Section: .. / 0807-exploits /
| /// File Name: |
dap8x-overflow.txt |
Description:
|
Download Accelerator Plus (DAP) version 8.x local buffer overflow exploit that creates a malicious .m3u file. Binds a shell to port 1337.
| | Author: | Shinnok | | Related Exploit: | dap-overflow.txt | | File Size: | 7728 | | Last Modified: | Jul 11 17:14:58 2008 |
| MD5 Checksum: | 0f0251e90f1fee446e809fcf8bc823c3 |
|
| /// File Name: |
debopenssh-auth.txt |
Description:
|
It appears that there may be a privilege escalation vulnerability in OpenSSH under Debian due to how SELinux hands out roles.
| | Author: | eliteb0y | | File Size: | 1247 | | Last Modified: | Jul 17 15:22:36 2008 |
| MD5 Checksum: | 227a31a0b1018513db637838fb8a6b39 |
|
| /// File Name: |
defblog-sql.txt |
Description:
|
Def Blog version 1.0.3 suffers from multiple SQL injection vulnerabilities.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1490 | | Last Modified: | Jul 18 17:05:27 2008 |
| MD5 Checksum: | ba98e87788fb1251c1b9a4c5c9e1c82f |
|
| /// File Name: |
devwms-lfisqlxss.txt |
Description:
|
DEV WMS suffers from local file inclusion, cross site scripting, and SQL injection vulnerabilities.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 2457 | | Last Modified: | Jul 30 22:29:10 2008 |
| MD5 Checksum: | 21cc74aefeacf04b081d6a1024ca7bcb |
|
| /// File Name: |
digileave-sql.txt |
Description:
|
Digileave version 1.2 blind SQL injection exploit that makes use of info_book.asp.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 3086 | | Last Modified: | Jul 21 15:41:26 2008 |
| MD5 Checksum: | 8213af1ff76ff6ba7ba06c244bb5dba4 |
|
| /// File Name: |
documentimaging-overflow.txt |
Description:
|
Document Imaging SDK version 10.95 ActiveX related buffer overflow proof of concept denial of service exploit.
| | Author: | r0ut3r | | File Size: | 1071 | | Last Modified: | Jul 16 00:17:35 2008 |
| MD5 Checksum: | be9670fad83699888af79499434ba14b |
|
| /// File Name: |
dreamnews-sql.txt |
Description:
|
The DreamNews Manager is susceptible to a SQL injection vulnerability.
| | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1705 | | Last Modified: | Jul 10 18:29:00 2008 |
| MD5 Checksum: | 80e24950bd83de99d3aa48b61ab9a102 |
|
| /// File Name: |
dreampics-sql.txt |
Description:
|
Dreampics Builder suffers from a remote SQL injection vulnerability.
| | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1566 | | Last Modified: | Jul 10 02:59:11 2008 |
| MD5 Checksum: | 7b524bd66d8b59814be98575076503bf |
|
| /// File Name: |
DSECRG-08-027.txt |
Description:
|
1024 CMS versions 1.4.3 and 1.4.4 RFC suffer from multiple local and remote file inclusion vulnerabilities.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 10053 | | Last Modified: | Jul 10 01:45:37 2008 |
| MD5 Checksum: | 4d1ece41b4403e1852ca4d26260e09fc |
|
| /// File Name: |
DSECRG-08-028.txt |
Description:
|
Velocity Web Server version 1.0 suffers from a directory traversal / arbitrary file download vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2606 | | Last Modified: | Jul 16 20:04:20 2008 |
| MD5 Checksum: | f7d76bff58337cf6b2b130888c9f4320 |
|
| /// File Name: |
DSECRG-08-029.txt |
Description:
|
Dokeos E-Learning System version 1.8.5 suffers from a local file inclusion vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2928 | | Last Modified: | Jul 17 15:18:56 2008 |
| MD5 Checksum: | 3e23f9ac98e5358667ca3e96dc1d5df6 |
|
| /// File Name: |
DSECRG-08-030.txt |
Description:
|
Claroline eLearning and eWorking Platform version 1.8.9 suffers from cross site scripting, unsigned redirect, and cross site request forgery vulnerabilities.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 3112 | | Last Modified: | Jul 18 17:20:57 2008 |
| MD5 Checksum: | a1d98b6503e897b1b91cf0455730d9b4 |
|
| /// File Name: |
DSECRG-08-032.txt |
Description:
|
Claroline eLearning and eWorking Platform version 1.8.10 suffers from cross site scripting vulnerabilities.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2842 | | Last Modified: | Jul 22 14:01:02 2008 |
| MD5 Checksum: | f71ed888ac06312f64ea478ffcfbd3f2 |
|
| /// File Name: |
DSECRG-08-033.txt |
Description:
|
Pixelpost PhotoBlog version 1.7.1 suffers from a local file inclusion vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 3644 | | Last Modified: | Jul 28 11:47:20 2008 |
| MD5 Checksum: | 1ad92363fa032fc004349c966a6a12b1 |
|
| /// File Name: |
DSECRG-08-034.txt |
Description:
|
Minishowcase Image Gallery version 09b136 suffers from a local file inclusion vulnerability.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2526 | | Last Modified: | Jul 29 11:45:05 2008 |
| MD5 Checksum: | 679fe81963f3726f3f463af310ad9e9b |
|
| /// File Name: |
DSEGRG-08-31.txt |
Description:
|
Interact E-Learning System version 2.4.1 suffers from a local file inclusion vulnerability in help/help.php.
| | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 2242 | | Last Modified: | Jul 21 18:06:52 2008 |
| MD5 Checksum: | ccda3be106036a8fbfe5b9e8eace4a84 |
|
| /// File Name: |
e107-blindsql.txt |
Description:
|
e107 BLOG Engine plugin version 2.2 blind SQL injection exploit.
| | Author: | hadihadi | | Homepage: | http://www.virangar.org/ | | File Size: | 2997 | | Last Modified: | Jul 29 17:10:29 2008 |
| MD5 Checksum: | 806562a52d9f0e9d72cade9c68d865b3 |
|
| /// File Name: |
easybookmaker-xss.txt |
Description:
|
EasyBookmarker 40tr suffers from a cross site scripting vulnerability.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 1367 | | Last Modified: | Jul 21 15:47:16 2008 |
| MD5 Checksum: | 24b311af4880a78fb81f62b8ff28b6b3 |
|
| /// File Name: |
easyecards-sqlxssdisclose.txt |
Description:
|
EasyECards 310a remote cross site scripting, SQL injection, and file disclosure exploit.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 5614 | | Last Modified: | Jul 21 15:46:18 2008 |
| MD5 Checksum: | cf7a10d19833f1d072289fd81003b58c |
|
| /// File Name: |
easypublish-sqlxssdisclose.txt |
Description:
|
EasyPublish 3.0tr remote cross site scripting, SQL injection, and file disclosure exploit.
| | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 5498 | | Last Modified: | Jul 21 15:47:55 2008 |
| MD5 Checksum: | ad2d339e9b8b2d6309b73735501ea17c |
|
| /// File Name: |
efestechshop-sql.txt |
Description:
|
Efestech Shop version 2.0 suffers from a remote SQL injection vulnerability.
| | Author: | Dr.Kacak | | File Size: | 950 | | Last Modified: | Jul 9 21:19:25 2008 |
| MD5 Checksum: | 85ba9a2f514e603a5e63c715f06112e4 |
|
| /// File Name: |
emc-sql.txt |
Description:
|
EMC's Centera Universal Access product version CUA4.0_4735.p4 suffers from a SQL injection vulnerability.
| | Author: | Aaron Brown,Lars Heidelberg | | File Size: | 4007 | | Last Modified: | Jul 23 19:44:55 2008 |
| MD5 Checksum: | 535213a9fae7b8708f9e219a84119c62 |
|
| /// File Name: |
endonesia-sql.txt |
Description:
|
eNdonesia version 8.4 remote SQL injection exploit that takes advantage of the calendar module.
| | Author: | Jack | | File Size: | 3349 | | Last Modified: | Jul 31 11:15:53 2008 |
| MD5 Checksum: | 8bff5e54cb510b4b387b287c56efe645 |
|
| /// File Name: |
epshop-sql.txt |
Description:
|
EPShop versions below 3.0 suffer from a remote SQL injection vulnerability.
| | Author: | mikeX | | Homepage: | http://www.cyber-underground.net/ | | File Size: | 1034 | | Last Modified: | Jul 28 11:09:07 2008 |
| MD5 Checksum: | e4caf952406e442bdfd222e7bbdd61f8 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
