Section: .. / 0701-exploits /
| /// File Name: |
swcms.php.txt |
Description:
|
Simple Web Content Management System remote SQL injection exploit.
| | Author: | DarkFig | | File Size: | 5106 | | Last Modified: | Jan 3 23:15:50 2007 |
| MD5 Checksum: | 102c88548cc2d6b1cbc6f313c941c250 |
|
| /// File Name: |
tftpdwin042.txt |
Description:
|
TFTPDWIN version 0.4.2 remote buffer overflow exploit.
| | Author: | acaro | | File Size: | 2095 | | Last Modified: | Jan 15 22:29:45 2007 |
| MD5 Checksum: | 99964cb405827681deff02aa17331ce9 |
|
| /// File Name: |
tk53-advisory-1.txt |
Description:
|
CenterICQ contains support for LiveJournal (http://www.livejournal.com/), such as posting to your own blog, reading other blogs' RSS feeds, and other community-related functions, such as showing whether a user has added or removed your own users to/from the friend list, all via a unified HTTP interface provided by LiveJournal. The latter functionality is vulnerable to a buffer overflow and possible remote code execution. Affected versions range from 4.9.11 through 4.21.0. Proof of concept exploit included.
| | Author: | Lolek, Roflek | | File Size: | 7884 | | Last Modified: | Jan 13 16:39:18 2007 |
| MD5 Checksum: | b01fc1a5c2ddaf95af63ac9ace7db750 |
|
| /// File Name: |
tlm-rfi.txt |
Description:
|
TLM CMS versions 1.1 and below suffer from a remote file inclusion vulnerability.
| | Author: | GolD_M | | File Size: | 1681 | | Last Modified: | Jan 13 19:01:05 2007 |
| MD5 Checksum: | eda173b0a50608ae27ba01a380445f34 |
|
| /// File Name: |
trevorchan07-rfi.txt |
Description:
|
Trevorchan version 0.7 suffers from a remote file inclusion vulnerability.
| | Author: | ilker Kandemir | | File Size: | 988 | | Last Modified: | Jan 13 20:10:48 2007 |
| MD5 Checksum: | 889ea11f23cc815c4d0ed66a151e830f |
|
| /// File Name: |
uberupload.txt |
Description:
|
Uber Uploader 4.2 suffers from a code execution flaw via uploading a malicious PHP file.
| | Author: | Null | | Homepage: | http://www.gammahack.com | | File Size: | 655 | | Last Modified: | Jan 6 19:24:13 2007 |
| MD5 Checksum: | 9092d04f130796a15695c2667dcaf882 |
|
| /// File Name: |
uguestbook-mdb.txt |
Description:
|
Uguestbook version 1.0 suffers from a remote password disclosure flaw.
| | Author: | beks | | File Size: | 260 | | Last Modified: | Jan 13 16:30:36 2007 |
| MD5 Checksum: | bdb2b09f5618accb2044930cf69cac46 |
|
| /// File Name: |
uniforum4-sql.txt |
Description:
|
uniForum versions 4 and below suffer from a remote SQL injection vulnerability in wbsearch.aspx.
| | Author: | ajann | | File Size: | 743 | | Last Modified: | Jan 26 22:26:09 2007 |
| MD5 Checksum: | 1dcdf1f915724c9910e127ed1693b232 |
|
| /// File Name: |
uniqueads-sql.txt |
Description:
|
Unique Ads aka UDS version 1.x suffers from SQL injection flaws.
| | Author: | Linux_Drox | | Homepage: | http://www.LeZr.com | | File Size: | 291 | | Last Modified: | Jan 23 23:05:48 2007 |
| MD5 Checksum: | e1f17d1f6a38bfc7bfd649962cae265b |
|
| /// File Name: |
Universal_printer_provider_exploit...> |
Description:
|
Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.
| | Author: | Andres Tarasco | | Homepage: | http://www.514.es/ | | File Size: | 17700 | | Related CVE(s): | CVE-2006-5854 | | Last Modified: | Jan 29 20:58:34 2007 |
| MD5 Checksum: | 7772176447738b443f1b8706a46460e0 |
|
| /// File Name: |
VLCMediaSlayer-x86.pl.txt |
Description:
|
Month Of Apple Bugs - A vulnerability in the handling of the udp:// URL handler for the VLC Media Player allows remote arbitrary code execution. This exploit will create a malicious .m3u file that will cause VLC Player for OSX to execute arbitrary code.
| | Author: | LMH, Kevin Finisterre | | Homepage: | http://projects.info-pull.com/moab/index.html | | File Size: | 1422 | | Related CVE(s): | CVE-2007-0017 | | Last Modified: | Jan 4 03:15:18 2007 |
| MD5 Checksum: | 7be8a31aa5f26b9929610d23d102a6bc |
|
| /// File Name: |
votepro40-exec.txt |
Description:
|
Vote-Pro version 4.0 remote code execution exploit that makes use of poll_frame.php.
| | Author: | r0ut3r | | File Size: | 2932 | | Last Modified: | Jan 24 00:11:50 2007 |
| MD5 Checksum: | 77fd1fc711a31cbbaf61d993e5dae923 |
|
| /// File Name: |
wcsimple-disclose.txt |
Description:
|
wcSimple Poll allows for a direct download of the system password.
| | Author: | ilker Kandemir | | File Size: | 656 | | Last Modified: | Jan 15 21:10:02 2007 |
| MD5 Checksum: | 4a0c5f0dd3639c64807ab83ed0dff3b4 |
|
| /// File Name: |
webulas-mdb.txt |
Description:
|
Webulas suffers from a remote password disclosure flaw.
| | Author: | beks | | File Size: | 195 | | Last Modified: | Jan 13 16:28:19 2007 |
| MD5 Checksum: | 36a228b44a04339700966d3620031c63 |
|
| /// File Name: |
wine-db.txt |
Description:
|
WineGlass suffers from a direct database download vulnerability.
| | Homepage: | http://aria-security.com/ | | File Size: | 417 | | Last Modified: | Jan 3 23:17:11 2007 |
| MD5 Checksum: | a1e2aca7d50b058d60c4f5542d4368c3 |
|
| /// File Name: |
wmfdos.txt |
Description:
|
WMF proof of concept denial of service exploit.
| | Author: | cyanid-E | | File Size: | 617 | | Last Modified: | Jan 13 18:47:32 2007 |
| MD5 Checksum: | a70607a5bae12632f5c0d6345780aba2 |
|
| /// File Name: |
xero-rfi.txt |
Description:
|
Xero Portal version 1.2 local file inclusion exploit.
| | Author: | XORON | | File Size: | 2204 | | Last Modified: | Jan 26 22:19:32 2007 |
| MD5 Checksum: | 756c7e0650eeb11ea0d4ba52e3936bf9 |
|
| /// File Name: |
yald10-xss.txt |
Description:
|
Yet Another Link Directory version 1.0 suffers from cross site scripting flaws.
| | Author: | Luny | | File Size: | 402 | | Last Modified: | Jan 13 16:09:28 2007 |
| MD5 Checksum: | b4274bc3ba1351a5c627ce6edf9e2784 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
