Архів для категорії 'Експлоіти'

Добірка експлоітів

15:14 12.01.2010

В даній добірці експлоіти в веб додатках:

  • AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection Exploit (деталі)
  • AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability (деталі)
  • MyFusion 6b settings[locale] Local File Inclusion Vulnerability (деталі)
  • MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability (деталі)
  • Mega File Manager 1.0 (index.php page) LFI Vulnerability (деталі)
  • ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
  • PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities (деталі)
  • Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities (деталі)
  • osTicket 1.6 RC4 Admin Login Blind SQL Injection Vulnerability (деталі)
  • (POST var ‘rating’) BLIND SQL INJECTION microTopic v1 Initial Release (деталі)

Добірка експлоітів

16:10 09.01.2010

В даній добірці експлоіти в веб додатках:

  • BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
  • LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability (деталі)
  • PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability (деталі)
  • AN Guestbook 0.7.8 (g_lang) Local File Inclusion Vulnerability (деталі)
  • Tribiq CMS 5.0.12c (XSS/LFI) Multiple Remote Vulnerabilities (деталі)
  • Joomla Component com_pinboard Remote File Upload Vulnerability (деталі)
  • Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability (деталі)
  • Joomla Component com_amocourse (catid) SQL Injection Vuln (деталі)
  • Joomla Component com_pinboard (task) SQL Injection Exploit (деталі)
  • User options changer (SQLi) EXPLOIT Bigace CMS stable release 2.5 (деталі)

Добірка експлоітів

16:03 07.01.2010

В даній добірці експлоіти в веб додатках:

  • RS-CMS 2.1 (key) Remote SQL Injection Vulnerability (деталі)
  • Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln (деталі)
  • Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability (деталі)
  • Kasseler CMS (FD/XSS) Multiple Remote Vulnerabilities (деталі)
  • Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability (деталі)
  • Campsite 3.3.0 RC1 Multiple Remote File Inclusion Vulnerabilities (деталі)
  • Zen Cart 1.3.8 Remote SQL Execution Exploit (деталі)
  • Zen Cart 1.3.8 Remote Code Execution Exploit (деталі)
  • phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities (деталі)
  • Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit (деталі)

Добірка експлоітів

18:17 05.01.2010

В даній добірці експлоіти в веб додатках:

  • TekBase All-in-One 3.1 Multiple SQL Injection Vulnerabilities (деталі)
  • CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities (деталі)
  • MIDAS 1.43 (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
  • AWScripts Gallery Search Engine 1.x Insecure Cookie Vulnerability (деталі)
  • Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities (деталі)
  • pmaPWN! - phpMyAdmin Code Injection RCE Scanner & Exploit (деталі)
  • phpDatingClub 3.7 Remote SQL/XSS Injection Vulnerabilities (деталі)
  • pc4 Uploader <= 10.0 Remote File Disclosure Vulnerability (деталі)
  • MyBB <= 1.4.6 Remote Code Execution Exploit (деталі)
  • TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit (деталі)

Добірка експлоітів

16:21 30.12.2009

В даній добірці експлоіти в веб додатках:

  • Joomla Component com_jumi (fileid) Blind SQL Injection Exploit (деталі)
  • The Recipe Script 5 Remote XSS Vulnerability (деталі)
  • phportal v1 (topicler.php id) Remote SQL Injection Vulnerability (деталі)
  • vBulletin Radio and TV Player Add-On HTML Injection Vulnerability (деталі)
  • Netgear DG632 Router Remote Denial of Service Vulnerability (деталі)
  • Netgear DG632 Router Authentication Bypass Vulnerability (деталі)
  • phpCollegeExchange 0.1.5c (listing_view.php itemnr) SQL Injection Vuln (деталі)
  • Joomla Component com_ijoomla_rss Blind SQL Injection Exploit (деталі)
  • XOOPS <= 2.3.3 Remote File Disclosure Vulnerability (.htaccess) (деталі)
  • phpFK 7.03 (page_bottom.php) Local File Inclusion Vulnerability (деталі)
  • phportal 1.0 Insecure Cookie Handling Vulnerability (деталі)
  • FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit (деталі)
  • FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities (деталі)
  • fuzzylime cms <= 3.03a Local Inclusion / Arbitrary File Corruption PoC (деталі)
  • Exploits BLIND SQL INJECTION (GET var ‘AlbumID’) RTWebalbum 1.0.462 (деталі)

Добірка експлоітів

17:24 28.12.2009

В даній добірці експлоіти в веб додатках:

  • Zip Store Chat 4.0/5.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
  • Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities (деталі)
  • TransLucid 1.75 Multiple Remote Vulnerabilities (деталі)
  • TBDev 01-01-2008 Multiple Remote Vulnerabilities (деталі)
  • Pivot 1.40.4-7 Multiple Remote Vulnerabilities (деталі)
  • Apple Safari & Quicktime Denial of Service Vulnerability (деталі)
  • Evernew Free Joke Script 1.2 Remote Change Password Exploit (деталі)
  • AdaptWeb 0.9.2 (LFI/SQL) Multiple Remote Vulnerabilities (деталі)
  • Elvin BT S 1.2.0 Multiple Remote Vulnerabilities (деталі)
  • DB Top Sites 1.0 (index.php u) Local File Inclusion Vulnerability (деталі)
  • DB Top Sites 1.0 Remote Command Execution Exploit (деталі)
  • FormMail 1.92 Multiple Remote Vulnerabilities (деталі)
  • SugarCRM 5.2.0e Remote Code Execution Vulnerability (деталі)
  • Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability (деталі)
  • Exploits IceWarp WebMail Server: Client-Side Specification of “Forgot Password” eMail Content (деталі)

Добірка експлоітів

16:17 25.12.2009

В даній добірці експлоіти в веб додатках:

  • phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit (деталі)
  • Joomla Component com_vehiclemanager 1.0 RFI Vulnerability (деталі)
  • Joomla Component com_realestatemanager 1.0 RFI Vulnerability (деталі)
  • MRCGIGUY Hot Links (report.php id) Remote SQL Injection Vulnerability (деталі)
  • MRCGIGUY The Ticket System 2.0 PHP Multiple Remote Vulnerabilities (деталі)
  • Open Biller 0.1 (username) Blind SQL Injection Exploit (деталі)
  • Splog <= 1.2 Beta Multiple Remote SQL Injection Vulnerabilities (деталі)
  • phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln (деталі)
  • Sniggabo CMS (article.php id) Remote SQL Injection Exploit (деталі)
  • Yogurt 0.3 (XSS/SQL Injection) Multiple Remote Vulnerabilities (деталі)
  • TorrentVolve 1.4 (deleteTorrent) Delete Arbitrary File Vulnerability (деталі)
  • phpWebThings <= 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit (деталі)
  • Campus Virtual-LMS (XSS/SQL Injection) Multiple Remote Vulnerabilities (деталі)
  • 4images <= 1.7.7 Filter Bypass HTML Injection/XSS Vulnerability (деталі)
  • Exploits BLIND SQL INJECTION EXPLOIT TemaTres 1.0.3 (деталі)

Добірка експлоітів

16:12 23.12.2009

В даній добірці експлоіти в веб додатках:

  • Frontis 3.9.01.24 (source_class) Remote SQL Injection Vulnerability (деталі)
  • Joomla Component BookLibrary 1.5.2.4 Remote File Inclusion Vulnerability (деталі)
  • Apple Safari <= 3.2.x (XXE attack) Local File Theft Vulnerability (деталі)
  • Free Download Manager 2.5/3.0 (Control Server) Remote BOF Exploit (деталі)
  • S-CMS <= 2.0b3 (username) Blind SQL Injection Exploit (деталі)
  • S-CMS <= 2.0b3 Multiple SQL Injection Vulnerabilities (деталі)
  • S-CMS <= 2.0b3 Multiple Local File Inclusion Vulnerabilities (деталі)
  • Joomla Component com_media_library 1.5.3 RFI Vulnerability (деталі)
  • Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability (деталі)
  • MRCGIGUY FreeTicket (CH/SQL) Multiple Remote Vulnerabilities (деталі)
  • Desi Short URL Script (Auth Bypass) Insecure Cookie Handling Vuln (деталі)
  • School Data Navigator (page) Local/Remote File Inclusion Vulnerability (деталі)
  • LightNEasy sql/no-db <= 2.2.x system Config Disclosure Exploit (деталі)
  • DX Studio Player < 3.0.29.1 Firefox plug-in Command Injection Vuln (деталі)
  • Exploits IceWarp WebMail Server: SQL Injection in Groupware Component (деталі)

Добірка експлоітів

17:37 21.12.2009

В даній добірці експлоіти в веб додатках:

  • VT-Auth 1.0 (zHk8dEes3.txt) File Disclosure Vulnerability (деталі)
  • MyCars Automotive (Auth Bypass) SQL Injection Vulnerability (деталі)
  • Joomla Component MooFAQ (com_moofaq) LFI Vulnerability (деталі)
  • httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit (деталі)
  • Interlogy Profile Manager Basic Insecure Cookie Handling Vulnerability (деталі)
  • Virtue Shopping Mall (cid) Remote SQL Injection Vulnerability (деталі)
  • Virtue Book Store (cid) Remote SQL Injection Vulnerability (деталі)
  • Virtue Classifieds (category) SQL Injection Vulnerability (деталі)
  • Shop Script Pro 2.12 Remote SQL Injection Exploit (деталі)
  • Joomla Component com_portafolio (cid) SQL injection Vulnerability (деталі)
  • Automated Link Exchange Portal 1.3 Multiple Remote Vulnerabilities (деталі)
  • DM FileManager 3.9.2 Insecure Cookie Handling Vulnerability (деталі)
  • Grestul 1.2 Remote Add Administrator Account Exploit (деталі)
  • Virtue News (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
  • Exploits BLIND SQL INJECTION Leap CMS 0.1.4 (деталі)

Добірка експлоітів

16:14 18.12.2009

В даній добірці експлоіти в веб додатках:

  • Kloxo 5.75 (24 Issues) Multiple Remote Vulnerabilities (деталі)
  • Host Directory PRO 2.1.0 Remote Change Admin Password Exploit (деталі)
  • Web Directory PRO Remote Database Backup Vulnerability (деталі)
  • Host Directory PRO 2.1.0 Remote Database Backup Vulnerability (деталі)
  • Web Directory PRO (admins.php) Change Admin Password Exploit (деталі)
  • SuperCali PHP Event Calendar Arbitrary Change Admin Password Exploit (деталі)
  • OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit (деталі)
  • Kjtechforce mailman b1 (dest) Remote Blind SQL Injection Exploit (деталі)
  • Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability (деталі)
  • Pixelactivo 3.0 (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
  • Pixelactivo 3.0 (idx) Remote SQL Injection Vulnerability (деталі)
  • PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit (деталі)
  • Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability (деталі)
  • fipsCMS Light 2.1 (db.mdb) Remote Database Disclosure Vulnerability (деталі)
  • USER OPTIONS CHANGER EXPLOIT MiniTwitter v0.2-Beta (деталі)