Section: .. / 0606-exploits /
| /// File Name: |
flockd0s.txt |
Description:
|
POC code that crashes the Flock web browser using the marquee tag bug. Tested on Flock beta 1 (v0.7) and XP service pack 1.
| | Author: | co296 | | File Size: | 1166 | | Last Modified: | Jun 28 22:49:31 2006 |
| MD5 Checksum: | 25d0ec9d9acf5e3458dadb60ed6b8246 |
|
| /// File Name: |
xmepftp.txt |
Description:
|
XM Easy Personal FTP server version 5.0.1 remote overflow proof of concept exploit.
| | Author: | Jerome Athias | | Homepage: | https://www.securinfos.info/ | | File Size: | 925 | | Last Modified: | Jun 27 03:10:15 2006 |
| MD5 Checksum: | de4f605683f73b4379cd668e2cb712f8 |
|
| /// File Name: |
cbsms.txt |
Description:
|
The CBSMS Mambo module versions 1.0 and below are susceptible to a remote file inclusion vulnerability.
| | Author: | Kw3rLN | | Homepage: | http://www.h4cky0u.org/ | | File Size: | 1594 | | Last Modified: | Jun 27 03:08:21 2006 |
| MD5 Checksum: | 3ae11568f125e151ca9903b64bfdcc0c |
|
| /// File Name: |
MyMail.txt |
Description:
|
The MyMail script from codingclick.com suffers from directory traversal and cross site scripting flaws.
| | Author: | Botan | | File Size: | 796 | | Last Modified: | Jun 27 02:56:55 2006 |
| MD5 Checksum: | 8a91f1226bae4d97c96df16a27441c4c |
|
| /// File Name: |
cpanel10.txt |
Description:
|
Cpanel is susceptible to code injection attacks that allow for cross site scripting.
| | Author: | Preth00nker | | Homepage: | http://MexHackTeam.org/ | | File Size: | 1203 | | Last Modified: | Jun 27 02:50:01 2006 |
| MD5 Checksum: | e757a1e784fa87146d6503cfa1105bc5 |
|
| /// File Name: |
hx.pl.txt |
Description:
|
DeluxeBB versions 1.07 and below Create Admin exploit that utilizes cp.php.
| | Author: | Hessam-x | | Homepage: | http://www.h4ckerz.com | | File Size: | 1909 | | Last Modified: | Jun 27 02:43:06 2006 |
| MD5 Checksum: | 12fdb7cc04f7ea1979d3f96866ced5ef |
|
| /// File Name: |
openGuestbook.txt |
Description:
|
OpenGuestbook version 0.5 is susceptible to cross site scripting and SQL injection flaws.
| | Author: | simo64 | | File Size: | 1130 | | Last Modified: | Jun 27 02:35:39 2006 |
| MD5 Checksum: | 6ad918306fdbaa7f591fd90c70d42e2d |
|
| /// File Name: |
BitchX-dohook.c |
Description:
|
BitchX (epic) versions 1.1-final and below do_hook() boundary check error remote denial of service exploit.
| | Author: | Federico L. Bossi Bonin | | File Size: | 2268 | | Last Modified: | Jun 27 02:24:22 2006 |
| MD5 Checksum: | 8ffd1d070c688eeee903ef45a99ce72f |
|
| /// File Name: |
dreamaccount.txt |
Description:
|
DreamAccount version 3.1 remote command execution exploit.
| | Author: | CrAsh_oVeR_rIdE, Drago84 | | Homepage: | http://www.lezr.com | | File Size: | 2771 | | Last Modified: | Jun 27 02:13:35 2006 |
| MD5 Checksum: | 218e5daaf357cb14dac78a851a26931e |
|
| /// File Name: |
TUVSA-0606-001.txt |
Description:
|
Technical University of Vienna Security Advisory - QaTraq versions 6.5 RC and below suffer from multiple cross site scripting vulnerabilities.
| | Homepage: | http://www.seclab.tuwien.ac.at | | File Size: | 24350 | | Last Modified: | Jun 27 02:03:20 2006 |
| MD5 Checksum: | 2e37ff4165556651ed0f1e2ce027c4ae |
|
| /// File Name: |
vlBookXSS.txt |
Description:
|
vlBook version 1.02 is susceptible to a cross site scripting flaw.
| | Author: | Omnipresent | | File Size: | 1054 | | Last Modified: | Jun 27 02:00:17 2006 |
| MD5 Checksum: | f6f67f524006ceb86fcfb8fc20c40dba |
|
| /// File Name: |
softbizDating.txt |
Description:
|
Softbiz Dating version 1.0 is susceptible to SQL injection attacks.
| | Author: | Ellipsis Security | | Homepage: | http://www.ellsec.org/ | | File Size: | 799 | | Last Modified: | Jun 27 01:24:34 2006 |
| MD5 Checksum: | d95cee7de6325027206b249dc57ed8cb |
|
| /// File Name: |
datingAgent.txt |
Description:
|
Dating Agent PRO version 4.7.1 is susceptible to SQL injection and cross site scripting attacks.
| | Author: | Ellipsis Security | | Homepage: | http://www.ellsec.org/ | | File Size: | 1197 | | Last Modified: | Jun 27 01:23:25 2006 |
| MD5 Checksum: | 96eb3aca353506213fa7fb2070693a77 |
|
| /// File Name: |
aeDating41.txt |
Description:
|
aeDating version 4.1 is susceptible to cross site scripting attacks.
| | Author: | Ellipsis Security | | Homepage: | http://www.ellsec.org/ | | File Size: | 764 | | Last Modified: | Jun 27 01:22:27 2006 |
| MD5 Checksum: | 035c6f9fdd0f0a676839917ea44cee5a |
|
| /// File Name: |
WBB-newthread.txt |
Description:
|
WBB version 2.0 RC2 suffers from a SQL injection vulnerability in newthread.php.
| | Author: | CrAzY CrAcKeR | | File Size: | 365 | | Last Modified: | Jun 27 01:17:30 2006 |
| MD5 Checksum: | 4dbb27313720f57bffd1c5373e417b20 |
|
| /// File Name: |
WBB-showmods.txt |
Description:
|
WBB version 1.2 suffers from a SQL injection vulnerability in showmods.php.
| | Author: | CrAzY CrAcKeR | | File Size: | 364 | | Last Modified: | Jun 27 01:16:59 2006 |
| MD5 Checksum: | 2c16e87643872e098527145b16b3bd14 |
|
| /// File Name: |
WBB-report.txt |
Description:
|
WBB version 2.3.1 suffers from a SQL injection vulnerability in report.php.
| | Author: | CrAzY CrAcKeR | | File Size: | 361 | | Last Modified: | Jun 27 01:16:22 2006 |
| MD5 Checksum: | 93ba3784c19d71f1d0ba5932c5c263e9 |
|
| /// File Name: |
adv34-theday-2006.txt |
Description:
|
W-Agora (Web-Agora) versions 4.2.0 and below suffer from remote file inclusion flaws.
| | Author: | the_day | | Homepage: | http://theday.echo.or.id/ | | File Size: | 4156 | | Last Modified: | Jun 27 01:15:15 2006 |
| MD5 Checksum: | e1cca27330361ed2917e72801fb30c87 |
|
| /// File Name: |
phpbluedragon-2.txt |
Description:
|
More information on the remote file inclusion flaw that affects PHPBlueDragon CMS versions 2.9.1 and below.
| | Author: | shm | | Related Exploit: | phpbluedragon.txt | | File Size: | 1105 | | Last Modified: | Jun 27 01:14:03 2006 |
| MD5 Checksum: | b715c53cd96754aac8d8981015643dfe |
|
| /// File Name: |
Kil13r-SA-20060622-2.txt |
Description:
|
Namo DeepSearch versions 4.5 and below suffer from an arbitrary javascript code injection vulnerability.
| | Author: | Kil13r | | Homepage: | http://www.kil13r.info/ | | File Size: | 930 | | Last Modified: | Jun 27 01:09:43 2006 |
| MD5 Checksum: | 34f4c4c78097600a5fb2525a87df0ac4 |
|
| /// File Name: |
Kil13r-SA-20060622-1.txt |
Description:
|
NetSoft SmartNet version 2.0 is susceptible to a cross site scripting flaw.
| | Author: | Kil13r | | Homepage: | http://www.kil13r.info/ | | File Size: | 949 | | Last Modified: | Jun 27 01:08:16 2006 |
| MD5 Checksum: | 0f6372ad2c2e06a60a2c915c8bb62ac3 |
|
| /// File Name: |
calendarSQL.txt |
Description:
|
Calendar from Codewalkers is susceptible to a SQL injection flaw.
| | Author: | Silitix | | Homepage: | http://www.Silitix.com | | File Size: | 365 | | Last Modified: | Jun 27 01:06:23 2006 |
| MD5 Checksum: | 1c939c1b71be380d7f06ad4ddc621d35 |
|
| /// File Name: |
abi06.txt |
Description:
|
International Chamber of E-Commerce is vulnerable to authentication bypass due to a lack of input sanitization.
| | Author: | m07hm4n | | File Size: | 509 | | Last Modified: | Jun 27 01:02:38 2006 |
| MD5 Checksum: | b4b14d475a43b10e2fcf187476c25bb6 |
|
| /// File Name: |
somechess.txt |
Description:
|
Somechess version 1.5 rc1 is susceptible to a cross site scripting flaw.
| | Author: | luny | | File Size: | 803 | | Last Modified: | Jun 27 00:53:11 2006 |
| MD5 Checksum: | a219ec3d9c99b9695c82da7a90c1b62d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
