Section: .. / 0807-exploits /
| /// File Name: |
afbookmarkxss-08_001.txt |
Description:
|
Affinium Campaign version 7.2.1.0.55 suffers from a javascript insertion vulnerability.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2488 | | Last Modified: | Jul 30 23:39:22 2008 |
| MD5 Checksum: | aa73e008ea27448fe48f62df82d14ae0 |
|
| /// File Name: |
aflistenerdos-08_007.txt |
Description:
|
Affinium Campaign version 7.2.1.0.55 suffers from a denial of service vulnerability in its Listener.
| | Author: | Tim Brown, Neil Kettle | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 5730 | | Last Modified: | Jul 30 23:42:31 2008 |
| MD5 Checksum: | 1c8609882e0498db76d246324b9bd7f2 |
|
| /// File Name: |
aflog-xss.txt |
Description:
|
Aflog version 1.01 suffers from a cross site scripting vulnerability.
| | Author: | Dentrasi | | File Size: | 445 | | Last Modified: | Jul 25 13:46:20 2008 |
| MD5 Checksum: | 779983379703d1acce929f110f56cdb1 |
|
| /// File Name: |
afurlxss-08_005.txt |
Description:
|
Affinium Campaign version 7.2.1.0.55 suffers from multiple cross site scripting vulnerabilities.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 3118 | | Last Modified: | Jul 30 23:38:12 2008 |
| MD5 Checksum: | a40af2b210279d4f88bbd6a9f78d411d |
|
| /// File Name: |
alstrasoftaffiliate-sql.txt |
Description:
|
AlstraSoft Affiliate Network Pro suffers from a remote SQL injection vulnerability.
| | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1534 | | Last Modified: | Jul 16 15:39:19 2008 |
| MD5 Checksum: | 3d78c40d281413d6d57d051186f49b8c |
|
| /// File Name: |
alstrasoftarticle-sql.txt |
Description:
|
AlstraSoft Article Manager Pro version 1.6 blind SQL injection exploit.
| | Author: | GolD_M | | Homepage: | http://www.tryag.cc/ | | File Size: | 1573 | | Last Modified: | Jul 17 15:20:38 2008 |
| MD5 Checksum: | d9765f592b561b9ec388eeec697ab728 |
|
| /// File Name: |
alstrasoftvideo-sql.txt |
Description:
|
AlstraSoft Video Share Enterprise version 4.5.1 suffers from a remote SQL injection vulnerability.
| | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1852 | | Last Modified: | Jul 17 15:14:43 2008 |
| MD5 Checksum: | a4b1f490f900ac79a6103d69caabf1c8 |
|
| /// File Name: |
aproxcms-sql.txt |
Description:
|
Aprox CMS Engine version 5.1.0.4 suffers from a SQL injection vulnerability in index.php.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 1555 | | Last Modified: | Jul 21 17:10:17 2008 |
| MD5 Checksum: | 60bae2c0e5cb41e155f3fdd71b457b85 |
|
| /// File Name: |
arctic-sql.txt |
Description:
|
Arctic Issue Tracker version 2.0.0 remote SQL injection exploit that leverages index.php.
| | Author: | ldma | | File Size: | 1983 | | Last Modified: | Jul 21 17:26:11 2008 |
| MD5 Checksum: | b1f23ea989e1c019d664862d1792ab38 |
|
| /// File Name: |
artic-sql.txt |
Description:
|
Artic Issue Tracker version 2.0.0 suffers from a remote SQL injection vulnerability in index.php.
| | Author: | QTRinux | | Homepage: | http://www.root-qtr.com/ | | File Size: | 1648 | | Last Modified: | Jul 18 04:28:12 2008 |
| MD5 Checksum: | 0a4064e074188391a95718b0872a3b80 |
|
| /// File Name: |
articlefriendly-sql.txt |
Description:
|
Article Friendly Pro and Article Friendly Standard suffer from a SQL injection vulnerability in categorydetail.php.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 1756 | | Last Modified: | Jul 30 23:09:25 2008 |
| MD5 Checksum: | bae1a29a678865b7c8200c072c31c913 |
|
| /// File Name: |
arturerceg-sql.txt |
Description:
|
Artur Erceg suffers from a SQL injection vulnerability.
| | Author: | redc00de | | File Size: | 1958 | | Last Modified: | Jul 10 01:50:49 2008 |
| MD5 Checksum: | 302c469d8d00da4d616a5244ee6a33cc |
|
| /// File Name: |
ashop-sql.txt |
Description:
|
AShop Deluxe version 4.x remote SQL injection exploit that takes advantage of catalogue.php.
| | Author: | n0c0py | | Homepage: | http://n0c0py.uni.cc/ | | File Size: | 3498 | | Last Modified: | Jul 1 11:03:52 2008 |
| MD5 Checksum: | 0b77fa10fe8a2227dc7f73298d9ed400 |
|
| /// File Name: |
atmail-disclose.txt |
Description:
|
AtMail leaves world readable files available post install, allowing for the htpasswd file and more to be extracted.
| | Author: | injusticeinamerica | | File Size: | 7262 | | Last Modified: | Jul 30 22:46:59 2008 |
| MD5 Checksum: | 4fdfda34b46c5b29ffe67fcb8aa22e22 |
|
| /// File Name: |
atmail541-download.txt |
Description:
|
Atmail PHP version 5.41 suffers from a file download vulnerability that allows a remote attacker to gain access to database passwords and more.
| | File Size: | 1869 | | Last Modified: | Jul 30 23:35:47 2008 |
| MD5 Checksum: | 8d096f5271b884f9d032f7989bfbb7ea |
|
| /// File Name: |
atomphotoblog-sql.txt |
Description:
|
Atom PhotoBlog version 1.1.5b1 suffers from a remote SQL injection vulnerability.
| | Author: | Mr.SQL | | Homepage: | http://www.pal-hacker.com/ | | File Size: | 1488 | | Last Modified: | Jul 24 12:17:57 2008 |
| MD5 Checksum: | 69a36f18579002640832d44da0a6de28 |
|
| /// File Name: |
auracms-addeditdelete.txt |
Description:
|
AuraCMS versions 2.2.2 and below arbitrary edit/add/delete exploit that makes use of pages_data.php.
| | Author: | k1tk4t | | Homepage: | http://newhack.org/ | | File Size: | 4138 | | Last Modified: | Jul 10 02:58:15 2008 |
| MD5 Checksum: | d46569d5cae2819634ecc835ba19fbbf |
|
| /// File Name: |
avlc-sql.txt |
Description:
|
Avlc Forum suffers from a remote SQL injection vulnerability in vlc_forum.php.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1616 | | Last Modified: | Jul 14 22:46:58 2008 |
| MD5 Checksum: | 26ac2aa382340a458cf6a4e4e3a8c0ac |
|
| /// File Name: |
bailiwicked_domain.rb.txt |
Description:
|
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.
| | Author: | I)ruid, H D Moore | | Homepage: | http://www.caughq.org/ | | File Size: | 15954 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 24 12:14:00 2008 |
| MD5 Checksum: | 5882e859718d26d63b3bc1167eacb0fd |
|
| /// File Name: |
bailiwicked_host.rb.txt |
Description:
|
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.
| | Author: | I)ruid, H D Moore | | Homepage: | http://www.caughq.org/ | | File Size: | 16025 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 23 20:05:48 2008 |
| MD5 Checksum: | 4def3738d35dc00d760fa023d0106a29 |
|
| /// File Name: |
barenuked-admin.txt |
Description:
|
BareNuked CMS version 1.1.0 arbitrary add administrator exploit.
| | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 3797 | | Last Modified: | Jul 1 11:19:05 2008 |
| MD5 Checksum: | 5ec47feac834cbac9413af2b028e7cd6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
