Showing 1 - 25 of 350

Files

Packet Storm New Exploits For January, 2012: Posted Feb 1, 2012; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 351 exploits added to Packet Storm in January, 2012.; tags | exploit; systems | linux; SHA-256 | fce0c96724a5282b8c925caac704e1249f388abd90e7a277f6a45fb52d5647f5; Download | Favorite | View

Mindjet MindManager 2012 10.0.493 Buffer Overflow / Denial Of Service: Posted Jan 31, 2012; Authored by LiquidWorm | Site zeroscience.mk; Mindjet MindManager 2012 version 10.0.493 suffers from buffer overflow and denial of service vulnerabilities.; tags | exploit, denial of service, overflow, vulnerability; SHA-256 | b50eec5a80d46febd6c5ebb66680d9b098509d98e414986b60dc5cb207e949e1; Download | Favorite | View

Ez Album Blind SQL Injection: Posted Jan 31, 2012; Authored by Red Security TEAM; Ez Album suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 86ab2ada6506babeabdfbd62d8142f04453bcb2e820296718e246a63c0acd478; Download | Favorite | View

Adobe Flash Player Code Execution: Posted Jan 31, 2012; Authored by Abysssec | Site abysssec.com; Adobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.; tags | exploit, remote, code execution; advisories | CVE-2011-2140; SHA-256 | 3acb530b7f85bf741ad44237de6b7293c688e170361a89a5dd01b37019556114; Download | Favorite | View

phpShowtime Directory Traversal: Posted Jan 31, 2012; Authored by Red Security TEAM; phpShowtime suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 8a4bbe25f1a3c1fed5ed15d358fd517c723c0ed83ebf79c6e3fd64e08de4109b; Download | Favorite | View

EdrawSoft Office Viewer Component ActiveX 5.6 Buffer Overflow: Posted Jan 31, 2012; Authored by LiquidWorm | Site zeroscience.mk; EdrawSoft Office Viewer Component ActiveX version 5.6.5781 suffers from a buffer overflow vulnerability when parsing large amount of bytes to the FtpUploadFile member in FtpUploadFile() function, resulting memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code.; tags | exploit, overflow, arbitrary, activex; SHA-256 | aa458d428c88b317e3d19885fabb2292797100d9c42881cb18343f476bfa04eb; Download | Favorite | View

Harvard SQL Injection: Posted Jan 31, 2012; Authored by CraCkEr; The gmwgroup.harvard.edu site suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 9b31adfeeeb15dba05ccae05f70de51756aa20d4affa14b0fc159a4ef8c11f8d; Download | Favorite | View

Apache protocol.c Cookie Disclosure: Posted Jan 31, 2012; Authored by pilate; Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.; tags | exploit, remote, protocol, proof of concept, info disclosure; advisories | CVE-2012-0053; SHA-256 | 8ed00b4f23edfe2b2af525954e40495839b29d37c0b5551d4d504b39aa8089c0; Download | Favorite | View

Agent Zone Vastal I-Tech Real Estate SQL Injection: Posted Jan 31, 2012; Authored by Muhammet Cagri Tepebasili; Agent Zone Vastal I-Tech Real Estate script suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 235eec2c8bd36e3b74c1f77020a028975f67e752a66e4c42f5bcb0b0e674663f; Download | Favorite | View

Forbes Cross Site Scripting: Posted Jan 31, 2012; Authored by r007k17-w; The blogs.forbes.com site suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1651bd395a33d5176737bdd69d4bd00057454affe4a2af9862c10eb5be628cf4; Download | Favorite | View

4Images 1.7.10 Cross Site Scripting: Posted Jan 31, 2012; Authored by d3v1l, RandomStorm; 4Images version 1.7.10 suffers from a cross site scripting vulnerability in the administrative panel.; tags | exploit, xss; SHA-256 | 7dd9e0133074644527dd2a56ecee765075f79c519bfc221648d9e2b3e5b1b2f4; Download | Favorite | View

Campaign Enterprise 11.0.421 SQL Injection: Posted Jan 31, 2012; Authored by Craig Freyman; Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931f; Download | Favorite | View

vBSEO 3.6.0 PHP Code Injection: Posted Jan 31, 2012; Authored by EgiX | Site metasploit.com; This Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.; tags | exploit, arbitrary, php; SHA-256 | b234422868d75376b871ce3713cf474fa00f5083853c55303eeb65ebd679721a; Download | Favorite | View

Joomla CRHotels SQL Injection: Posted Jan 31, 2012; Authored by the_cyber_nuxbie; The Joomla CRHotels component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | a5210a9d170a3d58dedb14ef2753a0bd0a19beb2c575d1b8fbee04bc2d2dde88; Download | Favorite | View

TWiki Cross Site Scripting: Posted Jan 31, 2012; Authored by Sony; TWiki suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 20fa13f95c0cbab3ce12b40327deb0594b221c8360e43b8dd5b2b43d7b2db51d; Download | Favorite | View

sudo 1.8.3p1 Format String: Posted Jan 30, 2012; Authored by joernchen | Site phenoelit.de; sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.; tags | exploit; SHA-256 | 81fb04538af951a21c660e19f143b2d360f83aa70ff21c86befc1fc8af952094; Download | Favorite | View

OSClass 2.3.4 XSS / RFI / SQL Injection: Posted Jan 30, 2012; Authored by Filippo Cavallarin; OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, file inclusion; SHA-256 | 6961ecec1291ed82c08ed138f70b351bb7b06cabde1aec1d2b62eb96c14593fb; Download | Favorite | View

Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting: Posted Jan 30, 2012; Authored by Filippo Cavallarin; Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 792946daa68d21da19823d935d226aff83199c4a69cc33fe6dfa3dcbd4a11618; Download | Favorite | View

Snort Report 1.3.2 SQL Injection: Posted Jan 30, 2012; Authored by a.kadir altan; Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 7ac11a9eb9c4af7ae958f9e6572c3363d054e93d2c7c025644e592843827575f; Download | Favorite | View

Joomla Propertylab SQL Injection: Posted Jan 30, 2012; Authored by the_cyber_nuxbie; The Joomla Propertylab component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | a3daef246c503bc8547f849b2aed3b44984344f9ecdc3e77c4c0bb237510ca66; Download | Favorite | View

DPI 1.0 Cross Site Scripting: Posted Jan 30, 2012; Authored by Red Security TEAM; DPI version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d8cd5e55214550fc0a341eefb3545a7f8deabb3b7d422347a02fbf65f060e75d; Download | Favorite | View

Mibew Messenger 1.6.4 Cross Site Scripting: Posted Jan 30, 2012; Authored by Filippo Cavallarin; Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 70ca4b16e1bd521b1858f4631f536db54e0cb770544aff6b395c926a0f05eef9; Download | Favorite | View

Joomla BBS SQL Injection: Posted Jan 30, 2012; Authored by the_cyber_nuxbie; The Joomla BBS component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 6f0b8c419e5e825a1c8825cf7a430c175e04de600ae4369c1e50886fbe48d296; Download | Favorite | View

Phux Download Manager SQL Injection: Posted Jan 30, 2012; Authored by Red Security TEAM; Phux Download Manager suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 04856c2e105c35adc10d68427ec4e8e9a4262fc82b5e01eee835f8a9d50f9cad; Download | Favorite | View

Joomla Firmy SQL Injection: Posted Jan 30, 2012; Authored by the_cyber_nuxbie; The Joomla Firmy component suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 2c0f2c4d9d41df496067e05cfd85ac66ab857fdc7140e5684666b37bd49c645b; Download | Favorite | View

Page 1 of 14 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

Files

Top Authors In Last 30 Days

Recent News