Section: .. / 0508-exploits /
| /// File Name: |
silvernews203.txt |
Description:
|
Silvernews versions 2.0.3 and below suffer from SQL injection, login bypass, remote command execution, and cross site scripting flaws.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 1403 | | Last Modified: | Aug 5 03:45:38 2005 |
| MD5 Checksum: | cd2b1d924a6824ef896db080f1dc72d7 |
|
| /// File Name: |
bbcodeLogout.txt |
Description:
|
Proof of concept information for a flaw in BBCode that works against vBulletin and phpBB.
| | Author: | h4cky0u | | Homepage: | http://www.h4cky0u.org | | File Size: | 1401 | | Last Modified: | Aug 24 00:47:21 2005 |
| MD5 Checksum: | 6d35da96e7140acf5dc447d925174aaf |
|
| /// File Name: |
naxtorShop.txt |
Description:
|
Naxtor Shopping Cart 1.0 is susceptible to cross site scripting, SQL injection, and information disclosure vulnerabilities.
| | Author: | John Cobb | | Homepage: | http://www.NoBytes.com | | File Size: | 1355 | | Last Modified: | Aug 5 03:13:36 2005 |
| MD5 Checksum: | c1109170d635c65df586c88031bbdf51 |
|
| /// File Name: |
lduSQL.txt |
Description:
|
Land Down Under versions 801 and below suffer from multiple SQL injection vulnerabilities. Full details provided.
| | Author: | matrix_killer | | Homepage: | http://www.h4cky0u.org | | File Size: | 1315 | | Last Modified: | Aug 31 01:45:23 2005 |
| MD5 Checksum: | eb9df365250444e4b536d1fb2e55e3aa |
|
| /// File Name: |
autolinks21.txt |
Description:
|
AutoLinks Pro 2.1 suffers from a remote file inclusion vulnerability.
| | Author: | NewAngels Team | | File Size: | 1308 | | Last Modified: | Aug 31 01:22:26 2005 |
| MD5 Checksum: | a9273540bd7022124f6c8cb05c02da63 |
|
| /// File Name: |
grandstream-DoS.pl.txt |
Description:
|
Denial of service exploit for the Grandstream Budge Tone 101/102 VOIP phone that sends UDP packets larger than 65534 bytes in size to port 5060.
| | Author: | Pierre Kroma | | Related File: | Grandstream.txt | | File Size: | 1288 | | Last Modified: | Aug 13 02:52:52 2005 |
| MD5 Checksum: | 55b5381d4cdf567a6ccc4d0618081fbc |
|
| /// File Name: |
phpkit161.txt |
Description:
|
PHPKit 1.6.1 suffers from various SQL and PHP injection attacks.
| | Author: | phuket | | File Size: | 1278 | | Last Modified: | Aug 24 03:15:38 2005 |
| MD5 Checksum: | 1e06c82655f6a9df83e573597bc58690 |
|
| /// File Name: |
rsaXSS.txt |
Description:
|
Definition of irony: Three cross site scripting vulnerabilities have been discovered in the RSA Security Blog entitled "Speaking of Security".
| | Author: | Rodrigo Gutierrez | | File Size: | 1275 | | Last Modified: | Aug 15 01:05:37 2005 |
| MD5 Checksum: | 1d0636b787b9e7133990aaf3e0fd0cbe |
|
| /// File Name: |
ContivitySystem.txt |
Description:
|
When the Nortel Contivity VPN Client client is running as a service, it is possible to manipulate the interface of the client and escalate privileges to that of the LocalSystem account. Version 05_01.030 is affected.
| | Author: | Jeff Peadro | | File Size: | 1266 | | Last Modified: | Aug 11 01:06:44 2005 |
| MD5 Checksum: | 2dc8e01c10369e2582e95e1f7055f609 |
|
| /// File Name: |
flat256.html |
Description:
|
FlatNuke version 2.5.6 suffers from remote command execution, cross site scripting, and path disclosure flaws. Detailed exploitation provided.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 1254 | | Last Modified: | Aug 31 02:51:23 2005 |
| MD5 Checksum: | 11acdd9d2ced8d0e8654998fccb7e62b |
|
| /// File Name: |
phpldap.html |
Description:
|
phpLDAPadmin versions 0.9.6 through 0.9.7/alpha5 suffer from directory traversal, remote code execution and cross site scripting vulnerabilities. Detailed exploitation provided.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 1226 | | Last Modified: | Aug 31 02:04:26 2005 |
| MD5 Checksum: | 3a75a213f873a5a71289eba8299c2757 |
|
| /// File Name: |
quickDoS.txt |
Description:
|
Quick'n'Easy FTP server 3.0 pro and lite suffer from a remote buffer overflow vulnerability that can result in a denial of service.
| | Author: | matiteman | | File Size: | 1189 | | Last Modified: | Aug 5 02:52:51 2005 |
| MD5 Checksum: | 3d12df00cbada7c7534f5d4d49f8f8b3 |
|
| /// File Name: |
ezuploadRemote.txt |
Description:
|
Ezupload suffers from remote file inclusion vulnerabilities.
| | Author: | Johnnie Walker | | File Size: | 1136 | | Last Modified: | Aug 11 00:33:06 2005 |
| MD5 Checksum: | 8994b31bf62bab8495333a8df8e1f673 |
|
| /// File Name: |
woltlab233.txt |
Description:
|
Woltlab Burning Board versions 2.3.3 and below suffer from SQL injection flaws in modcp.php.
| | Author: | [R] | | Homepage: | http://rootbox.cx.la/ | | File Size: | 1010 | | Last Modified: | Aug 24 00:24:35 2005 |
| MD5 Checksum: | 40e269baa395760ed2d158fabc2f3339 |
|
| /// File Name: |
landDownUnder.txt |
Description:
|
Bugs Land Down Under version 800 is susceptible to multiple SQL injection and cross site scripting bugs.
| | Author: | bl2k, SmallMouse | | Homepage: | http://www.shabgard.org | | File Size: | 965 | | Last Modified: | Aug 24 00:13:27 2005 |
| MD5 Checksum: | 7d15a77282edf0261efdb4f04dbb6755 |
|
| /// File Name: |
vegadns-dyn0.txt |
Description:
|
VegaDNS suffers from a cross site scripting flaw, amongst others.
| | Author: | dyn0 | | Homepage: | http://0xdeadface.co.uk | | File Size: | 964 | | Last Modified: | Aug 10 01:22:56 2005 |
| MD5 Checksum: | d2a1b335b860cf7775deef38a3410981 |
|
| /// File Name: |
PortailPHP.txt |
Description:
|
PortailPHP 2.4 allows for SQL injection attacks.
| | Author: | Abducter | | File Size: | 955 | | Last Modified: | Aug 5 03:54:04 2005 |
| MD5 Checksum: | 8d9c05c26e0316e763484783b8947b19 |
|
| /// File Name: |
openSQL.txt |
Description:
|
Open Bulletin Board is susceptible to multiple SQL injection attacks. All versions are affected. Sample exploitation provided.
| | Author: | Abducter | | Homepage: | http://www.s4a.cc | | File Size: | 890 | | Last Modified: | Aug 10 01:29:36 2005 |
| MD5 Checksum: | e05ba222117ffe789e97f548d5aae8e8 |
|
| /// File Name: |
phpwebnotes.txt |
Description:
|
phpWebNotes version 2.0.0-pr1 suffers from a remote inclusion vulnerability that may allow for cross site scripting attacks.
| | Author: | Norbert | | File Size: | 871 | | Last Modified: | Aug 28 15:20:45 2005 |
| MD5 Checksum: | 6771a439057aac9e9acef007389b8f28 |
|
| /// File Name: |
lduXSS2.txt |
Description:
|
Land Down Under suffers from cross site scripting vulnerabilities in the signature and topic payloads.
| | Author: | spyMASter | | File Size: | 804 | | Last Modified: | Aug 31 01:18:57 2005 |
| MD5 Checksum: | 38e1144d56f1c9a6cdeb36bb6a7a7238 |
|
| /// File Name: |
onunload.txt |
Description:
|
In nearly all browsers you can overwrite the window location in the 'onunload' event. This has been tested against Firefox, Opera, and Internet Explorer.
| | Author: | Tobias Boonstoppel | | File Size: | 773 | | Last Modified: | Aug 25 00:57:48 2005 |
| MD5 Checksum: | cb19d56d011a3ec5af3696705135f266 |
|
| /// File Name: |
phptb20.txt |
Description:
|
PHPTB Topic Boards 2.0 is susceptible to a SQL injection attack.
| | Author: | aLMaSTeR HaCKeR | | File Size: | 593 | | Last Modified: | Aug 17 01:00:23 2005 |
| MD5 Checksum: | 58075d11875a9ffbfaccd264fc4f6380 |
|
| /// File Name: |
foojanInject.txt |
Description:
|
Foojan PHP Weblog suffers from an injection flaw when trusting an unsanitized HTTP_REFERER payload.
| | Author: | ali202 | | File Size: | 583 | | Last Modified: | Aug 25 01:16:23 2005 |
| MD5 Checksum: | 8d7c5ecdfa9b64b6f5372f8fa0e32db2 |
|
| /// File Name: |
nordXSS.txt |
Description:
|
Nordstrom's website is susceptible cross site scripting attacks.
| | Author: | Jeff Peadro | | File Size: | 499 | | Last Modified: | Aug 17 01:04:00 2005 |
| MD5 Checksum: | ccde934bcb2be4c445b17f410caaf369 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
