Section: .. / Last 20 Exploit Files /
| /// File Name: | eroserotikwebkat-sql.txt | Description:
| Eros Erotik Webkatalog suffers from a remote SQL injection vulnerability. | | Author: | Easy Laster | | File Size: | 1748 | | Last Modified: | Mar 11 17:27:39 2010 | | MD5 Checksum: | ae621f66ffcba455b27d5cdf9ad07b63 |
|
| /// File Name: | atutor-xss.txt | Description:
| ATutor version 1.6.4 suffers from a cross site scripting vulnerability. | | Author: | Itsecteam | | File Size: | 1001 | | Last Modified: | Mar 11 17:26:45 2010 | | MD5 Checksum: | 6eb8260401fb838bd22c79acf9a71cd6 |
|
| /// File Name: | skype-input.txt | Description:
| Skype client versions prior to 4.2.0.1.55 suffer from a URI handling input validation vulnerability that allows for remote command execution. | | Author: | Paul Craig | | Homepage: | http://www.security-assessment.com/ | | File Size: | 5783 | | Last Modified: | Mar 11 17:17:27 2010 | | MD5 Checksum: | 0a20a3178c435cdde8c2ce8645f77c7b |
|
| /// File Name: | ms10_002_aurora.rb.txt | Description:
| This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the "Operation Aurora" attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited. | | Homepage: | http://www.metasploit.com | | File Size: | 5377 | | Related OSVDB(s): | 61697 | | Related CVE(s): | CVE-2010-0249 | | Last Modified: | Mar 11 17:15:45 2010 | | MD5 Checksum: | e10bb1dd4089bb4b0d4a689573918f4d |
|
| /// File Name: | ane-xsrf.txt | Description:
| ANE CMS version 1 suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 2188 | | Last Modified: | Mar 11 11:26:29 2010 | | MD5 Checksum: | 75931499966409c4e4d5bd37b38f2270 |
|
| /// File Name: | ane-xss.txt | Description:
| ANE CMS version 1 suffers from a cross site scripting vulnerability. | | Author: | Pratul Agrawal | | File Size: | 11204 | | Last Modified: | Mar 11 11:25:29 2010 | | MD5 Checksum: | baaa652f16f1938c75702a9aace1a1d5 |
|
| /// File Name: | abton-sql.txt | Description:
| Abton CMS suffers from a remote SQL injection vulnerability. | | Author: | MustLive | | File Size: | 1385 | | Last Modified: | Mar 11 11:24:15 2010 | | MD5 Checksum: | 52f6b36dba1fbd3b137ebb090d43ddf1 |
|
| /// File Name: | super-vulns.tgz | Description:
| SUPERAntiSpyware and Super Ad Blocker have almost identical device drivers in order to set up hooks and perform other duties from kernel space. These device drivers suffer from lack of validation of parameters passed from user mode. Additionally, some of the functions accessible from user mode are inherently insecure and lead to easy privilege escalation. All vulnerabilities are applicable to both applications. Proof of concept code included with full advisory. | | Author: | Luka Milkovic | | File Size: | 33557 | | Last Modified: | Mar 10 21:30:19 2010 | | MD5 Checksum: | 3170b366c6223e86743528719242746a |
|
| /// File Name: | joomlaabout-sql.txt | Description:
| The Joomla About component suffers from a remote SQL injection vulnerability. | | Author: | Snakespc | | File Size: | 866 | | Last Modified: | Mar 10 21:27:25 2010 | | MD5 Checksum: | 75053d91412433bd2af46e8bc384850d |
|
| /// File Name: | ie_iepeers_pointer.rb.txt | Description:
| This Metasploit module exploits a use-after-free vulnerability within iepeers.dll of Microsoft Internet Explorer versions 6 and 7. NOTE: Internet Explorer 8 and Internet Explorer 5 are not affected. | | Author: | Trancer | | Homepage: | http://www.metasploit.com | | File Size: | 4796 | | Related OSVDB(s): | 62810 | | Related CVE(s): | CVE-2010-0806 | | Last Modified: | Mar 10 21:18:10 2010 | | MD5 Checksum: | 148df6b886dc2dbed56a1580848c30f7 |
|
| /// File Name: | phpcityportal-sqlrfi.txt | Description:
| PHPCityPortal suffers from remote file inclusion and SQL injection vulnerabilities. | | Author: | R3d-D3v!L | | File Size: | 1751 | | Last Modified: | Mar 10 21:13:59 2010 | | MD5 Checksum: | b3cf8067188dddf195e8aa0379efcb9a |
|
| /// File Name: | anantasoft-xsrf.txt | Description:
| Anantasoft Gazelle CMS suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 2808 | | Last Modified: | Mar 10 10:59:29 2010 | | MD5 Checksum: | dad820e563724bc7b8c491876c9048fa |
|
| /// File Name: | notepadpoc.zip | Description:
| The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. This proof of concept exploit leverages Notepad to demonstrate the vulnerability. | | Author: | Eduardo Prado | | File Size: | 28918 | | Last Modified: | Mar 10 10:51:10 2010 | | MD5 Checksum: | 3f0edb83fb8c525b3c7a93556ab16cc7 |
|
| /// File Name: | ispcp-rfi.txt | Description:
| ispCP Omega versions 1.0.4 and below suffer from a remote file inclusion vulnerability. | | Author: | cr4wl3r | | File Size: | 2068 | | Last Modified: | Mar 10 10:47:10 2010 | | MD5 Checksum: | 1ecfa63512e948355cf15fd528e4c374 |
|
| /// File Name: | softbizjobsrecruitment-sql.txt | Description:
| Softbiz Jobs and Recruitment script suffers from a remote SQL injection vulnerability. | | Author: | Easy Laster | | File Size: | 1605 | | Last Modified: | Mar 10 10:42:00 2010 | | MD5 Checksum: | a2b901cd5a4520daee9be76aab46b150 |
|
| /// File Name: | campsite-xsrf.txt | Description:
| Campsite version 3.3.5 suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 1620 | | Last Modified: | Mar 10 10:22:41 2010 | | MD5 Checksum: | 02c5f2f26afd7f5d5c3d519bb791a6fe |
|
| /// File Name: | 60cyclecms-xss.txt | Description:
| 60cycleCMS suffers from a cross site scripting vulnerability. | | Author: | Pratul Agrawal | | File Size: | 3606 | | Last Modified: | Mar 10 10:15:49 2010 | | MD5 Checksum: | 47b9959eebc266e101924d1fd6e37482 |
|
| /// File Name: | friendlytr69-sql.txt | Description:
| Friendly-Tech FriendlyTR69 CPE remote management version 2.8.9 suffers from a remote SQL injection vulnerability. | | Author: | Yaniv Miron | | File Size: | 1792 | | Last Modified: | Mar 10 10:08:22 2010 | | MD5 Checksum: | e9c939b6efcdae9fd324a8ff61d3f247 |
|
| /// File Name: | hydra-sqlxss.txt | Description:
| Hydra CMS suffers from cross site scripting and remote SQL injection vulnerabilities. | | Author: | MustLive | | File Size: | 1083 | | Last Modified: | Mar 10 10:07:08 2010 | | MD5 Checksum: | 1e7bf05f74db4c8d6bb5c916597f23bf |
|
|
|
|
|