Section: .. / 0606-exploits /
| /// File Name: |
aspWebLinks2.0.txt |
Description:
|
aspWebLinks 2.0 Remote Admin Pass Change Exploit
| | Author: | ajannhwt | | File Size: | 4913 | | Last Modified: | Jun 3 00:34:47 2006 |
| MD5 Checksum: | 94670f461101ab4ef0bf145659388a7d |
|
| /// File Name: |
secunia-SelectaPix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in SelectaPix version 1.31, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
| | Author: | Andreas Sandblad | | Homepage: | http://secunia.com/ | | File Size: | 4762 | | Last Modified: | Jun 12 03:50:56 2006 |
| MD5 Checksum: | b4b6d82daf1891770dd5427fddec37da |
|
| /// File Name: |
Webserver4D.txt |
Description:
|
Web server 4D 3.6.0 remote DOS exploit.
| | Author: | Federico Fazzi | | File Size: | 4681 | | Last Modified: | Jun 10 23:34:58 2006 |
| MD5 Checksum: | 9d2c3518b4d57aaf387a603a9e3d6a36 |
|
| /// File Name: |
adv32-K-159-2006.txt |
Description:
|
SCart version 2.0 suffers from a remote code execution flaw. Exploit provided.
| | Author: | K-159 | | Homepage: | http://www.echo.or.id | | File Size: | 4482 | | Last Modified: | Jun 5 04:22:06 2006 |
| MD5 Checksum: | 2015837e45d7ff8d1ffcaa2b445fdc1a |
|
| /// File Name: |
secunia-deluxebb.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in DeluxeBB version 1.06, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
| | Author: | Andreas Sandblad | | Homepage: | http://secunia.com/ | | File Size: | 4397 | | Related CVE(s): | CVE-2006-2914, CVE-2006-2915 | | Last Modified: | Jun 21 03:43:42 2006 |
| MD5 Checksum: | 6ece499572842c432fef3343e082165d |
|
| /// File Name: |
ciscoXSS.txt |
Description:
|
Cisco Secure ACS LoginProxy.cgi has been found to be vulnerable to Cross Site Scripting attacks via both GET and POST requests due to a failure to properly filter undesirable user input. Successful exploitation could result in a loss of privacy of sensitive data, such as usernames and passwords. Exploitation details provided.
| | Author: | Liam Romanis | | File Size: | 4337 | | Last Modified: | Jun 26 00:19:28 2006 |
| MD5 Checksum: | 845172879ee4eabd67b6dd8fc63bdca5 |
|
| /// File Name: |
wingatex.pl.txt |
Description:
|
QBik Wingate version 6.1.1.1077 remote buffer overflow exploit for Windows 2000. Binds a shell to tcp/4444.
| | Author: | kcope | | File Size: | 4277 | | Last Modified: | Jun 12 02:57:54 2006 |
| MD5 Checksum: | c44c1239cba42bc6e04e6ef19ecbc158 |
|
| /// File Name: |
v3chatIM.txt |
Description:
|
V3 Chat Instant Messenger is susceptible to multiple cross site scripting flaws.
| | Author: | luny | | File Size: | 4227 | | Last Modified: | Jun 26 02:17:08 2006 |
| MD5 Checksum: | 3897878bac54f1582598e6a7c058e93b |
|
| /// File Name: |
adv34-theday-2006.txt |
Description:
|
W-Agora (Web-Agora) versions 4.2.0 and below suffer from remote file inclusion flaws.
| | Author: | the_day | | Homepage: | http://theday.echo.or.id/ | | File Size: | 4156 | | Last Modified: | Jun 27 01:15:15 2006 |
| MD5 Checksum: | e1cca27330361ed2917e72801fb30c87 |
|
| /// File Name: |
lifetype_104_sql.txt |
Description:
|
LifeType versions 1.0.4_r3270 and below remote SQL injection / administrative credential disclosure exploit.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 4081 | | Last Modified: | Jun 5 04:35:04 2006 |
| MD5 Checksum: | 7186f79190779cb5b6a3f442255af049 |
|
| /// File Name: |
pppBlog-0.3.8.txt |
Description:
|
pppBlog versions less than or equal to 0.3.8 system disclosure exploit
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 3893 | | Last Modified: | May 31 21:03:59 2006 |
| MD5 Checksum: | 1b092904c9a5df9112eb8df0d43c6e26 |
|
| /// File Name: |
rt-sa-2006-005.txt |
Description:
|
RedTeam has identified a SQL injection that can be triggered due to a lack of user input sanitization in phpBannerExchange versions 2.0 RC5 and below. It is possible to recover a password of a user and thereby overtake his account.
| | Author: | RedTeam Pentesting | | Homepage: | http://www.redteam-pentesting.de/ | | File Size: | 3869 | | Related CVE(s): | CVE-2006-3013 | | Last Modified: | Jun 25 17:32:05 2006 |
| MD5 Checksum: | 92155311e0e3fa99e3565e9110bfd108 |
|
| /// File Name: |
Maximus.txt |
Description:
|
All versions of Maximus' iCue and iParent suffer from an input validation flaw that allows for cross site scripting.
| | Author: | Charles H. | | Homepage: | http://www.infoguardgroup.com/ | | File Size: | 3763 | | Last Modified: | Jun 26 02:23:23 2006 |
| MD5 Checksum: | f11dad6bc8e7a986f5db322512170c38 |
|
| /// File Name: |
chipmailer109.txt |
Description:
|
Chipmailer versions 1.09 and below suffer from cross site scripting and SQL injection flaws.
| | Author: | Tamriel | | File Size: | 3682 | | Last Modified: | Jun 15 03:59:18 2006 |
| MD5 Checksum: | b14a20a2c982c8672caaae42b3b44eae |
|
| /// File Name: |
EXPL-A-2006-004.txt |
Description:
|
EXPL-A-2006-004 exploitlabs.com Advisory 049 - phpFormGenerator forces insecure usage of permissions for the application to work.
| | Author: | Donnie Werner | | Homepage: | http://exploitlabs.com | | File Size: | 3661 | | Last Modified: | Jul 2 05:42:22 2006 |
| MD5 Checksum: | eb43566c33e9eb5cdb5bfdf9a35a95f9 |
|
| /// File Name: |
ecl-nf-snmpwn.c |
Description:
|
Netfilter NAT SNMP module denial of service exploit. This vulnerability has been patched in 2.6.16.18.
| | Author: | Alex Behar, Yuri Gushin | | File Size: | 3363 | | Related CVE(s): | CVE-2006-2444 | | Last Modified: | Jun 5 04:47:32 2006 |
| MD5 Checksum: | a8f6cd28a3ea1fd281b07d5507f1f1a4 |
|
| /// File Name: |
buddyzone101.txt |
Description:
|
Buddy Zone version 1.0.1 suffers from a multitude of cross site scripting flaws.
| | Author: | luny | | File Size: | 3352 | | Last Modified: | Jul 2 05:42:53 2006 |
| MD5 Checksum: | 0b17d0eb6626035b653d60139462ea92 |
|
| /// File Name: |
News52.txt |
Description:
|
News versions 5.2 and below remote SQL injection exploit that performs arbitrary command execution.
| | Author: | DarkFig | | File Size: | 3261 | | Last Modified: | Jul 2 03:37:36 2006 |
| MD5 Checksum: | ee9128c982836e00e2707e8a70e3aff3 |
|
| /// File Name: |
FailureToLaunch-2.pl.txt |
Description:
|
Proof of concept exploit for Mac OS X versions 10.4.6 and below which are susceptible to a vulnerability in launchd's syslog() function. PPC version.
| | Author: | Kevin Finisterre | | Homepage: | http://www.digitalmunition.com/ | | Related File: | DMA-2006-0628a.txt | | File Size: | 3187 | | Last Modified: | Jul 2 04:20:27 2006 |
| MD5 Checksum: | dad99226501d377f1943e7e8115fa650 |
|
| /// File Name: |
apnaspace.txt |
Description:
|
Apnaspace.com appears vulnerable to cross site scripting attacks.
| | Author: | luny | | File Size: | 3171 | | Last Modified: | Jun 21 02:56:39 2006 |
| MD5 Checksum: | 809f70d6d053f5f5b15a193316fa0725 |
|
| /// File Name: |
bingbox.txt |
Description:
|
Bingbox.com suffers from multiple cross site scripting flaws.
| | Author: | luny | | File Size: | 2961 | | Last Modified: | Jun 26 00:59:00 2006 |
| MD5 Checksum: | d70ebcdec9def8a48ec090959ed12ed5 |
|
| /// File Name: |
fxAPPXSS.txt |
Description:
|
fx-APP version 0.0.8.1 is susceptible to cross site scripting attacks.
| | Author: | luny | | File Size: | 2961 | | Last Modified: | Jun 12 04:27:28 2006 |
| MD5 Checksum: | 813655a0721b4c2fbcfe423a383d31df |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
