Section: .. / 0706-exploits /
| /// File Name: |
CVE-2007-2815.txt |
Description:
|
Exploit that takes advantage of the Microsoft IIS5 NTLM and basic authentication bypass vulnerability.
| | Author: | ff0000 | | File Size: | 805 | | Related CVE(s): | CVE-2007-2815 | | Last Modified: | Jun 6 19:37:20 2007 |
| MD5 Checksum: | 0bcff03ae1150fc60d268291d16f8759 |
|
| /// File Name: |
dagger-rfi.txt |
Description:
|
DAGGER Web Engine versions 23Jan2007 and below suffer from a remote file inclusion vulnerability.
| | Author: | Katatafish | | File Size: | 347 | | Last Modified: | Jun 26 16:17:56 2007 |
| MD5 Checksum: | 6b60833ff2dd6990b5cc511abd20ea6b |
|
| /// File Name: |
dreamlog-upload.txt |
Description:
|
DreamLog version 0.5 suffers from an arbitrary file upload vulnerability in upload.php.
| | Author: | Dj7xpl | | Homepage: | http://Dj7xpl.2600.ir/ | | File Size: | 4236 | | Last Modified: | Jun 26 16:30:12 2007 |
| MD5 Checksum: | 3352a116fa92a00d2e655fe62e49df66 |
|
| /// File Name: |
dvdxplayer-overflow.txt |
Description:
|
DVD X Player version 4.1 Professional .PLF file buffer overflow exploit.
| | Author: | n00b | | File Size: | 4528 | | Last Modified: | Jun 7 02:26:37 2007 |
| MD5 Checksum: | 9a5dc7b38bfb8d79c385eb9c8679a646 |
|
| /// File Name: |
e107-upload.txt |
Description:
|
e107 versions 0.7.8 and below suffer from an arbitrary file upload vulnerability where it lacks validation of a files contents when uploaded, allowing for php code to be uploaded as an image, etc.
| | Author: | clorox | | Homepage: | http://www.g00ns.net/ | | File Size: | 2901 | | Last Modified: | Jun 26 16:22:33 2007 |
| MD5 Checksum: | 81c10fc3a33fb8c57bfdb3d9fd38169e |
|
| /// File Name: |
edocstore-sql.txt |
Description:
|
eDocStore suffers from a remote SQL injection vulnerability in doc.php.
| | Author: | t0pp8uzz, xprog | | File Size: | 1297 | | Last Modified: | Jun 26 17:17:03 2007 |
| MD5 Checksum: | fadc6f18a30dd9fa7079e081ffc1ed55 |
|
| /// File Name: |
endonesia84-sql.txt |
Description:
|
eNdonesia version 8.4 suffers from a SQL injection vulnerability.
| | Author: | laurent gaffi | | File Size: | 1317 | | Last Modified: | Jun 26 17:34:52 2007 |
| MD5 Checksum: | b05f2b8ec443ec5454390221262305e0 |
|
| /// File Name: |
eqdkp-sql.txt |
Description:
|
EQdkp versions 1.3.2 and below remote SQL injection exploit that makes use of listmembers.php.
| | Author: | Silentz | | Homepage: | http://www.w4ck1ng.com/ | | File Size: | 3809 | | Last Modified: | Jun 7 01:36:47 2007 |
| MD5 Checksum: | fb6d2980eb37e68dda8bebb414bc40b2 |
|
| /// File Name: |
eticket-xss.txt |
Description:
|
eTicket version 1.5.5 suffers from a cross site scripting vulnerability.
| | Author: | Jesper Jurcenoks | | Homepage: | http://www.netvigilance.com/ | | File Size: | 2428 | | Related CVE(s): | CVE-2007-2801 | | Last Modified: | Jun 29 01:08:27 2007 |
| MD5 Checksum: | a1c07d9004514c4431101e175ebb8229 |
|
| /// File Name: |
evaweb-rfi.txt |
Description:
|
EVA-Web versions 1.1 through 2.2 suffer from a remote file inclusion vulnerability in index.php3.
| | Author: | MurderSkillz | | Homepage: | http://www.g00ns.net/ | | File Size: | 1805 | | Last Modified: | Jun 26 17:20:00 2007 |
| MD5 Checksum: | 31e2a9e8306a224bf5bc18ed11eff6d9 |
|
| /// File Name: |
evisioncms-exec.txt |
Description:
|
e-Vision CMS versions 2.02 and below SQL injection and remote code execution exploit.
| | Author: | Silentz | | Homepage: | http://www.w4ck1ng.com/ | | File Size: | 8452 | | Last Modified: | Jun 10 20:18:26 2007 |
| MD5 Checksum: | 359a104b798ea4575dd388ba624b4410 |
|
| /// File Name: |
fuzzy-sql.txt |
Description:
|
Fuzzylime Forum version 1.0 SQL injection exploit.
| | Author: | Silentz | | Homepage: | http://www.w4ck1ng.com/ | | File Size: | 1853 | | Last Modified: | Jun 12 20:40:57 2007 |
| MD5 Checksum: | fab6ad8339a58e83f2972bb81d0eeca3 |
|
| /// File Name: |
fuzzylime-xss.txt |
Description:
|
fuzzylime forum versions 1.01b and below suffer from a cross site scripting vulnerability.
| | Homepage: | http://www.serapis.net/ | | File Size: | 1963 | | Last Modified: | Jun 20 00:25:39 2007 |
| MD5 Checksum: | d411d1f8a3561b7cdb78d4df1a14ec94 |
|
| /// File Name: |
gis-mdb.txt |
Description:
|
Guardian Information Systems suffer from a direct database download vulnerability.
| | Author: | Hasadya Raed | | File Size: | 369 | | Last Modified: | Jun 14 23:15:27 2007 |
| MD5 Checksum: | dba5e6684619de5574b156346b162730 |
|
| /// File Name: |
glsh-lfi.txt |
Description:
|
GL-SH Deaf Forum versions 6.4.4 and below suffer from local file inclusion vulnerabilities.
| | Author: | Katatafish | | File Size: | 444 | | Last Modified: | Jun 29 01:11:29 2007 |
| MD5 Checksum: | 33ba10bae756ec62ed5b742f69f4f10c |
|
| /// File Name: |
hpdi-write.txt |
Description:
|
hpqxml.dll version 2.0.0.133 from the HP Photo Digital Imaging software package has a flaw that allows for arbitrary file overwrite on the underlying system.
| | Author: | callAX | | Homepage: | http://www.shellcode.com.ar/ | | File Size: | 1896 | | Last Modified: | Jun 27 21:33:38 2007 |
| MD5 Checksum: | ed9a0e85dfccbaaf566f375358fe5611 |
|
| /// File Name: |
httpsv162-dos.txt |
Description:
|
HTTP SERVER (httpsv) version 1.6.2 remote denial of service exploit that makes use of a 404 error.
| | Author: | Prili | | File Size: | 1166 | | Last Modified: | Jun 21 15:13:39 2007 |
| MD5 Checksum: | 27164b5dca0158989f739733fabc4429 |
|
| /// File Name: |
igshop14-eval.txt |
Description:
|
iG Shop version 1.4 suffers from an eval inclusion vulnerability.
| | Author: | IFX | | File Size: | 885 | | Last Modified: | Jun 20 00:54:30 2007 |
| MD5 Checksum: | 8ae08840daba2f9b65e23e8b912b337c |
|
| /// File Name: |
ips-evasion.txt |
Description:
|
Various commercial IPS products fail to decode HTTP requests that contain 0x0c, 0x0b, and 0x0d instead of normal 0x20/0x09 separators.
| | Author: | H D Moore | | File Size: | 1022 | | Last Modified: | Jun 20 01:07:40 2007 |
| MD5 Checksum: | 19b8f0185ad1911c1eccdd675d0588ec |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
