Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:17:52 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1921890802&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0804-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1921890802.1338185872.1338185872.1338185872.1%3B%2B__utmz%3D32867617.1338185872.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/70071/wp-bruteforcer.txt http://packetstormsecurity.org/files/70071/wp-bruteforcer.txt http://packetstormsecurity.org/files/70071/wp-bruteforcer.txt.html Wed, 17 Sep 2008 19:09:13 GMT WordPress administrative login bruteforcing script that takes in a dictionary file. http://packetstormsecurity.org/files/65955/0804-exploits.tgz http://packetstormsecurity.org/files/65955/0804-exploits.tgz http://packetstormsecurity.org/files/65955/0804-exploits.tgz.html Thu, 01 May 2008 14:51:29 GMT Packet Storm new exploits for April, 2008. http://packetstormsecurity.org/files/65951/harris-rfi.txt http://packetstormsecurity.org/files/65951/harris-rfi.txt http://packetstormsecurity.org/files/65951/harris-rfi.txt.html Thu, 01 May 2008 00:47:40 GMT Harris WapChat version 1 suffers from multiple remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/65948/oxyproject-exec.txt http://packetstormsecurity.org/files/65948/oxyproject-exec.txt http://packetstormsecurity.org/files/65948/oxyproject-exec.txt.html Thu, 01 May 2008 00:42:13 GMT OxYProject version 0.85 suffers from a remote code execution vulnerability in edithistory.php. http://packetstormsecurity.org/files/65946/pbcs-multi.txt http://packetstormsecurity.org/files/65946/pbcs-multi.txt http://packetstormsecurity.org/files/65946/pbcs-multi.txt.html Thu, 01 May 2008 00:39:09 GMT Project Based Calendaring System (PBCS) version 0.7.1 suffers from remote file upload and remote file disclosure vulnerabilities. http://packetstormsecurity.org/files/65936/vlc-format.txt http://packetstormsecurity.org/files/65936/vlc-format.txt http://packetstormsecurity.org/files/65936/vlc-format.txt.html Tue, 29 Apr 2008 23:55:20 GMT VideoLAN VLC version 0.8.6d format string exploit that takes advantage of the httpd_FileCallBack function. http://packetstormsecurity.org/files/65935/ms08-25-exploit.zip http://packetstormsecurity.org/files/65935/ms08-25-exploit.zip http://packetstormsecurity.org/files/65935/ms08-25-exploit.zip.html Tue, 29 Apr 2008 23:52:49 GMT Microsoft Windows XP SP2 privilege escalation exploit that leverages win32k.sys and takes advantage of the vulnerability noted in MS08-025. http://packetstormsecurity.org/files/65934/sugarcrm-disclose.txt http://packetstormsecurity.org/files/65934/sugarcrm-disclose.txt http://packetstormsecurity.org/files/65934/sugarcrm-disclose.txt.html Tue, 29 Apr 2008 23:50:28 GMT SugarCRM Community Edition versions 4.5.1 and 5.0.0 suffer from a local file disclosure vulnerability. http://packetstormsecurity.org/files/65933/sitexs-xss.txt http://packetstormsecurity.org/files/65933/sitexs-xss.txt http://packetstormsecurity.org/files/65933/sitexs-xss.txt.html Tue, 29 Apr 2008 23:48:27 GMT Sitexs CMS version 0.1.1 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/65931/lokicms-delete.txt http://packetstormsecurity.org/files/65931/lokicms-delete.txt http://packetstormsecurity.org/files/65931/lokicms-delete.txt.html Tue, 29 Apr 2008 23:46:33 GMT LokiCMS versions 0.3.3 and below suffer from an arbitrary file deletion vulnerability. http://packetstormsecurity.org/files/65930/joovili-sql.txt http://packetstormsecurity.org/files/65930/joovili-sql.txt http://packetstormsecurity.org/files/65930/joovili-sql.txt.html Tue, 29 Apr 2008 23:45:24 GMT Joovili version 3.1 suffers from a SQL injection vulnerability in browse.videos.php. http://packetstormsecurity.org/files/65909/joomlapaxx-blindsql.txt http://packetstormsecurity.org/files/65909/joomlapaxx-blindsql.txt http://packetstormsecurity.org/files/65909/joomlapaxx-blindsql.txt.html Mon, 28 Apr 2008 22:35:50 GMT Blind SQL injection exploit for the Joomla PaxxGallery component. http://packetstormsecurity.org/files/65901/adv88-K-159-2008.txt http://packetstormsecurity.org/files/65901/adv88-K-159-2008.txt http://packetstormsecurity.org/files/65901/adv88-K-159-2008.txt.html Mon, 28 Apr 2008 22:25:39 GMT Prozilla Hosting Index suffers from a remote SQL injection vulnerability in directory.php. http://packetstormsecurity.org/files/65900/adv89-K-159-2008.txt http://packetstormsecurity.org/files/65900/adv89-K-159-2008.txt http://packetstormsecurity.org/files/65900/adv89-K-159-2008.txt.html Mon, 28 Apr 2008 22:22:45 GMT Softbiz Web Host Directory Script suffers from a blind SQL injection vulnerability in search_result.php. http://packetstormsecurity.org/files/65899/chicomas-rfilfi.txt http://packetstormsecurity.org/files/65899/chicomas-rfilfi.txt http://packetstormsecurity.org/files/65899/chicomas-rfilfi.txt.html Mon, 28 Apr 2008 22:20:31 GMT Chicomas version 2.0.4 suffers from local and remote file inclusion vulnerabilities. http://packetstormsecurity.org/files/65880/fluentcms-sql.txt http://packetstormsecurity.org/files/65880/fluentcms-sql.txt http://packetstormsecurity.org/files/65880/fluentcms-sql.txt.html Mon, 28 Apr 2008 22:12:27 GMT FluentCMS suffers from a remote SQL injection vulnerability in view.php. http://packetstormsecurity.org/files/65879/phprojekt-disclose.txt http://packetstormsecurity.org/files/65879/phprojekt-disclose.txt http://packetstormsecurity.org/files/65879/phprojekt-disclose.txt.html Mon, 28 Apr 2008 22:11:39 GMT Content Management System for Phprojekt version 0.6.1 suffers from a file disclosure vulnerability. http://packetstormsecurity.org/files/65878/odfaq-blindsql.txt http://packetstormsecurity.org/files/65878/odfaq-blindsql.txt http://packetstormsecurity.org/files/65878/odfaq-blindsql.txt.html Mon, 28 Apr 2008 22:10:35 GMT Blind SQL injection exploit for ODFaq version 2.1.0. http://packetstormsecurity.org/files/65877/joomlaalpha-blindsql.txt http://packetstormsecurity.org/files/65877/joomlaalpha-blindsql.txt http://packetstormsecurity.org/files/65877/joomlaalpha-blindsql.txt.html Mon, 28 Apr 2008 22:09:48 GMT Blind SQL injection exploit that makes use of the Joomla com_alphacontent component. http://packetstormsecurity.org/files/65876/jokes-sql.txt http://packetstormsecurity.org/files/65876/jokes-sql.txt http://packetstormsecurity.org/files/65876/jokes-sql.txt.html Mon, 28 Apr 2008 15:23:27 GMT The Jokes Site Script suffers from a SQL injection vulnerability in jokes.php. http://packetstormsecurity.org/files/65875/hpu-insecure.txt http://packetstormsecurity.org/files/65875/hpu-insecure.txt http://packetstormsecurity.org/files/65875/hpu-insecure.txt.html Mon, 28 Apr 2008 15:21:54 GMT HP Software Update insecure method proof of concept exploit that makes use of Hpufunction.dll version 4.0.0.1. http://packetstormsecurity.org/files/65873/minibb-xss.txt http://packetstormsecurity.org/files/65873/minibb-xss.txt http://packetstormsecurity.org/files/65873/minibb-xss.txt.html Mon, 28 Apr 2008 15:16:06 GMT MiniBB version 2.2a suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/65872/megabbs-multi.txt http://packetstormsecurity.org/files/65872/megabbs-multi.txt http://packetstormsecurity.org/files/65872/megabbs-multi.txt.html Mon, 28 Apr 2008 15:15:05 GMT MegaBBS Forum version 2.2 suffers from SQL injection and cross site scripting vulnerabilities. http://packetstormsecurity.org/files/65871/phpizabi-disclose.txt http://packetstormsecurity.org/files/65871/phpizabi-disclose.txt http://packetstormsecurity.org/files/65871/phpizabi-disclose.txt.html Mon, 28 Apr 2008 15:14:20 GMT PHPizabi version 0.848b C1 HFP3 suffers from a database information disclosure vulnerability. http://packetstormsecurity.org/files/65870/core-sql.txt http://packetstormsecurity.org/files/65870/core-sql.txt http://packetstormsecurity.org/files/65870/core-sql.txt.html Mon, 28 Apr 2008 15:12:57 GMT Core Impulse suffers from a SQL injection vulnerability.