Saturday Sep 04

Portal Organisasi

Exploit Code

milw0rm.com's latest exploit rss feed

ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

Joomla com_mytube (user_id) Blind SQL Injection Exploit

cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit

Joomla com_jinc (newsid) Blind SQL Injection Vulnerability

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

Snort < 2.8.5 Unified1 Output Denial of Service Exploit

CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability

Packet Storm Last 10 Tools

suricata-1.0.2.tar.gz

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

cvechecker-0.5.tar.gz

cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.

voidssh.tar.gz

Void SSH is a python script that performs multithreaded bruteforcing.

auditx.tgz

AuditX is a shell script that performs initial information gathering for a given target. Can be used prior to a penetration test, etc.

openssh-5.6p1.tar.gz

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Exploit Code

Packet Storm Last 10 Exploits

smbind-sql.txt

SMBind versions 0.4.7 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.

pligg104-sql.txt

Pligg version 1.0.4 suffers from additional remote SQL injection vulnerabilities outside of the previously discovered findings.

moaub-visinia.txt

Month Of Abysssec Undisclosed Bugs - Visinia version 1.3 suffers from cross site request forgery and local file inclusion vulnerabilities.

moaub-trendmicro.txt

Month Of Abysssec Undisclosed Bugs - Trend Micro Internet Security Pro 2010 suffers from an Active-X extSetOwner remote code execution vulnerability.

onecms-xss.txt

OneCMS version 2.6.1 suffers from a cross site scripting vulnerability.

webmanagerpro-sql.txt

CMS WebManager-Pro suffers from a remote SQL injection vulnerability.

PRL-2010-07.txt

A flaw exists within SSHD.NLM of Novell Netware version 6.5. When the application attempts to resolve an absolute path on the server, a 512 byte destination buffer is used without bounds checking. By providing a large enough value, an attacker can cause a buffer to be overflowed. Successful exploitation results in remote code execution under the context of the server.

moovida-dllhijack.tgz

Moovida Media Player versions 2.0.0.15 and below DLL hijacking exploit.

moaub-quicktime.txt

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 FlashPix NumberOfTiles remote code execution exploit.

vbshout-rfilfi.txt

vbShout version 5.2.2 suffers from remote and local file inclusion vulnerabilities.

Visitors

	Today	20
	Yesterday	26
	Total	13530

Portal Organisasi

Exploit Code

Exploit Code

Visitors

Most Popular Tags