Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:28:22 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1394181398&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0610-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1394181398.1338182902.1338182902.1338182902.1%3B%2B__utmz%3D32867617.1338182902.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/51589/0610-exploits.tgz http://packetstormsecurity.org/files/51589/0610-exploits.tgz http://packetstormsecurity.org/files/51589/0610-exploits.tgz.html Thu, 02 Nov 2006 15:32:02 GMT Packet Storm new exploits for October, 2006. http://packetstormsecurity.org/files/51531/QnECMS-2.5.6.txt http://packetstormsecurity.org/files/51531/QnECMS-2.5.6.txt http://packetstormsecurity.org/files/51531/QnECMS-2.5.6.txt.html Tue, 31 Oct 2006 22:37:19 GMT [ECHO_ADV_53$2006] QnECMS 2.5.6 and prior suffers from a remote file inclusion vulnerability. POC included. http://packetstormsecurity.org/files/51530/PHPEasyDataPro2.2.1.txt http://packetstormsecurity.org/files/51530/PHPEasyDataPro2.2.1.txt http://packetstormsecurity.org/files/51530/PHPEasyDataPro2.2.1.txt.html Tue, 31 Oct 2006 22:36:13 GMT PHPEasyData Pro 2.2.1 suffers from a SQL injection vulnerability in index.php. http://packetstormsecurity.org/files/51529/PHPEasyDataPro1.4.1.txt http://packetstormsecurity.org/files/51529/PHPEasyDataPro1.4.1.txt http://packetstormsecurity.org/files/51529/PHPEasyDataPro1.4.1.txt.html Tue, 31 Oct 2006 22:35:30 GMT PHPEasyData Pro 1.4.1 suffers from a SQL injection vulnerability in index.php. http://packetstormsecurity.org/files/51528/simple-v0.99.txt http://packetstormsecurity.org/files/51528/simple-v0.99.txt http://packetstormsecurity.org/files/51528/simple-v0.99.txt.html Tue, 31 Oct 2006 22:20:59 GMT Simple Website Software v0.99 suffers from a remote file inclusion vulnerability in common.php. http://packetstormsecurity.org/files/51526/eNM-0.0.1.txt http://packetstormsecurity.org/files/51526/eNM-0.0.1.txt http://packetstormsecurity.org/files/51526/eNM-0.0.1.txt.html Tue, 31 Oct 2006 22:19:15 GMT easy notes manager (eNM) version 0.0.1 is affected by multiple SQL injection issues. POC included that demonstrates how to bypass authentication. http://packetstormsecurity.org/files/51525/freenews-inc.txt http://packetstormsecurity.org/files/51525/freenews-inc.txt http://packetstormsecurity.org/files/51525/freenews-inc.txt.html Tue, 31 Oct 2006 22:17:41 GMT freenews suffers from a remote file inclusion vulnerability in aff_news.php. http://packetstormsecurity.org/files/51523/Exporia-0.3.0.txt http://packetstormsecurity.org/files/51523/Exporia-0.3.0.txt http://packetstormsecurity.org/files/51523/Exporia-0.3.0.txt.html Tue, 31 Oct 2006 22:12:25 GMT Remote exploit for Exporia versions 0.3.0 and prior remote file inclusion vulnerability. http://packetstormsecurity.org/files/51522/CentiPaid-1.4.2.txt http://packetstormsecurity.org/files/51522/CentiPaid-1.4.2.txt http://packetstormsecurity.org/files/51522/CentiPaid-1.4.2.txt.html Tue, 31 Oct 2006 22:10:27 GMT CentiPaid 1.4.3 suffers from a remote file inclusion vulnerability in centipaid_class.php. http://packetstormsecurity.org/files/51521/Banv0.1.txt http://packetstormsecurity.org/files/51521/Banv0.1.txt http://packetstormsecurity.org/files/51521/Banv0.1.txt.html Tue, 31 Oct 2006 22:08:22 GMT Ban v0.1 suffers from a remote file inclusion vulnerability in bannieres.php. http://packetstormsecurity.org/files/51520/Thepeak-v1.3.txt http://packetstormsecurity.org/files/51520/Thepeak-v1.3.txt http://packetstormsecurity.org/files/51520/Thepeak-v1.3.txt.html Tue, 31 Oct 2006 22:06:28 GMT Thepeak File Upload v1.3 suffers from a vulnerability that allows anyone to download arbitrary files. http://packetstormsecurity.org/files/51518/HostingController6.1.txt http://packetstormsecurity.org/files/51518/HostingController6.1.txt http://packetstormsecurity.org/files/51518/HostingController6.1.txt.html Tue, 31 Oct 2006 21:58:58 GMT Hosting Controller 6.1 Hotfix less than or equal to 3.2 suffers from multiple vulnerabilities which can allow an unauthenticated user to delete sites and perform SQL injection attacks. http://packetstormsecurity.org/files/51517/phpAdsNew-2.0.8-2.txt http://packetstormsecurity.org/files/51517/phpAdsNew-2.0.8-2.txt http://packetstormsecurity.org/files/51517/phpAdsNew-2.0.8-2.txt.html Tue, 31 Oct 2006 21:54:58 GMT phpAdsNew 2.0.8 suffers from a file inclusion vulnerability in adlayer.php. http://packetstormsecurity.org/files/51499/NucleusCorev3.23.txt http://packetstormsecurity.org/files/51499/NucleusCorev3.23.txt http://packetstormsecurity.org/files/51499/NucleusCorev3.23.txt.html Mon, 30 Oct 2006 23:31:00 GMT Nucleus Core v3.23 suffers from a remote file inclusion vulnerability in media.php. http://packetstormsecurity.org/files/51498/PunBB-1.2.13.txt http://packetstormsecurity.org/files/51498/PunBB-1.2.13.txt http://packetstormsecurity.org/files/51498/PunBB-1.2.13.txt.html Mon, 30 Oct 2006 23:29:47 GMT PunBB 1.2.13 suffers from multiple vulnerabilities including SQL injection and local file inclusion. http://packetstormsecurity.org/files/51486/GestArt_vbeta_1.txt http://packetstormsecurity.org/files/51486/GestArt_vbeta_1.txt http://packetstormsecurity.org/files/51486/GestArt_vbeta_1.txt.html Mon, 30 Oct 2006 22:08:29 GMT GestArt vbeta 1 and prior suffer from a remote file inclusion vulnerability in /gestArt/aide.php. http://packetstormsecurity.org/files/51484/Joomlaextended_registration.txt http://packetstormsecurity.org/files/51484/Joomlaextended_registration.txt http://packetstormsecurity.org/files/51484/Joomlaextended_registration.txt.html Mon, 30 Oct 2006 22:05:42 GMT The Joomla extended_registration mod suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/51482/TorrentFlux2.1.txt http://packetstormsecurity.org/files/51482/TorrentFlux2.1.txt http://packetstormsecurity.org/files/51482/TorrentFlux2.1.txt.html Mon, 30 Oct 2006 22:03:16 GMT TorrentFlux 2.1 doesn't properly sanitize user input passed via the "dir" GET variable thus allowing anyone to get a list of files anywhere on the system. http://packetstormsecurity.org/files/51480/UNISOR-cms.txt http://packetstormsecurity.org/files/51480/UNISOR-cms.txt http://packetstormsecurity.org/files/51480/UNISOR-cms.txt.html Mon, 30 Oct 2006 21:37:29 GMT UNISOR CMS suffers from a SQL injection vulnerability that can be used to gain administrative privileges. http://packetstormsecurity.org/files/51476/opendocman-1.2rc3.txt http://packetstormsecurity.org/files/51476/opendocman-1.2rc3.txt http://packetstormsecurity.org/files/51476/opendocman-1.2rc3.txt.html Mon, 30 Oct 2006 21:17:56 GMT If magic_quotes_gpc is off opendocman 1.2rc3 suffers from an authentication bypass vulnerability. http://packetstormsecurity.org/files/51474/Amember.txt http://packetstormsecurity.org/files/51474/Amember.txt http://packetstormsecurity.org/files/51474/Amember.txt.html Mon, 30 Oct 2006 20:49:03 GMT Amember suffers from a remote file inclusion vulnerability in /admin/setup.php. http://packetstormsecurity.org/files/51445/Coppermine1.4.9.txt http://packetstormsecurity.org/files/51445/Coppermine1.4.9.txt http://packetstormsecurity.org/files/51445/Coppermine1.4.9.txt.html Fri, 27 Oct 2006 23:53:45 GMT Coppermine 1.4.9 suffers from a SQL injection vulnerability. POC included that grabs the admin hash. http://packetstormsecurity.org/files/51444/phpLedAds2.0.txt http://packetstormsecurity.org/files/51444/phpLedAds2.0.txt http://packetstormsecurity.org/files/51444/phpLedAds2.0.txt.html Fri, 27 Oct 2006 23:52:31 GMT phpLedAds 2.0 suffers from multiple remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/51443/PLS-Bannieres1.21.txt http://packetstormsecurity.org/files/51443/PLS-Bannieres1.21.txt http://packetstormsecurity.org/files/51443/PLS-Bannieres1.21.txt.html Fri, 27 Oct 2006 23:50:55 GMT PLS-Bannieres 1.21 suffers from a remote file inclusion vulnerability in bannieres.php. http://packetstormsecurity.org/files/51442/MiniBILLv2006-10-10.txt http://packetstormsecurity.org/files/51442/MiniBILLv2006-10-10.txt http://packetstormsecurity.org/files/51442/MiniBILLv2006-10-10.txt.html Fri, 27 Oct 2006 23:50:04 GMT MiniBILL v2006-10-10 suffers from a remote file inclusion vulnerability in config[page_dir].