Section: .. / 0708-exploits /
| /// File Name: |
2wire-csrf.txt |
Description:
|
2wire routers versions 1701HG and 2071 Gateway are susceptible to cross site request forgery attacks.
| | Author: | hkm | | File Size: | 1357 | | Last Modified: | Aug 16 04:39:07 2007 |
| MD5 Checksum: | 1cd9dcc85c631ceb685b593c17d415a5 |
|
| /// File Name: |
abcestore-sql.txt |
Description:
|
ABC estore version 3.0 remote blind SQL injection exploit.
| | Author: | k1tk4t | | Homepage: | http://newhack.org/ | | File Size: | 2681 | | Last Modified: | Aug 30 03:05:57 2007 |
| MD5 Checksum: | 4f20498b0ee8a8364d48c6f28ac2b801 |
|
| /// File Name: |
acg-sql.txt |
Description:
|
ACG News version 1.0 suffers from a remote SQL injection vulnerability.
| | Author: | SmOk3 | | File Size: | 937 | | Last Modified: | Aug 28 11:47:07 2007 |
| MD5 Checksum: | e6df126f9023bb3215cab69d7e5e5a39 |
|
| /// File Name: |
adv83-K-159-2007.txt |
Description:
|
PhpHostBot versions 1.06 and below suffer from a remote file inclusion vulnerability.
| | Author: | K-159 | | Homepage: | http://k-159.echo.or.id/ | | File Size: | 2695 | | Last Modified: | Aug 9 22:35:12 2007 |
| MD5 Checksum: | f5e2ed27e5b777d3a0d3e16af7a854df |
|
| /// File Name: |
alathkar-rfi.txt |
Description:
|
AL-Athkar version 2.0 suffers from a remote file inclusion vulnerability.
| | Author: | Hasadya Raed | | File Size: | 794 | | Last Modified: | Aug 8 03:10:56 2007 |
| MD5 Checksum: | 80f36f8da4ecef4b4c55f01f52549dc1 |
|
| /// File Name: |
alcaricatier-rfi.txt |
Description:
|
AL-Caricatier version 2.5 suffers from a remote file inclusion vulnerability.
| | Author: | Hasadya Raed | | File Size: | 656 | | Last Modified: | Aug 8 03:09:34 2007 |
| MD5 Checksum: | 0f64661fd4d937537cc5cb3c0e1be82c |
|
| /// File Name: |
arcadem-sql.txt |
Description:
|
Arcadem version 2.01 suffers from remote SQL injection and file inclusion vulnerabilities.
| | Author: | SmOk3 | | File Size: | 1552 | | Last Modified: | Aug 27 22:55:25 2007 |
| MD5 Checksum: | 228d641e92b3044472dff3869c1359aa |
|
| /// File Name: |
ariadnecms-rfi.txt |
Description:
|
Ariadne CMS suffers from a remote file inclusion vulnerability.
| | Homepage: | http://aria-security.net/ | | File Size: | 519 | | Last Modified: | Aug 8 03:36:20 2007 |
| MD5 Checksum: | eb85bdcfe978f1bac9676ff01c58c969 |
|
| /// File Name: |
asa-2007-015.rb.txt |
Description:
|
Proof of concept exploit that tests for the chan_iax vulnerability in Asterisk versions below 1.2.2 and 1.4.8.
| | Author: | tenkei_ev | | Related File: | ASA-2007-015.txt | | File Size: | 4572 | | Related CVE(s): | CVE-2007-3763 | | Last Modified: | Jul 31 20:57:38 2007 |
| MD5 Checksum: | 7f965e932ba1804302cb8d60372ffeff |
|
| /// File Name: |
aspnet-xss.txt |
Description:
|
The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.
| | Author: | GeFORC3 | | Homepage: | http://WwW.GeFORC3.Org | | File Size: | 514 | | Last Modified: | Aug 17 02:05:33 2007 |
| MD5 Checksum: | 1a29eed921a70a5b9de236daa1be2cbe |
|
| /// File Name: |
asurabof.zip |
Description:
|
Proof of concept buffer overflow exploit for the Asura engine included with Rogue Trooper versions 1.0 and below and Prism: Guard Shield versions 1.1.1.0 and below which suffers from a buffer overflow vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | asurabof.txt | | File Size: | 9126 | | Last Modified: | Aug 23 21:26:58 2007 |
| MD5 Checksum: | d9523784c57c06c5a4f5c62f2e0ac97a |
|
| /// File Name: |
auracms-sql.txt |
Description:
|
The forum module in AuraCMS suffers from a remote SQL injection vulnerability.
| | Author: | k1tk4t | | File Size: | 1588 | | Last Modified: | Aug 8 00:06:04 2007 |
| MD5 Checksum: | 759952dfb0039fbe1a06cd0e03903aa5 |
|
| /// File Name: |
autoindexXSS.txt |
Description:
|
AutoIndex PHP Script versions 2.2.1 and below suffer from cross site scripting vulnerabilities.
| | Author: | d3hrdr8 | | Homepage: | http://darkcode.h1x.com/ | | File Size: | 1614 | | Last Modified: | Aug 25 15:20:55 2007 |
| MD5 Checksum: | e725972b059fd1da6ecee4f15827ead2 |
|
| /// File Name: |
belgacom_xss.txt |
Description:
|
Belgacom suffers from a cross site scripting vulnerability.
| | Author: | Tosser | | File Size: | 340 | | Last Modified: | Aug 19 21:25:36 2007 |
| MD5 Checksum: | 2c10a49166f03a0ae1331d2875a6601c |
|
| /// File Name: |
bilder-rfi.txt |
Description:
|
Bilder Uploader version 1.3 suffers from a remote file inclusion vulnerability.
| | Author: | Rizgar | | File Size: | 1074 | | Last Modified: | Aug 11 17:32:51 2007 |
| MD5 Checksum: | 9d7cd2a0da3e3335df33554eae19537e |
|
| /// File Name: |
bitchx-heap.txt |
Description:
|
BitchX version 1.1 Final remote heap overflow exploit that binds a TCP shell to port 4444.
| | Author: | bannedit | | Homepage: | http://www.blacksecurity.org/ | | File Size: | 4010 | | Last Modified: | Aug 27 22:59:39 2007 |
| MD5 Checksum: | 050200b6730c3625547c6df0bcc8ca77 |
|
| /// File Name: |
blizzard-dos.txt |
Description:
|
Blizzard StarCraft Brood War version 1.15.1 suffers from a remote denial of service vulnerability.
| | Author: | Gynvael Coldwind | | File Size: | 2827 | | Last Modified: | Aug 30 03:47:49 2007 |
| MD5 Checksum: | a5789f2382d3d95d12aeb03dc5277771 |
|
| /// File Name: |
bv2x.zip |
Description:
|
Babo Violent 2 versions 2.08.00 and below proof of concept exploit that demonstrates multiple vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | bv2x.txt | | File Size: | 10359 | | Last Modified: | Aug 15 00:28:55 2007 |
| MD5 Checksum: | cdf284f54c0e4ae9a1b96a2c8f1466b8 |
|
| /// File Name: |
cartweaver-sql.txt |
Description:
|
CartWeaver suffers from a remote SQL injection vulnerability in Details.cfm.
| | Author: | meoconx | | File Size: | 1252 | | Last Modified: | Aug 8 00:10:18 2007 |
| MD5 Checksum: | 24253b03e3a2e37014f4c6558ceb2305 |
|
| /// File Name: |
chacha-xss.txt |
Description:
|
The ChaCha.com search functionality suffers from a cross site scripting vulnerability.
| | Author: | d3hydr8 | | Homepage: | http://darkcode.h1x.com/ | | File Size: | 755 | | Last Modified: | Aug 31 12:55:55 2007 |
| MD5 Checksum: | e9ebdea597e5f10ca9b9c99db9e3cf62 |
|
| /// File Name: |
chilkat-insecure.txt |
Description:
|
CHILKAT ASP String SaveToFile() insecure method exploit that makes use of CkString.dll versions 1.1 and below.
| | Author: | shinnai | | Homepage: | http://shinnai.altervista.org/ | | File Size: | 1546 | | Last Modified: | Aug 8 01:22:07 2007 |
| MD5 Checksum: | 2f4d4d1924d1578118776f075dc47f78 |
|
| /// File Name: |
cisco-dos.txt |
Description:
|
The Cisco 7940 is susceptible to a denial of service vulnerability when sent three specially crafted SIP messages. Demonstration exploit included.
| | Author: | Radu State | | File Size: | 3697 | | Last Modified: | Aug 21 16:04:55 2007 |
| MD5 Checksum: | 949108fa7f623a7e290a90f7c64fdb55 |
|
| /// File Name: |
cisco-sql.txt |
Description:
|
A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in database user, usually cm_publisher. By running SQL commands, the attacker could gain information about the CallManager configuration, including call records. Exploitation details provided.
| | Author: | Elliot Kendall | | File Size: | 5355 | | Last Modified: | Aug 31 13:00:05 2007 |
| MD5 Checksum: | 3f7b845f8abbf592305551e6224d261d |
|
| /// File Name: |
cisco-stateful-dos.txt |
Description:
|
The Cisco 7940 phone is susceptible to a denial of service vulnerability when sent ten specially crafted SIP messages. Demonstration exploit included.
| | Author: | Radu State | | File Size: | 8952 | | Last Modified: | Aug 21 16:06:11 2007 |
| MD5 Checksum: | ab916fe2e61e51085cf88a769e62de77 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
