Section: .. / 0605-exploits /
| /// File Name: |
SEC-20060512-0.txt |
Description:
|
SEC-CONSULT Security Advisory 20060512-0 - The Symantec Enterprise Firewall leaks internal IPs of natted machines in response to certain HTTP requests. Version 8.0 is vulnerable.
| | Author: | Bernhard Mueller | | Homepage: | http://www.sec-consult.com | | File Size: | 3042 | | Last Modified: | May 21 15:20:55 2006 |
| MD5 Checksum: | 45efb7adcb6dbcfec7f0bab930904131 |
|
| /// File Name: |
ipswitchXSS.txt |
Description:
|
Ipswitch WhatsUp Professional suffers from source disclosure, information disclosure, and cross site scripting flaws. Weaknesses are confirmed in version 2006. Earlier versions may also be susceptible.
| | Author: | David Maciejak | | File Size: | 1287 | | Last Modified: | May 21 15:11:46 2006 |
| MD5 Checksum: | b2debe79832942b4a35c1a7ad4af0af2 |
|
| /// File Name: |
phpBBcharts.txt |
Description:
|
The phpBB charts.php code suffers from cross site scripting and SQL injection flaws.
| | Homepage: | http://www.LoK-Crew.de | | File Size: | 369 | | Last Modified: | May 21 15:09:44 2006 |
| MD5 Checksum: | 0ee5e39913d36a618fd750a4cfd02138 |
|
| /// File Name: |
magnolia.txt |
Description:
|
Magnolia CMS suffers from a script insertion vulnerability.
| | Author: | Kiki | | Homepage: | http://kiki91.altervista.org | | File Size: | 600 | | Last Modified: | May 21 14:55:36 2006 |
| MD5 Checksum: | 7a041569538175ebc183532f3d34ac83 |
|
| /// File Name: |
ozjournals.txt |
Description:
|
OZJournals versions 1.2 and below suffer from a cross site scripting vulnerability.
| | Author: | Kiki | | Homepage: | http://kiki91.altervista.org | | File Size: | 1405 | | Last Modified: | May 21 14:54:08 2006 |
| MD5 Checksum: | 109dd9670f7702d0c2605f153530b010 |
|
| /// File Name: |
unb_161p1_incl_xpl.txt |
Description:
|
Remote exploit for an arbitrary file inclusion flaw in Unclassified NewsBoard versions 1.6.1 and below.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 14680 | | Last Modified: | May 21 14:51:40 2006 |
| MD5 Checksum: | e8f16fb1802a3ed9184772e24f918336 |
|
| /// File Name: |
eBD-es.txt |
Description:
|
eBusiness Designer versions 3.1.4 and below suffer from arbitrary file upload, code execution, and cross site scripting flaws. Spanish version of this advisory.
| | Author: | Pedro Andujar | | Homepage: | http://www.digitalsec.es/ | | File Size: | 10305 | | Last Modified: | May 21 14:31:11 2006 |
| MD5 Checksum: | 0205f6041a18dab18e3cc221349d0add |
|
| /// File Name: |
eBD-en.txt |
Description:
|
eBusiness Designer versions 3.1.4 and below suffer from arbitrary file upload, code execution, and cross site scripting flaws. English version of this advisory.
| | Author: | Pedro Andujar | | Homepage: | http://www.digitalsec.es/ | | File Size: | 9858 | | Last Modified: | May 21 14:30:48 2006 |
| MD5 Checksum: | 8e1244d56d06ba6677b6b713ca60b897 |
|
| /// File Name: |
ONE.zip |
Description:
|
Proof of concept CHM file that demonstrates a heap corruption vulnerability in the Microsoft Infotech Storage System Library (itss.dll).
| | Homepage: | http://www.reversemode.com | | Related File: | msinfotech.txt | | File Size: | 112444 | | Last Modified: | May 21 14:00:42 2006 |
| MD5 Checksum: | c6ba8f0637847f344f09749d03f8ee17 |
|
| /// File Name: |
tseekdircgi |
Description:
|
tseekdir.cgi suffers from a local file inclusion vulnerability.
| | Author: | BoNy-m | | Homepage: | http://www.alshmokh.com | | File Size: | 354 | | Last Modified: | May 17 17:14:34 2006 |
| MD5 Checksum: | b34d400f4463d4f130a360da4bf1068a |
|
| /// File Name: |
PhpListPro.txt |
Description:
|
PhpListPro version 2.01 is susceptible to a remote file inclusion vulnerability that allows for remote code execution.
| | Author: | SnoB | | Homepage: | http://www.cyber-security.org/ | | File Size: | 518 | | Last Modified: | May 17 03:23:23 2006 |
| MD5 Checksum: | 532a808c011007c7299cec5265b0d6ab |
|
| /// File Name: |
phpfusion600306.txt |
Description:
|
PHPFusion versions 6.00.306 and below avatar mod_mime arbitrary file upload and local inclusion exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 22633 | | Last Modified: | May 17 03:21:56 2006 |
| MD5 Checksum: | f5bcf8710f13d1708ad87f44dc1fa466 |
|
| /// File Name: |
ActualAnalyzer688.txt |
Description:
|
ActualAnalyzer version 6.88 suffers from a remote code execution vulnerability.
| | Author: | ReZEN | | File Size: | 3807 | | Last Modified: | May 17 02:49:42 2006 |
| MD5 Checksum: | b6a740ec3d33569373e7a2392227e88d |
|
| /// File Name: |
phpRaid-2.txt |
Description:
|
phpRaid versions 3.0.b3 through 2.9.5 suffer from a remote file inclusion vulnerability when used with SMF.
| | Author: | botan | | File Size: | 1064 | | Last Modified: | May 9 16:44:29 2006 |
| MD5 Checksum: | 387d548a7f99e28373b8167d10209d24 |
|
| /// File Name: |
phpRaid-1.txt |
Description:
|
phpRaid versions 3.0.b3 through 2.9.5 suffer from a remote file inclusion vulnerability when used with the phpBB portal.
| | Author: | botan | | File Size: | 1379 | | Last Modified: | May 9 16:43:48 2006 |
| MD5 Checksum: | dc48606f7b4e33e7d2897d47f1e2f3b7 |
|
| /// File Name: |
singapore097.txt |
Description:
|
Singapore version 0.9.7 suffers from cross site scripting vulnerabilities.
| | Author: | alp_eren | | Homepage: | http://www.ayyildiz.org | | File Size: | 559 | | Last Modified: | May 9 16:36:13 2006 |
| MD5 Checksum: | 3750f35c0538b2df982bea6469553bff |
|
| /// File Name: |
dokeos.txt |
Description:
|
Dokeos Learning Management System version 1.6.4 remote file inclusion exploit.
| | Author: | beford | | File Size: | 2261 | | Last Modified: | May 9 16:32:10 2006 |
| MD5 Checksum: | e403baffbe1d4a6745044faaadce24ee |
|
| /// File Name: |
eqdkp.txt |
Description:
|
EQdkp versions 1.3.0 and below suffer from a remote file inclusion flaw.
| | Author: | OLiBekaS | | File Size: | 259 | | Last Modified: | May 9 16:26:53 2006 |
| MD5 Checksum: | ef679ab8be7772a7679d3103b8870f0a |
|
| /// File Name: |
OpenEngineTraverse.txt |
Description:
|
OpenEngine CMS versions 1.8 Beta 2 and below are susceptible to directory traversal attacks.
| | Author: | ck | | File Size: | 1145 | | Last Modified: | May 9 16:24:25 2006 |
| MD5 Checksum: | 4ac124bc81e4b33193315480607a790d |
|
| /// File Name: |
philbookmark.txt |
Description:
|
Phil's Bookmark script allows for direct administrative access without authentication.
| | Author: | alp_eren | | Homepage: | http://www.ayyildiz.org | | File Size: | 226 | | Last Modified: | May 9 16:22:55 2006 |
| MD5 Checksum: | 336591fb0f8e9fb99c22ad6a65119036 |
|
| /// File Name: |
limboCMS.txt |
Description:
|
Limbo CMS remote SQL injection exploit.
| | Homepage: | http://cyber-security.org/ | | File Size: | 1387 | | Last Modified: | May 9 16:21:13 2006 |
| MD5 Checksum: | 0ee2547133292e0541c3b2db144dcfe9 |
|
| /// File Name: |
ISPConfig.txt |
Description:
|
ISPConfig versions 2.2.2 and below suffer from a remote command execution vulnerability.
| | Author: | ReZEN | | Homepage: | http://www.xorcrew.net/ | | File Size: | 3814 | | Last Modified: | May 9 16:19:54 2006 |
| MD5 Checksum: | a6802141e9c78e210ba77d6d8122ce1a |
|
| /// File Name: |
1asphost.txt |
Description:
|
1ASPHost and Domain DLX hosting services suffer from cross site scripting flaws.
| | Author: | Spymeta | | File Size: | 1359 | | Last Modified: | May 9 16:18:33 2006 |
| MD5 Checksum: | dd54b31260ba9c9ff85e192a69cf7a08 |
|
| /// File Name: |
playersXSS.txt |
Description:
|
players.py on Alexadex.com is susceptible to cross site scripting.
| | Author: | skinnypuppy | | File Size: | 628 | | Last Modified: | May 9 16:17:40 2006 |
| MD5 Checksum: | 237031cada8ca278debea6d8fe2395e5 |
|
| /// File Name: |
bl4ck_awstats_migrate_cmd_inj.py.tx..> |
Description:
|
Remote shell command injection exploit for AWStats versions 6.5 and below.
| | Author: | redsand | | File Size: | 3447 | | Last Modified: | May 6 18:02:27 2006 |
| MD5 Checksum: | 15748dc0bac06497e96edf06896e3d65 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
