. By sending a GET request with long authentication data, the device becomes unresponsive and reboots.
| | Author: | Christoph Bott | | File Size: | 1946 | | Last Modified: | Jul 27 20:43:34 2009 |
| MD5 Checksum: | 9cf5e963ab6f666624606c68fdb622dd |
|
| /// File Name: |
cjdynamicpoll-xss.txt |
Description:
|
CJ Dynamic Poll version 2.0 PRO suffers from a cross site scripting vulnerability.
| | Author: | Moudi | | File Size: | 1925 | | Last Modified: | Jul 21 17:03:03 2009 |
| MD5 Checksum: | 82801d7f42c0c87360e5e1929cafb922 |
|
| /// File Name: |
clansphere-xss.txt |
Description:
|
ClanSphere 2009.0 CMS suffers from a cross site scripting vulnerability.
| | Author: | 599eme Man | | File Size: | 1463 | | Last Modified: | Jul 8 12:33:39 2009 |
| MD5 Checksum: | ae3d888f67456a985686ce120dcccc64 |
|
| /// File Name: |
classicoracles-sql.txt |
Description:
|
ClassicOracles Daily Horoscopes suffers from a remote SQL injection vulnerability.
| | Author: | Moudi | | File Size: | 1799 | | Last Modified: | Jul 14 16:27:53 2009 |
| MD5 Checksum: | 22d8d24f3575a1fb9bd080d8c7e3f88c |
|
| /// File Name: |
clearcontent-rfilfi.txt |
Description:
|
ClearContent suffers from local and remote file inclusion vulnerabilities in image.php.
| | Author: | MizoZ | | File Size: | 844 | | Last Modified: | Jul 9 20:16:56 2009 |
| MD5 Checksum: | 5268f9d8a2a00dfcba948823d6999e55 |
|
| /// File Name: |
clipbucket-insecure.txt |
Description:
|
Clip Bucket versions 1.7.1 and below suffer from an insecure cookie handling vulnerability.
| | Author: | Qabandi | | File Size: | 3984 | | Last Modified: | Jul 24 19:03:29 2009 |
| MD5 Checksum: | bae0eb6da3e791213a5c8b4ebab11b5e |
|
| /// File Name: |
clone2009-sql.txt |
Description:
|
Ebay Clone 2009 suffers from multiple remote SQL injection vulnerabilities.
| | Author: | MizoZ | | Related Exploit: | ebayclone2009-sql.txt | | File Size: | 1203 | | Last Modified: | Jul 22 17:11:27 2009 |
| MD5 Checksum: | 8a0160c5d95752ce656d93740c3b83c2 |
|
| /// File Name: |
cmschainuk-lfixssshell.txt |
Description:
|
CMS Chainuk versions 1.2 and below suffer from local file inclusion, cross site scripting, and remote shell vulnerabilities.
| | Author: | eLwaux | | File Size: | 3780 | | Last Modified: | Jul 2 01:40:39 2009 |
| MD5 Checksum: | 72b5ee8295a970413fd9061e2200cc20 |
|
| /// File Name: |
comraider-insecure.txt |
Description:
|
COMRaider CreateFolder() and Copy() insecure method hard disk filler exploit.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 5897 | | Last Modified: | Jul 17 18:46:00 2009 |
| MD5 Checksum: | afcba6be72d8c607c58ba50940b6f47c |
|
| /// File Name: |
conpresso-sql.txt |
Description:
|
conpresso version 3.4.8 suffers from a blind SQL injection vulnerability in detail.php.
| | Author: | tmh | | File Size: | 1264 | | Last Modified: | Jul 2 14:22:18 2009 |
| MD5 Checksum: | 3a7831e828890fd28c8be6c11a2c1cbb |
|
| /// File Name: |
CORE-2009-0515.txt |
Description:
|
Core Security Technologies Advisory - A vulnerability was found in the way that WordPress handles some URL requests. This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript code. Arbitrary native code may be run by a malicious attacker if the blog administrator runs injected JavasScript code that edits blog PHP code.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 17554 | | Related CVE(s): | CVE-2009-2334, CVE-2009-2335, CVE-2009-2336 | | Last Modified: | Jul 8 19:04:34 2009 |
| MD5 Checksum: | 33e7dc69441396610a6945868f030b1f |
|
| /// File Name: |
CORE-2009-0519.txt |
Description:
|
Core Security Technologies Advisory - Awakening's Winds3D Viewer, which runs as a plugin within most popular web browsers, is vulnerable to a remotely exploitable arbitrary command execution vulnerability which can be triggered by making the user visit a malicious link/website. Versions 3.5.0.0 and 3.0.0.5 are vulnerable.
| | Author: | Diego Juarez | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 7257 | | Related CVE(s): | CVE-2009-2386 | | Last Modified: | Jul 8 18:54:03 2009 |
| MD5 Checksum: | dd8314606e5d9fe5e80ed6775b92d050 |
|
| /// File Name: |
CORE-2009-0707.txt |
Description:
|
Core Security Technologies Advisory - A remote denial of service vulnerability has been found in Firebird SQL, which can be exploited by a remote attacker to force the server to close the socket where it is listening for incoming connections and to enter an infinite loop, by sending an unexpected 'op_connect_request' message with invalid data to the server. Proof of concept code included.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 13159 | | Related CVE(s): | CVE-2009-2620 | | Last Modified: | Jul 28 15:29:43 2009 |
| MD5 Checksum: | a3a1b73706a9f3a5051b67b289be9ea2 |
|
| /// File Name: |
CVE-2009-1019.tgz |
Description:
|
Oracle version 11.1.0.6.0 win32 denial of service exploit.
| | Author: | Dennis Yurichev | | File Size: | 35641 | | Related CVE(s): | CVE-2009-1019 | | Last Modified: | Jul 24 21:44:17 2009 |
| MD5 Checksum: | 56de590482620d9eed57ab2616404d58 |
|
| /// File Name: |
CVE-2009-1020.tgz |
Description:
|
The Network Foundation component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 suffers from an unspecified vulnerability. Proof of concept code included.
| | Author: | Dennis Yurichev | | File Size: | 44362 | | Related CVE(s): | CVE-2009-1020 | | Last Modified: | Jul 24 21:48:01 2009 |
| MD5 Checksum: | 5cbe81ca8ff50bd26315940033c3a0f3 |
|
| /// File Name: |
CVE-2009-1963.tgz |
Description:
|
This advisory and proof of concept code demonstrates a denial of service vulnerability in Oracle 11g.
| | Author: | Dennis Yurichev | | File Size: | 70586 | | Related CVE(s): | CVE-2009-1963 | | Last Modified: | Jul 24 21:40:49 2009 |
| MD5 Checksum: | 76fa54dfec37f0978cb2618e5821c487 |
|
| /// File Name: |
CVE-2009-1970.tgz |
Description:
|
This advisory and proof of concept exploit demonstrates a denial of service vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7.
| | Author: | Dennis Yurichev | | File Size: | 34398 | | Related CVE(s): | CVE-2009-1970 | | Last Modified: | Jul 24 21:37:05 2009 |
| MD5 Checksum: | 2b60fd4d71bb8e2e2180830212dae8a9 |
|
| /// File Name: |
dbmasters-sql.txt |
Description:
|
dB Masters Multimedia's Content Manager version 4.5 suffers from a remote blind SQL injection vulnerability.
| | Author: | 599eme Man | | File Size: | 1247 | | Last Modified: | Jul 17 18:44:38 2009 |
| MD5 Checksum: | 022e889808f77e7df3afc06105027de7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
