CITEC Forum > Computer Security & Reverse Engineering > English Section > World Exploits update

Pages : [1] 2

1. [remote] - SigPlus Pro v3.74 ActiveX LCDWriteString() Remote BoF JIT Spray - aslr/dep bypass
2. [remote] - UPlusFTP Server v1.7.1.01 [ HTTP ] Remote Buffer Overflow [ Post Auth ]
3. [webapps] - Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection
4. [webapps] - AV Arcade v3 Cookie Authentication Bypass
5. [remote] - Symantec AMS Intel Alert Handler Service Design Flaw
6. [local] - Zemana AntiLogger AntiLog32.sys
7. [webapps] - nuBuilder Remote File inclusion Vulnerability
8. [remote] - Apache Tomcat < 6.0.18 UTF8 Directory Traversal Vulnerability
9. [webapps] - Joomla Component Appointinator 1.0.1 Multiple Remote Vulnerabilities
10. [local] - WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow (SEH)
11. [webapps] - Joomla Component PBBooking 1.0.4_3 Multiple Blind SQL Injection
12. [webapps] - Whizzy CMS 10.02 Local File Inclusion
13. [webapps] - Joomla SimpleShop Component (com_simpleshop) SQL Injection Vulnerability
14. [webapps] - Joomla Component (com_beamospetition) SQL Injection Vulnerability
15. [local] - HTML Email Creator 2.42 build 718 Buffer Overflow Exploit (SEH)
16. [dos] - BarCodeWiz BarCode ActiveX 3.29 PoC
17. [remote] - BarCodeWiz Barcode ActiveX Control 3.29 BoF Exploit (SEH)
18. [webapps] - Joomla RSForm!Pro Component (com_rsform) SQL Injection Vulnerability
19. [dos] - ChordPulse 1.4 Denial of Service Vulnerability
20. [webapps] - Concept E-commerce SQL Injection Vulnerability
21. [dos] - Xmyplay 3.5.1 Denial of Service Vulnerability
22. [dos] - Xion Audio Player 1.0.125 Denial of Service Vulnerability
23. [webapps] - Joomla Component Spielothek 1.6.9 Multiple Blind SQL Injection
24. [papers] - [Hebrew] Digital Whisper Security Magazine #11
25. [remote] - Barcodewiz v3.29 Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)
26. [webapps] - Intellinet IP Camera MNC-L10 Authentication Bypass Vulnerability
27. [remote] - Xerver 4.32 Source Disclosure and HTTP Authentication Bypass
28. [webapps] - SnoGrafx (cat.php?cat) SQL Injection Vulnerability
29. [local] - WM Downloader 3.1.2.2 Buffer Overflow Exploit
30. [dos] - Jaangle 0.98e.971 Denial of Service Vulnerability
31. [webapps] - Joomla CamelcityDB 2.2 SQL Injection Vulnerability
32. [webapps] - Cybsec Advisory Multiple Cross-Site Scripting (XSS) in MyIT CRM
33. [local] - Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter Stack Buffer Overflow Exploit
34. [dos] - Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption
35. [webapps] - 68KB v1.0.0rc4 Remote File Include Vulnerability
36. [webapps] - PHP5.2.6 (content.phpid) SQL Injection Vulnerability
37. [remote] - Unauthorized Access to Root NFS Export on EMC Celerra NAS Appliance - [CVE: 2010-2860]
38. [webapps] - APT-WEBSHOP-SYSTEM modules.php SQL injection
39. [dos] - Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability - [CVE: 2010-2008]
40. [local] - Apple iOS pdf Jailbreak Exploit
41. [webapps] - eSmart-Vision Trading Multiple SQL Injection Exploit
42. [remote] - FathFTP 1.8 (SEH) ActiveX Buffer Overflow
43. [webapps] - WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability
44. [local] - Progitek Visionner Photos v2.0 - File Format DOS
45. [remote] - HP Openview NNM OvJavaLocale Buffer Overflow Vulnerability - [CVE: 2010-2709]
46. [webapps] - Team Johnlong RaidenTunes 2.1.1 Remote Cross-Site Scripting Vulnerability
47. [papers] - Exploitation on ARM - Presentation
48. [papers] - Exploitation on ARM - Whitepaper
49. [local] - Exploit Easy RM to MP3 2.7.3.700 ( .m3u , .pls , .smi , .wpl , .wax , .wvx , .ram)
50. [remote] - FathFTP 1.8 (EnumFiles Method) ActiveX Buffer Overflow (SEH)
51. [remote] - FathFTP v1.8 (DeleteFile Method) ActiveX Buffer Overflow (SEH)
52. [remote] - FathFTP 1.8 (FileExists Method) ActiveX Buffer Overflow (SEH)
53. [papers] - [Persian] CRLF Injection Attacks
54. [dos] - Mediamonkey v. 3.2.1.1297 DOS POC
55. [webapps] - Nuked-Klan Module Partenaires NK 1.5 Blind Sql Injection
56. [webapps] - sX-Shop SQL Injection Vulnerability
57. [webapps] - sX-Shop Multiple SQL Injection Vulnerabilities
58. [webapps] - ccTiddly v1.7.6 Multiple Remote File Inclusion Vulnerabilities
59. [webapps] - APBoard v2.1.0 ( board.php?id=) SQL Injection Vulnerability
60. [webapps] - Open Blog v1.2.1 CSRF Vulnerability
61. [webapps] - BXR v0.6.8 CSRF Vulnerability
62. [webapps] - Amethyst v0.1.5 XSS Vulnerability
63. [webapps] - DiamondList v0.1.6 CSRF Vulnerability
64. [local] - Microsoft Windows win32k.sys Driver "CreateDIBPalette()" Buffer Overflow
65. [local] - AtomixMP3 2.3 .m3u File Buffer Overflow Exploit
66. [local] - AtomixMP3 2.3 .m3u File Buffer Overflow Exploit (SEH)
67. [webapps] - Joomla Component cgTestimonial 2.2 Multiple Remote Vulnerabilities
68. [webapps] - Joomla Component com_neorecruit 1.4 SQL Injection Vulnerability
69. [webapps] - Tycoon CMS Record Script SQL Injection Vulnerability
70. [dos] - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service Vulnerability - [CVE: 2010-2482]
71. [webapps] - CruxCMS SQL Injection Vulnerability
72. [webapps] - Maxtrade AIO Blind SQL Injection Vulnerability
73. [local] - Mini-stream Ripper v3.1.2.1 Buffer Overflow (DEP Bypass)
74. [papers] - [Indonesian] Protecting Website from Common Attacks
75. [webapps] - PHPKick v0.8 statistics.php SQL Injection Exploit
76. [remote] - Advanced File Vault(eSellerateControl350.dll) Activex Heap Spray 0-day
77. [local] - myMP3-Player v3.0 Buffer Overflow Exploit
78. [dos] - ffdshow Video Codec Denial of Service Vulnerability
79. [dos] - Quintessential Player 5.0.121 Denial of Service Vulnerability
80. [dos] - QQ Computer Manager TSKsp.sys Local Denial of Service Exploit
81. [webapps] - kleeja 1.0.0RC6 Database Disclosure
82. [remote] - dBpowerAMP Audio Player 2 (FileExists) ActiveX Buffer Overflow Exploit
83. [dos] - Visual MP3 Splitter & Joiner 6.1 Denial of Service Vulnerability
84. [webapps] - Php Nuke Blind Sql Injection 8.x.x
85. [local] - Fat Player 0.6b WAV File Processing Buffer Overflow (SEH)
86. [webapps] - Joomla Yellowpages SQL Injection Vulnerability
87. [dos] - Linux Kernel
88. [local] - AoAAudioExtractor 2.0.0.0 ActiveX PoC (SEH)
89. [webapps] - wizmall 6.4 CSRF Vulnerabilities
90. [dos] - Mthree Development MP3 to WAV Decoder Denial of Service Vulnerability
91. [webapps] - Joomla Component Amblog 1.0 Multiple SQL Injection Vulnerabilities
92. [webapps] - Joomla Component Teams Multiple Blind SQL Injection Vulnerabilities
93. [remote] - AoA Audio Extractor Remote ActiveX SEH JIT Spray Exploit (ASLR+DEP Bypass)
94. [local] - Exploit-rosoft media player 4.4.4 SEH buffer overflow POC
95. [remote] - SopCast New 0Day Remote Exploit
96. [remote] - EASYFTP BOF Vulnerabilities in NLST , NLST -al, APPE, RETR , SIZE and XCWD Commands
97. [remote] - Play! Framework
98. [remote] - RSP MP3 Player OCX ActiveX Buffer Overflow (heap spray)
99. [webapps] - Zendesk Multiple Vulnerabilities
100. [dos] - Microsoft SMB Server Trans2 Zero Size Pool Alloc (MS10-054) - [CVE: 2010-2550]
101. [dos] - Microsoft Windows CreateWindow Function Callback Vulnerability - [CVE: 2010-1897]
102. [dos] - Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051) - [CVE: 2010-2561]
103. [local] - Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability - [CVE: 2010-2554]
104. [dos] - Microsoft Windows 'SfnLOGONNOTIFY' Local Privilege Escalation Vulnerability (MS10-048) - [CVE: 2010-1894]
105. [local] - Mediacoder 0.7.5.4710 Buffer Overflow Exploit
106. [webapps] - phpMUR Remote File Disclosure Vulnerability
107. [webapps] - clearBudget v0.9.8 Remote File Include Vulnerability
108. [dos] - Windows Live Messenger
109. [dos] - My MP3 Player buffer overflow POC (.m3u)
110. [webapps] - Apache JackRabbit 2.0.0 webapp XPath Injection
111. [webapps] - SaurusCMSupdate4.7.0 Remote File Include
112. [dos] - Abac Karaoke 2.15 Denial of Service Vulnerability
113. [dos] - RightMark Audio Analyzer 6.2.3 Denial of Service Vulnerability
114. [webapps] - KnowledgeTree 3.5.2 Community Edition Permanent XSS Vulnerability
115. [remote] - FTP Server v1.7.0.11 RNFR, DELE, RMD, STOR Commands Remote Buffer Overflow Exploit (Post Auth)
116. [dos] - CombiWave Lite v4.0.1.4 Denial of Service Vulnerability
117. [dos] - JaMP Player v4.2.2.0 Denial of Service Vulnerability
118. [papers] - [German] XSS - Anwendungsbeispiele
119. [papers] - [German] Blind SQL Injection
120. [webapps] - Kleeja Upload - CSRF Change Admin Password
121. [webapps] - PHP-Nuke-8.1-seo-Arabic Remote File Include
122. [local] - Mediacoder 0.7.5.4710 "Universal" SEH Buffer Overflow Exploit
123. [local] - Xion Player 1.0.125 Stack Buffer Overflow Exploit
124. [papers] - MySQL Injection - Simple Load File and Into OutFile
125. [dos] - SmartCode ServerX VNC Server ActiveX 1.1.5.0 (scvncsrvx.dll) DoS Exploit
126. [webapps] - Plogger Remote File Disclosure Vulnerability
127. [webapps] - Get Tube All Versions SQL Injection Vulnerability
128. [papers] - [Vietnamese]How to attack and fix Local File Disclosure
129. [webapps] - MailForm 1.2 Remote File Include
130. [webapps] - ACollab Multiple Vulnerabilities
131. [remote] - Adobe ColdFusion Directory Traversal Vulnerability - [CVE: 2010-2861]
132. [webapps] - sFileManager
133. [dos] - Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
134. [webapps] - Multiple CSRF Vulnerabilities in Saurus CMS Admin Panel
135. [webapps] - Sports Accelerator Suite v2.0 (news_id) Remote SQL Injection Vulnerability
136. [dos] - Computer Associates Advantage Ingress 2.6 Denial of Service Vulnerabilities
137. [webapps] - PHP-Fusion Local File Includes Vulnerability
138. [webapps] - MemHT Portal 3.9.0 Remote File Inclusion
139. [webapps] - GuestBook Script PHP (XSS/HTML Injection) Multiple Vulnerabilities
140. [webapps] - Zomplog CMS 3.9 Multiple XSS/CSRF Vulnerabilities
141. [webapps] - Joomla Component (com_fireboard) SQL Injection Vulnerability
142. [local] - Rosoft media player 4.4.4 SEH Buffer Overflow
143. [webapps] - Joomla Component (com_weblinks) SQL Injection Vulnerability
144. [webapps] - CMSQLite
145. [webapps] - Joomla Component (com_equipment) SQL Injection Vulnerability
146. [webapps] - Joomla Component Jgrid 1.0 Local File Inclusion Vulnerability
147. [remote] - 123 Flashchat version 7.8 Multiple Remote Vulnerabilities
148. [webapps] - Joomla Component OnGallery SQL Injection Vulnerability
149. [papers] - Injector Mask or A Tool
150. [local] - MUSE v4.9.0.006 (.m3u) Local Buffer Overflow Exploit
151. [local] - MUSE v4.9.0.006 (.pls) Local Universal Buffer Overflow [SEH]
152. [papers] - [Georgian] Metasploit, Full Review
153. [dos] - Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks
154. [dos] - Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047) - [CVE: 2010-1889]
155. [dos] - Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047) - [CVE: 2010-1888]
156. [dos] - Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047) - [CVE: 2010-1890]
157. [dos] - Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest
158. [local] - Brazip 9.0 (.zip File) Buffer Overflow (SEH)
159. [local] - Triologic Media Player 8 (.m3u) Local Universal Unicode Buffer Overflow (SEH)
160. [webapps] - Free Simple Software v1.0 Remote File Inclusion Vulnerability
161. [remote] - Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)
162. [local] - A-PDF WAV to MP3 Converter 1.0.0 (.m3u) Stack Buffer Overflow
163. [webapps] - Joomla Component "com_dirfrm" Sql Injection Vulnerability
164. [dos] - PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability
165. [dos] - VbsEdit v4.6.1.0 Denial of Service
166. [local] - SOMPL Music Player v1.0 (.m3u) Local Buffer Overflow (SEH)
167. [local] - A-PDF WAV to MP3 v1.0.0 Universal Local SEH Exploit
168. [dos] - Httpdx 1.5.4 multiple DoS (http-ftp) PoC
169. [webapps] - Open-Realty 2.5.7 Local File Disclosure Vulnerability
170. [dos] - RockN Wav Editor 1.8 Denial of Service Vulnerability
171. [webapps] - VBbuletin 4.0.4 Multiple Vulnerabilities
172. [dos] - SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow
173. [local] - FreeBSD mbufs() sendfile Cache Poisoning Privilege Escalation
174. [dos] - Tuniac 100723 Denial of Service Vulnerability
175. [dos] - Fennec 1.2 Beta 3 Denial of Service Vulnerability
176. [shellcode] - Linux x86 /bin/sh Null-Free Polymorphic Shellcode - 46 bytes
177. [local] - MS Word Record Parsing Buffer Overflow (MS-09-027)
178. [webapps] - Joomla Component com_extcalendar Blind SQL Injection Vulnerability
179. [dos] - Karaoke Video Creator Denial of Service Vulnerability
180. [papers] - Exploiting Large Memory Management Vulnerabilities in Xorg Server Running on Linux
181. [shellcode] - Windows XP SP3 English MessageBoxA Shellcode - 87 bytes
182. [dos] - AV Music Morpher Gold 5.0.38 (.m3u) Denial of Service Vulnerability
183. [dos] - PlayPad Music Player v1.12 .mp3 Denial of Service Vulnerability
184. [remote] - AoA Audio Extractor 2.0.0.0 ActiveX Buffer Overflow (SEH)
185. [webapps] - Joomla Component com_zina SQL Injection Vulnerability
186. [webapps] - Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities
187. [webapps] - T-dreams Announcement Script SQL Injection Vulnerability
188. [dos] - Microsoft Windows DoS (IcmpSendEcho2Ex interrupting)
189. [dos] - MS Excel Malformed FEATHEADER Record Exploit (MS09-067)!
190. [webapps] - Joomla Component (com_Fabrik) SQL Injection Vulnerability
191. [papers] - [Turkish] Binary Code Modification (Patching Vulnerabilities)
192. [webapps] - netStartEnterprise v4.0 SQL Injection Vulnerability
193. [papers] - Cracking Salted Hashes
194. [dos] - Tplayer V1R10 Denial of Service Vulnerability
195. [webapps] - 4images 1.7.8 Remote File Inclusion Vulnerability
196. [dos] - Abyssal Metal Player 2.0.9 Denial of Service Vulnerability
197. [webapps] - Ananta Gazelle CMS Multiple Vulnerabilities
198. [papers] - [Arabic] Paper Sniffer Password WireShark
199. [webapps] - LINK CMS SQL Injection Vulnerability
200. [webapps] - AneCMS SQL Injection Vulnerability in /registre/next
201. [webapps] - Joomla Component (com_zoomportfolio) SQL Injection Vulnerability
202. [local] - MicroP malicious mppl Buffer Overflow
203. [remote] - Wireshark
204. [webapps] - Joomla 1.5 URL Redirecting Vulnerability
205. [remote] - Microsoft Power Point 2010 DLL Hijacking Exploit (pptimpconv.dll)
206. [local] - Linux Execute Command on ARM Architecture
207. [papers] - [Arabic] Paper Introduction to Penetration Testing
208. [papers] - [Arabic] Paper Introduction to Penetration Testing
209. [local] - uTorrent
210. [local] - Windows Live Email DLL Hijacking Exploit (dwmapi.dll)
211. [local] - Foxit Reader
212. [webapps] - Joomla Component (com_remository) SQL Injection Vulnerability
213. [local] - Firefox
214. [local] - Microsoft Windows Movie Maker
215. [local] - Opera v10.61 DLL Hijacking Exploit (dwmapi.dll)
216. [webapps] - Simple Forum PHP Multiple Vulnerabilities
217. [papers] - DDoS Attacks explaination, classification and suggested solutions
218. [webapps] - ClanSphere 2010 Multiple Vulnerabilities
219. [local] - Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll)
220. [local] - TeamViewer
221. [local] - Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)
222. [local] - BS.Player
223. [local] - Adobe Dreamweaver CS5
224. [local] - Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)
225. [local] - avast!
226. [local] - Microsoft Visio 2003 DLL Hijacking
227. [local] - Microsoft Address Book 6.00.2900.5512 DLL Hijacking
228. [local] - Microsoft Office Groove 2007 DLL Hijacking
229. [local] - TeamMate Audit Management Software Suite DLL Hijacking
230. [local] - uTorrent DLL Hijacking Vulnerabilities
231. [local] - Acunetix Web Vulnerability Scanner DLL Hijacking
232. [local] - VLC Media Player DLL Hijacking
233. [local] - Roxio Photosuite 9 DLL Hijacking Exploit
234. [local] - Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit
235. [local] - InterVideo WinDVD 5 DLL Hijacking Exploit
236. [local] - Microsoft Internet Connection Signup Wizard DLL Hijacking
237. [local] - Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)
238. [local] - Safari v5.0.1 DLL Hijacking Exploit
239. [local] - Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)
240. [local] - Mircosoft Windows Program Group DLL Hijacking Exploit
241. [papers] - Binary Code Modification
242. [dos] - Adobe Acrobat Reader All Version Memory Corruption
243. [local] - Ettercap NG-0.7.3 DLL hijacking (wpcap.dll)
244. [local] - Bloodshed Dev-C++ Binary Hijacking Exploit (make.exe, mingw32.exe)
245. [local] - Skype
246. [local] - Mediaplayer Classic 1.3.2189.0 DLL Hijacking Exploit (iacenc.dll)
247. [local] - TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)
248. [local] - Windows Program Group DLL Hijacking Exploit (imm.dll)
249. [local] - Roxio Creator DE DLL Hijacking Exploit (HomeUtils9.dll)
250. [dos] - Flash Movie Player v1.5 File Magic Denial of Service Vulnerability

Powered by vBulletin® Version 4.2.5 Copyright © 2025 vBulletin Solutions Inc. All rights reserved.