exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2011-06-18

Joomla A Cool Debate 1.0.3 Local File Inclusion
Posted Jun 18, 2011
Authored by Chip D3 Bi0s

Joomla A Cool Debate component version 1.0.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e03c70e6830a95bd19a0e07f540b560e329839d04b516b6b4d70b54a2b1e42cb
AiCart 2.0 Cross Site Scripting / SQL Injection
Posted Jun 18, 2011
Authored by takeshix

AiCart version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d4064aee1d33bfdc3ab27932d8faf5714072e60f83af00d5db6703244d353e57
Joomla Free Consultation Shell Upload
Posted Jun 18, 2011
Authored by Egyptian.H4x0rz

The Joomla Free Consultation component suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 3dbeac7570aba2a4d0b5f363f1566b067ea446a36bc5ef45143a9ba9b97b1057
WeBid 1.0.2 Cross Site Request Forgery
Posted Jun 18, 2011
Authored by KedAns-Dz

WeBid version 1.0.2 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 05b7ea39d283319d934b014dec9d61011e8ed16e7a7ca7a370459f06d5a073bc
ImmoPHP 1.1.1 SQL Injection / Cross Site Scripting
Posted Jun 18, 2011
Authored by KedAns-Dz

ImmoPHP version 1.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 05a327d6c96b95010a10c9c036e72076351356bc240c50e97f28b261444dcb68
Miniblog 1.0.0 Cross Site Request Forgery / Cross Site Scripting
Posted Jun 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Miniblog version 1.0.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8b565f2831b1710eebd03f8ffad05323b9419a9dbb712cca3ad4c811d6d17212
Microsoft Windows OLE Automation Integer Underflow
Posted Jun 18, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web
systems | windows
advisories | CVE-2011-0658
SHA-256 | 0bcbe6ddf0f6d9f9565bd58d17901ffc57ad45dde4e3569f63328534b3f27176
EQDKP Plus 0.6.4.5 Cross Site Scripting
Posted Jun 18, 2011
Authored by iPower

EQDKP Plus versions 0.6.4.5 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 72d9c8f4d6b72f953096a645576534585fea819967a019175610dd26f398afc1
myBloggie 2.1.6 SQL Injection
Posted Jun 18, 2011
Authored by Robin Verton

myBloggie version 2.1.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9100ce6e2002fd13b7e37a95eaf2aa28615a7922545368ed8f273d60567f928a
e107 0.7.25 Cross Site Scripting / SQL Injection
Posted Jun 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.25 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 508e2264de222779d99c876535fa46cd425719bf284a3b07ccab07ccbe1fd70d
Secunia Security Advisory 44954
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | e3fe3314d9ddb2f1d6f5503c0a2b1be127e29bd4960c5f6398ca301902d31727
Secunia Security Advisory 44968
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in e107, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6d185a8b7325a6e13da628f62531b50827d7cf3b20e8a97c75cb335faec2cf8b
HP Security Bulletin HPSBUX02657 SSRT100460 1
Posted Jun 18, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02657 SSRT100460 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2010-2063, CVE-2010-3069, CVE-2011-0719
SHA-256 | 3ef8602f6dfa5b0b1dc32e28f78484581f6ab01005aa9deb6b822ca3df996745
Mandriva Linux Security Advisory 2011-110
Posted Jun 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-110 - Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based buffer overflow.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1178
SHA-256 | 2fdbbf771f216ac57653ff70385e0996b57fbad35d9dd3b2bb53e51bd41d7159
Smart Communication Protocols and Algorithms 2011 Call For Papers
Posted Jun 18, 2011
Site scpa.it.ubi.pt

The Smart Communication Protocols and Algorithms (SCPA 2011) Call For Papers has been announced. It will take place December 5th through the 9th, 2011 in Houston, Texas in conjunction with Globecom 2011.

tags | paper, protocol, conference
SHA-256 | 2d364a033aad26df0b00f9e7fb447a052e1e411cdc326d6b7a27b1aaeeb756ab
Taha Portal 3.2 Cross Site Scripting
Posted Jun 18, 2011
Authored by Bl4ck.Viper

Taha Portal version 3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c0db6a706663ac481b133e17f3c955886ae9757b79682b088de95c62f8e61709
HTTP Bog 1.0.0.0
Posted Jun 18, 2011
Authored by AutoSec Tools | Site autosectools.com

HTTP Bog is a slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses. Requires .NET 3.5. Written in C#.

tags | web, denial of service
SHA-256 | 21b49d0423d9dfda5e5ab125414ed0306b679f58a4bc84e2b5e2625ab7253788
OpenBSD/x86 /bin/sh Shellcode
Posted Jun 18, 2011
Authored by KedAns-Dz

57 bytes small OpenBSD/x86 execve("/bin/sh") shellcode.

tags | x86, shellcode
systems | openbsd
SHA-256 | 031406f5d641637744283f2f8f37b2fbe0869e2adeff064ca915a34de216ad54
iDEFENSE Security Advisory 2011-06-14.2
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-0335
SHA-256 | 3b0ec1fef75086d0e796f5ce1dea0706958798bc9b403f2258059ba1d3e7612f
iDEFENSE Security Advisory 2011-06-14.1
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a integer signedness vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "Lscr" record. This record can embed Lingo script code, which is Shockwave's scripting language. The vulnerability occurs when processing certain opcodes. Specifically, a 32-bit value from the file is used as an offset into a heap buffer without proper validation. When comparing the value to the maximum buffer size, a signed comparison is performed. By using a negative value, it is possible to index outside of the allocated buffer. This results in data outside of the buffer being treated as a valid pointer, and this pointer is later used as the destination of a write operation. This can corrupt an arbitrary memory address, which can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0335
SHA-256 | 952c40d913beb9b78faaad430aeb7a3d76e8f0453128f6534822d4e3d407462d
Secunia Security Advisory 44107
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
SHA-256 | c4900f6f71739d6e1e711dad69cd173b9ffebe097dafda9be5bc075b4d30198a
Secunia Security Advisory 44978
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 8e067f3268d65ffbd5866153e41b44c1019700edaccada4ae5296369c4e7de88
Secunia Security Advisory 44984
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 6f3f402554469a8efda9cce183cf69977e9d9a50552acfcf88209429e6211f70
Secunia Security Advisory 44991
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | 3faceb0ad836fc74828769f16d6231d174d879cb15be85b7261b84889c958188
Secunia Security Advisory 43861
Posted Jun 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for groff. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
SHA-256 | 85fab29d10d54100e8fbd82d269b73105e01de15543ad9914fa2056275927413
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close