Section: .. / 0711-exploits /
| /// File Name: |
sip-fraud.txt |
Description:
|
SIP digest access authentication relay-attack for toll fraud.
| | Author: | Humberto J. Abdelnur, Olivier Festor, Radu State | | File Size: | 5587 | | Last Modified: | Nov 5 11:42:04 2007 |
| MD5 Checksum: | 8b5249210e615f1ad25a2d39a3609f02 |
|
| /// File Name: |
skalinks-csrf.txt |
Description:
|
Skalinks versions 1.5 and below cross site request forgery add administrator exploit.
| | Author: | Vincy | | File Size: | 2032 | | Last Modified: | Nov 5 11:10:47 2007 |
| MD5 Checksum: | 117885697b5f9ee74219b1fb3cbc6b85 |
|
| /// File Name: |
sfshoutbox-inject.txt |
Description:
|
SF-Shoutbox versions 1.2.1 through 1.4 suffer from HTML and Javascript injection vulnerabilities.
| | Author: | SkyOut | | Homepage: | http://www.core-security.net/ | | File Size: | 2574 | | Last Modified: | Nov 5 11:09:45 2007 |
| MD5 Checksum: | bfcacb79c443e24b5c9e65d1effd05ce |
|
| /// File Name: |
myway-xss.txt |
Description:
|
The My Way Search engine at myway.com is susceptible to cross site scripting attacks.
| | Author: | Tosser | | File Size: | 279 | | Last Modified: | Nov 5 11:02:59 2007 |
| MD5 Checksum: | 0a91f22f19ee9d612b72d9cdd4734f8d |
|
| /// File Name: |
phphelpdesk-lfisql.txt |
Description:
|
phphelpdesk version 0.6.16 appears susceptible to local file inclusion and SQL injection vulnerabilities.
| | Author: | Joseph Giron | | File Size: | 958 | | Last Modified: | Nov 5 11:00:06 2007 |
| MD5 Checksum: | 1d22a25eef362ec45a59291c07232805 |
|
| /// File Name: |
syndeocms-rfi.txt |
Description:
|
syndeoCMS version 2.5.01 suffers from a remote file inclusion vulnerability.
| | Author: | mdx | | Homepage: | http://www.by-mdx.com/ | | File Size: | 1135 | | Last Modified: | Nov 5 10:55:10 2007 |
| MD5 Checksum: | bfc94ed9a38be2421c1cb8e59cd95d62 |
|
| /// File Name: |
vortex-rfi.txt |
Description:
|
Vortex Portal version 1.0.42 suffers from remote file inclusion vulnerabilities.
| | Author: | ShAy6oOoN | | File Size: | 586 | | Last Modified: | Nov 5 10:53:15 2007 |
| MD5 Checksum: | 3ba5fa8ece98f6609c5ab0d2de25c166 |
|
| /// File Name: |
nuboard-rfi.txt |
Description:
|
nuBoard version 0.5 suffers from a remote file inclusion vulnerability in index.php.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 210 | | Last Modified: | Nov 5 10:51:57 2007 |
| MD5 Checksum: | a0f6bb15070c7c2b5f64688ed57bfc0e |
|
| /// File Name: |
scwiki-rfi.txt |
Description:
|
scWiki version 1.0 Beta 2 suffers from a remote file inclusion vulnerability in common.php.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 191 | | Last Modified: | Nov 5 10:50:52 2007 |
| MD5 Checksum: | 13201286452008974a3756b532c024ce |
|
| /// File Name: |
quickdirty-lfi.txt |
Description:
|
Quick and Dirty Blog version 0.4 suffers from a local file inclusion vulnerability.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 219 | | Last Modified: | Nov 5 10:49:50 2007 |
| MD5 Checksum: | 35a71864c8a3e081aaea2445b137e9bd |
|
| /// File Name: |
guppy-rfilfi.txt |
Description:
|
GuppY version 4.6.3 suffers from remote and local file inclusion vulnerabilities.
| | Author: | irk4z | | File Size: | 2410 | | Last Modified: | Nov 5 10:48:44 2007 |
| MD5 Checksum: | 701311e946dcca83d2cc2837b8c8cd67 |
|
| /// File Name: |
helios-xss.txt |
Description:
|
Helios Calendar versions 1.2.1 Beta and below suffer from cross site scripting vulnerabilities.
| | Author: | Maximiliano Soler, Ivan Sanchez | | Homepage: | http://www.nullcode.com.ar/ | | File Size: | 1589 | | Last Modified: | Nov 2 19:34:05 2007 |
| MD5 Checksum: | d2a7cba91f9f0b63ec69281c9f1f85a6 |
|
| /// File Name: |
uph0703.py.txt |
Description:
|
Exploit that demonstrates a format string vulnerability in Firefly Media Server versions 0.2.4 and below.
| | Author: | nnp | | Homepage: | http://silenthack.co.uk/ | | Related File: | uph0703.txt | | File Size: | 698 | | Last Modified: | Nov 2 19:25:11 2007 |
| MD5 Checksum: | 11bd85c958d50bd568f298657a21ad81 |
|
| /// File Name: |
uph0702.py.txt |
Description:
|
Exploit that demonstrates a null pointer reference in Firefly Media Server versions 0.2.4 and below due an unchecked header variable increment.
| | Author: | nnp | | Homepage: | http://silenthack.co.uk/ | | Related File: | uph0702.txt | | File Size: | 667 | | Last Modified: | Nov 2 19:22:51 2007 |
| MD5 Checksum: | 989aeb1ed6e657ca14e4803e59e8084a |
|
| /// File Name: |
uph0701.py.txt |
Description:
|
Exploit that demonstrates a null pointer reference in Firefly Media Server versions 0.2.4 and below due to a missing :.
| | Author: | nnp | | Homepage: | http://silenthack.co.uk/ | | Related File: | uph0701.txt | | File Size: | 580 | | Last Modified: | Nov 2 19:20:06 2007 |
| MD5 Checksum: | 5afc43cae9ef08311593f5ef3ade41e5 |
|
| /// File Name: |
macnav-escalate.txt |
Description:
|
Symantec's Norton AntiVirus for Macintosh (NAV) contains a vulnerability that can lead to local privilege escalation from group admin to root.
| | Author: | William A. Carrel | | Homepage: | http://blog.carrel.org/ | | File Size: | 5345 | | Last Modified: | Nov 2 19:11:24 2007 |
| MD5 Checksum: | 1628f35c2eaa9a36c06e2653141e1971 |
|
| /// File Name: |
ax-lfi.txt |
Description:
|
Ax Developer CMS version 0.1.1 suffers from a local file inclusion vulnerability in index.php.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 721 | | Last Modified: | Nov 2 18:23:03 2007 |
| MD5 Checksum: | 2903ce78817855b7e25f685bd08b8601 |
|
| /// File Name: |
howtoforge-xss.txt |
Description:
|
It appears that howtoforge.com is susceptible to a cross site scripting vulnerability.
| | Author: | Emmanouil Gavriil | | File Size: | 134 | | Last Modified: | Nov 2 12:15:11 2007 |
| MD5 Checksum: | db5717524fd9440f046de106012aa445 |
|
| /// File Name: |
sonicwall-remote.txt |
Description:
|
SonicWall SSL-VPN NeLaunchCtrl ActiveX control exploit that launches calc.exe.
| | Author: | krafty | | Related Exploit: | SA-20071101-0.txt | | File Size: | 1255 | | Last Modified: | Nov 2 12:11:16 2007 |
| MD5 Checksum: | 81fbbbe94e63d8446b9998e5b747faed |
|
| /// File Name: |
dmguest-lfi.txt |
Description:
|
DM Guestbook versions 0.4.1 and below suffer from multiple local file inclusion vulnerabilities.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 414 | | Last Modified: | Nov 2 11:51:43 2007 |
| MD5 Checksum: | 561a90cc395c1c9b8a00ab04a2e55195 |
|
| /// File Name: |
scribe-exec.txt |
Description:
|
Scribe versions 0.2 and below suffer from a remote PHP code execution vulnerability.
| | Author: | KiNgOfThEwOrLd | | Homepage: | http://www.inj3ct-it.org/ | | File Size: | 1950 | | Last Modified: | Nov 2 11:50:21 2007 |
| MD5 Checksum: | 69a127ea3eb22cfc0652d108b8c472fc |
|
| /// File Name: |
backupword-rfi.txt |
Description:
|
WordPress plugin BackUpWordPress versions 0.4.2b and below suffer from a remote file inclusion vulnerability.
| | Author: | S.W.A.T. | | Homepage: | http://www.xmors.com/ | | File Size: | 1494 | | Last Modified: | Nov 2 11:48:50 2007 |
| MD5 Checksum: | 2e6df62e3e66caefb40175d15419f292 |
|
| /// File Name: |
edrawflow-insecure.txt |
Description:
|
EDraw Flowchart ActiveX control HttpDownloadFile() insecure method exploit that makes use of EDImage.ocx version 2.0.2005.1104.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1181 | | Last Modified: | Nov 2 11:47:21 2007 |
| MD5 Checksum: | db390b9b9707f39dbeaf9cb518aacea4 |
|
| /// File Name: |
PR07-29.txt |
Description:
|
Two cross site scripting vulnerabilities have been discovered in the Blue coat ProxySG Management Console. Versions below 4.2.6.1 and 5.2.2.5 are susceptible.
| | Author: | Adrian Pastor | | Homepage: | http://www.procheckup.com/ | | File Size: | 2423 | | Last Modified: | Nov 1 19:28:34 2007 |
| MD5 Checksum: | 4300508a909c96cafc2e2f84ee679c17 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
