exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2010-06-26

Clicker CMS Blind SQL Injection
Posted Jun 26, 2010
Authored by hacker at sr.gov.yu

Clicker CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 53aea5f301dea447bd0f5913090b5b594b7d6628bde172f9b26819d0ed7cfae8
Joomla JE Story 1.4 SQL Injection
Posted Jun 26, 2010
Authored by L0rd CrusAd3r

The Joomla JE Story component version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 55fda917e4ea6621b9cfcc1503c63d18888a1c25867b2a48c9d48fe0d223c0f2
Simple Fuzzer 0.6.2
Posted Jun 26, 2010
Authored by aaron conole | Site aconole.brad-x.com

Simple Fuzzer is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.

Changes: The latest release adds a number of bug fixes and stability enhancements and also updates the feature-set of the included sniffer.
tags | fuzzer
SHA-256 | 7fcf7aee05ab2a2049ef8d39184286e639df7b34f15f5b6e43a24ec87d86dc8a
Web Wiz Guide Remote File Inclusion
Posted Jun 26, 2010
Authored by kannibal615

Web Wiz Guide suffers from a remote file inclusion vulnerability.

tags | exploit, remote, web, code execution, file inclusion
SHA-256 | 866cf7c625672092751430af640d3da34b008e36fb762c8ea1d095b1cdac3be2
Allwin WinExec cmd.exe ExitProcess Shellcode
Posted Jun 26, 2010
Authored by RubberDuck

195 bytes small Allwin WinExec cmd.exe and ExitProcess shellcode.

tags | shellcode
SHA-256 | e8eb8a98115988394ca6de24d3d78c535fb29fe942b577d3ddd288bdf54a49ce
Zero Day Initiative Advisory 10-115
Posted Jun 26, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-115 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AVM bytecode verifier. Specifically, the newFrameState method performs arithmetic when calculating the size of a stack frame. It implicitly trusts the max_scope and max_stack variables as obtained from the bytecode. By crafting specific values, the integer indicating the size of the frame can be made to overflow. This value is later used during memory copy operations which an attacker can influence to gain arbitrary code execution under the context of the user running the browser.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-2160
SHA-256 | 139e76865c566f8d4bd7f23f54fbaf8173ed164ea7d438acc9c3348fae886f55
Zero Day Initiative Advisory 10-114
Posted Jun 26, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-114 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required in that a target must visit a malicious web page. The specific vulnerability exists within the parsing of an undocumented opcode within Adobe's ActionScript Virtual Machine 2 bytecode. The operand to this opcode is used as an offset to a structure and if set to a malicious value can be pointed to attacker controlled data. The structure contains a function pointer that is later called. If an attacker modifies the controlled data pointed to by the invalid offset, this function pointer can be set to point to malicious code thus gaining execution under the context of the user running the browser.

tags | advisory, web, arbitrary
advisories | CVE-2010-2160
SHA-256 | bc523bf97a29c0519e786f3f7ff150ec48db8fe0ec2c26715708d5e08820be3f
ASRC Really Simple Chat 3.3 Cross Site Scripting / Remote File Inclusion
Posted Jun 26, 2010
Authored by Zer0 Thunder

ASRC Really Chat version 3.3 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
SHA-256 | 2d8b92762790672e65568ce3dbe44be5682e1357d3c46d68ceb309e9dd419e1a
2daybiz B2B Portal Script SQL Injection
Posted Jun 26, 2010
Authored by r45c4l

2daybiz B2B Portal Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f21c22f477dd5406504394bc12292d7f4280c443a3329bd68c146b0eebb58ed3
Simple Machines Forum 1.1.11 Change Administrator Password
Posted Jun 26, 2010
Authored by ShaDow-D3v1L

Simple Machines Forum version 1.1.11 suffers from a remote administrative password changing vulnerability.

tags | exploit, remote
SHA-256 | 2728719224d039cf9a9a9eb0c582fd3458662bdaf3fdd638178b573e4d2809b3
Allomani And Clips 2.7.0 Cross Site Request Forgery
Posted Jun 26, 2010
Authored by G0D-F4Th3r

Allomani and Clips version 2.7.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 770f3cca312c9180eb770cb5d3eba54d2ee457fbb84051f94183756c7f826034
FieldNotes 32 5.0 SEH Overwrite
Posted Jun 26, 2010
Authored by TecR0c | Site corelan.be

FieldNotes 32 version 5.0 SEH overwrite local exploit that produces a malicious .dxf file.

tags | exploit, overflow, local
SHA-256 | f75c21baa55aab7b4a56e64265927e5c83a13dfe8d7b75f74e3384b105fabf2d
VMware Security Advisory 2010-0010
Posted Jun 26, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Multiple security vulnerabilities have been addressed in the ESX 3.5 third party update for Service Console kernel.

tags | advisory, kernel, vulnerability
advisories | CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, CVE-2009-3547, CVE-2009-2698, CVE-2009-2692
SHA-256 | aa1a26637b1e580254f4bbb305140b8c04268ad3825842369f0d59c42358231a
HP Security Bulletin HPSBUX02544 SSRT100107
Posted Jun 26, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2010-1321
SHA-256 | 74962b06b4a33ce0a59c0eac814963277e24f8113b42042b84eecfd2ac0c3973
Cisco ASA HTTP Response Splitting
Posted Jun 26, 2010
Authored by Daniel King

Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim?s web browser within the security context of the Adaptive Security Appliance site. Versions 8.1(1) and earlier are affected.

tags | exploit, remote, web
systems | cisco
advisories | CVE-2008-7257
SHA-256 | 3064d44bee1b7468da72c1186ac4343d80636c9c5e6f3943f1d2992b6d3100b1
Geomau 7 Local Buffer Overflow
Posted Jun 26, 2010
Authored by MadjiX

Geomau 7 .wg2 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 2f39bfb7dae3475663d63ece63cce9d2d32d173cdbaf300971c8f48d9a9effc9
THC-IPV6 Attack Tool 1.2
Posted Jun 26, 2010
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Test case added to implementation6.
tags | protocol
SHA-256 | 1feae3b40bec40fb79876c35a511b5cb596fdef9ebe443b049104963156dde91
Wincalc 2 Local Buffer Overflow
Posted Jun 26, 2010
Authored by MadjiX

Wincalc 2 .num local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 44b63ce263198b0ebb00b88643c8dcee37b44f8b7464701659bc6a8c5fb4ac85
Big Forum 5.2 Shell Upload / Local File Inclusion
Posted Jun 26, 2010
Authored by Zer0 Thunder

Big Forum version 5.2 suffers from local file inclusion and shell upload vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
SHA-256 | 5b7303c4822a22c842f844bc09abef70c6b23363fda5ea6748fef2983e191671
Delete All Data Polymorphic Shellcode
Posted Jun 26, 2010
Authored by gunslinger | Site gunslingerc0de.wordpress.com

40 bytes small sys_rmdir("/") Linux / x86 polymorphic shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | eca5aca59dac15b0821be80cb2a5b864977ed5c5d6cc446883dbfe9cbd55dc78
Delete All Data Shellcode
Posted Jun 26, 2010
Authored by gunslinger | Site gunslingerc0de.wordpress.com

16 bytes small delete all data on filesystem Linux / x86 shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | afd825b68c8dbcf1b142e9fbba04c8f2151522ffee1307067fd466ef99a5b81d
2daybiz B2B Portal Script SQL Injection
Posted Jun 26, 2010
Authored by JaMbA

2daybiz B2B Portal Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 671c4a5b26f146435b51df429b7f693f13648271cc5622292eca0bea66718f26
BPTraveling Site SQL Injection
Posted Jun 26, 2010
Authored by JaMbA

BPTraveling Site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | eb90638fcffba6478b8a2422745f52f345f0e815665bc096e49887c7ec8ffc7a
XT-Commerce 3.0.4 SQL Injection
Posted Jun 26, 2010
Authored by 5ev3n

XT-Commerce version 3.0.4 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 1cdcb2f02c42cc0deaffc029a7ac12bdf79ac5f32d3d5853516f5769bc4144aa
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close