milw0rm - Stack

[ home ] [ contents ] [ platforms ] [ shellcode ] [ search ] [ cracker ] [ links ] [ rss ] [ archive ]

Author:

Stack

Homepage:

http://v4-team.com/

[ exploits/shellcode ]

-::DATE	-::DESCRIPTION	-::HITS					-::AUTHOR
2009-07-17	Easy RM to MP3 Converter .m3u file Universal Stack Overflow Exploit	2237	R		D		Stack
2009-07-17	win32/xp sp2 (En) cmd.exe 23 bytes	16662			D		Stack
2009-07-15	AudioPLUS 2.00.215 (.m3u .lst) Universal SEH Overwrite Exploit	1823	R		D		Stack
2009-07-10	OtsAv DJ/TV/Radio Multiple Local Heap Overflow PoCs	1946	R		D		Stack
2009-07-01	Messages Library 2.0 Arbitrary Delete Message Vulnerability	2239	R		D		Stack
2009-07-01	Messages Library 2.0 Insecure Cookie Handling Vulnerability	2626	R		D		Stack
2009-07-01	ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit	2557	R		D		Stack
2009-07-01	AudioPLUS 2.00.215 (.pls) Local Buffer Overflow Exploit (SEH)	2847	R		D		Stack
2009-06-30	WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability	3924	R		D		Stack
2009-06-30	DM FileManager 3.9.4 Remote File Disclosure Vulnerability	2214	R		D		Stack
2009-06-25	Joomla Component com_pinboard (task) SQL Injection Exploit	5528	R		D		Stack
2009-05-18	Zervit Webserver 0.04 (GET Request) Remote Buffer Overflow PoC	2438	R		D		Stack
2009-05-18	Mereo 1.8.0 (Get Request) Remote Denial of Service Exploit	2472	R		D		Stack
2009-05-12	CastRipper 2.50.70 (.m3u) Universal Stack Overflow Exploit	2219	R		D		Stack
2009-05-07	Soritong MP3 Player 1.0 Local Buffer Overflow Exploit (SEH)	1847	R		D		Stack
2009-05-05	Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow Exploit	2175	R		D		Stack
2009-05-01	Beatport Player 1.0.0.283 (.M3U File) Local Stack Overflow Exploit #3	2386	R		D		Stack
2009-05-01	RM Downloader (.smi File) Universal Local Buffer Overflow Exploit	2874	R		D		Stack
2009-04-23	CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit	3121	R		D		Stack
2009-04-22	Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit	3477	R		D		Stack
2009-04-22	CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit	2345	R		D		Stack
2009-04-16	MagicISO CCD/Cue Local Heap Overflow Exploit PoC	2185	R		D		Stack
2009-04-14	Easy RM to MP3 Converter Universal Stack Overflow Exploit	2576	R		D		Stack
2009-04-13	RM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit	1859	R		D		Stack
2009-04-13	WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit	1992	R		D		Stack
2009-04-13	ASX to MP3 Converter 3.0.0.7 .m3u Universal Stack Overflow Exploit	1954	R		D		Stack
2009-04-13	Mini-stream RM-MP3 Converter 3.0.0.7 .m3u Stack Overflow Exploit	2070	R		D		Stack
2009-04-13	Mini-stream Ripper 3.0.1.1 .m3u Universal Stack Overflow Exploit	2174	R		D		Stack
2009-04-13	ftpdmin 0.96 Arbitrary File Disclosure Exploit	4319	R		D		Stack
2009-04-09	SWF Opener 1.3 (.swf File) Off By One Buffer Overflow PoC	2384	R		D		Stack
2009-04-06	UltraISO <= 9.3.3.2685 .ui Off By One / Buffer Overflow PoC	2231	R		D		Stack
2009-03-23	POP Peeper 3.4.0.0 .eml file Universal SEH Overwrite Exploit	2278	R		D		Stack
2009-03-23	POP Peeper 3.4.0.0 .html file Universal SEH Overwrite Exploit	2599	R		D		Stack
2009-03-19	Chasys Media Player 1.1 .cue File Stack Overflow Exploit	2487	R		D		Stack
2009-03-16	WinAsm Studio 5.1.5.0 Local Heap Overflow PoC	2792	R		D		Stack
2009-03-10	VUPlayer <= 2.49 .cue File Universal Buffer Overflow Exploit	3133	R		D		Stack
2009-03-09	MediaCoder 0.6.2.4275 (m3u File) Universal Stack Overflow Exploit	2507	R		D		Stack
2009-03-09	MediaCoder 0.6.2.4275 Universal Buffer Overflow Exploit (SEH)	3360	R		D		Stack
2009-03-05	Media Commands .m3l File Local Buffer Overflow Exploit	2685	R		D		Stack
2009-03-05	Joomla com_ijoomla_archive Blind SQL Injection Exploit	12836	R		D		Stack
2009-03-04	Easy File Sharing Web Server 4.8 File Disclosure Vulnerability	4734	R		D		Stack
2009-03-04	Easy Web Password 1.2 Local Heap Memory Consumption PoC	3540	R		D		Stack
2009-03-03	EFS Easy Chat Server (XSRF) Change Admin Pass Vulnerability	4010	R		D		Stack
2009-02-20	win32 XP sp2 (FR) Sellcode cmd.exe 32 bytes	11079			D		Stack
2009-02-03	WholeHogSoftware Ware Support Insecure Cookie Handling Vulnerability	2354	R		D		Stack
2009-02-03	WholeHogSoftware Password Protect Insecure Cookie Handling Vuln	2526	R		D		Stack
2009-02-03	win32/xp sp2 Shellcode cmd.exe 57 bytes	14587			D		Stack
2009-01-30	GOM Player 2.0.12 (.PLS) Universal Buffer Overflow Exploit	4005	R		D		Stack
2009-01-29	Amaya Web Editor <= 11.0 Remote Buffer Overflow PoC	2884	R		D		Stack
2009-01-26	NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit	3658	R		D	X	Stack
2009-01-26	NCTVideoStudio ActiveX DLLs Version 1.6 Remote Heap Overflow PoC	3357	R		D	X	Stack
2009-01-20	Dodo's Quiz Script 1.1 (dodosquiz.php) Local File Inclusion Vulnerability	4086	R		D		Stack
2009-01-14	Excel Viewer OCX 3.2 Remote File Execution Exploit	6736	R		D	X	Stack
2009-01-13	PowerPoint Viewer OCX 3.1 Remote File Overwrite Exploit	4710	R		D	X	Stack
2009-01-13	dBpowerAMP Audio Player 2 .PLS File Local Buffer Overflow PoC	3607	R		D		Stack
2009-01-13	Word Viewer OCX 3.2 Remote File Execution exploit	6251	R		D	X	Stack
2009-01-07	Audacity 1.6.2 (.aup File) Remote off by one Crash Exploit	3620	R		D		Stack
2009-01-04	Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #4	2616	R		D		Stack
2008-12-28	BulletProof FTP Client (.bps File) Local Stack Overflow PoC	2887	R		D		Stack
2008-11-29	Active Bids 3.5 (ItemID) Blind SQL Injection Vulnerability	2543	R		D		Stack
2008-11-28	BaSiC-CMS (acm2000.mdb) Remote Database Disclosure Vulnerability	2323	R		D		Stack
2008-11-28	Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity	2807	R		D		Stack
2008-11-27	Star Articles 6.0 Remote Blind SQL Injection exploit	2802	R		D		Stack
2008-11-27	Ocean12 FAQ Manager Pro Database Disclosure Vulnerability	2624	R		D		Stack
2008-11-20	Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability	3540	R		D		Stack
2008-11-20	NatterChat 1.1 Remote Admin Bypass Vulnerability	3779	R		D		Stack
2008-11-13	BandSite CMS 1.1.4 Insecure Cookie Handling Vulnerability	3114	R		D		Stack
2008-11-08	V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln	3073	R		D		Stack
2008-11-08	Zeeways PHOTOVIDEOTUBE 1.1 Auth Bypass Vulnerability	3260	R		D		Stack
2008-11-07	E-topbiz Online Store 1 (cat_id) SQL Injection Vulnerability	3151	R		D		Stack
2008-10-31	Article Publisher PRO (userid) Remote SQL Injection Exploit	2899	R		D		Stack
2008-10-31	SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection Vulnerability	2679	R		D		Stack
2008-10-31	SFS EZ Career (content.php topic) SQL Injection Vulnerability	2724	R		D		Stack
2008-10-31	SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability	3076	R		D		Stack
2008-10-29	H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability	2978	R		D		Stack
2008-10-28	MyForum 1.3 Insecure Cookie Handling Vulnerability	3182	R		D		Stack
2008-10-27	MyKtools 2.4 Arbitrary Database Backup Vulnerability	2957	R		D		Stack
2008-09-30	SG Real Estate Portal 2.0 Blind SQL Injection Exploit	7372	R		D		Stack
2008-09-30	SG Real Estate Portal 2.0 Insecure Cookie Handling Vulnerability	7027	R		D		Stack
2008-09-28	BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability	3115	R		D		Stack
2008-09-27	RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability	2502	R		D		Stack
2008-09-26	Atomic Photo Album 1.1.0pre4 Blind SQL Injection Exploit	2678	R		D		Stack
2008-09-26	Libra PHP File Manager <= 1.18 Insecure Cookie Handling Vulnerability	2707	R		D		Stack
2008-09-26	Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling Vulnerability	2738	R		D		Stack
2008-09-25	PHP infoBoard v.7 Plus Insecure Cookie Handling Vulnerability	3126	R		D		Stack
2008-09-25	LanSuite 3.3.2 (fckeditor) Arbitrary File Upload Exploit	3952	R		D		Stack
2008-09-22	PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability	3553	R		D		Stack
2008-09-22	WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit	3550	R		D		Stack
2008-09-21	Diesel Job Site (job_id) Blind SQL Injection Vulnerability	2621	R		D		Stack
2008-09-21	6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability	3359	R		D		Stack
2008-09-21	Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability	3152	R		D		Stack
2008-09-20	Explay CMS <= 2.1 Insecure Cookie Handling Vulnerability	2958	R		D		Stack
2008-09-14	Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability	5529	R		D		Stack
2008-09-13	pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit	4014	R		D		Stack
2008-09-12	Sports Clubs Web Panel 0.0.1 Remote File Upload Vulnerability	3926	R		D		Stack
2008-09-11	PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability	3393	R		D		Stack
2008-09-11	Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability	3812	R		D		Stack
2008-09-09	Availscript Classmate Script (viewprofile.php) SQL Injection Vulnerability	3543	R		D		Stack
2008-09-05	Vastal I-Tech Jobs Zone (news_id) SQL Injection Vulnerability	2950	R		D		Stack
2008-09-05	Vastal I-Tech MMORPG Zone (game_id) SQL Injection Vulnerability	3145	R		D		Stack
2008-09-05	Vastal I-Tech Mag Zone (cat_id) SQL Injection Vulnerability	2863	R		D		Stack
2008-09-05	Vastal I-Tech Freelance Zone (coder_id) SQL Injection Vulnerability	2975	R		D		Stack
2008-09-05	Vastal I-Tech Cosmetics Zone (cat_id) SQL Injection Vulnerability	3376	R		D		Stack
2008-09-01	WeBid 0.5.4 (item.php id) Remote SQL Injection Vulnerability	3692	R		D		Stack
2008-09-01	WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit	5069	R		D		Stack
2008-08-11	Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities	6262	R		D		Stack
2008-08-05	LiteNews <= 0.1 (id) Remote SQL Injection Vulnerability	4984	R		D		Stack
2008-07-30	PHP Hosting Directory 2.0 Insecure Cookie Handling Vulnerability	4233	R		D		Stack
2008-07-30	HIOX Random Ad 1.3 Arbitrary Add Admin User Exploit	3135	R		D		Stack
2008-07-30	HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit	3250	R		D		Stack
2008-06-23	emuCMS 0.3 (fckeditor) Arbitrary File Upload Exploit	3608	R		D		Stack
2008-06-23	cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit	4082	R		D		Stack
2008-06-23	Demo4 CMS 1b (fckeditor) Arbitrary File Upload Exploit	4208	R		D		Stack
2008-06-18	Carscripts Classifieds (index.php cat) Remote SQL Injection Vulnerability	5518	R		D		Stack
2008-06-18	BoatScripts Classifieds (index.php type) SQL Injection Vulnerability	5757	R		D		Stack
2008-06-17	FreeCMS.us 0.2 (fckeditor) Arbitrary File Upload Exploit	4111	R		D		Stack
2008-06-17	MyShoutPro 1.2 Final Insecure Cookie Handling Vulnerability	3675	R		D		Stack
2008-06-13	Butterfly Organizer 2.0.0 Arbitrary Delete (Category/Account) Exploit	3016	R		D		Stack
2008-06-09	Galatolo Web Manager <= 1.0 Remote SQL Injection Exploit	3729	R		D		Stack
2008-06-09	ProManager 0.73 (config.php) Local File Inclusion Vulnerability	3522	R		D		Stack
2008-06-09	Telephone Directory 2008 Arbitrary Delete Contact Exploit	3298	R		D		Stack
2008-06-01	Social Site Generator v2 Multiple Remote File Disclosure Vulnerabilities	5332	R		D		Stack
2008-05-31	Joomla Component com_biblestudy 1.5.0 (id) SQL Injection Exploit	7042	R		D		Stack
2008-05-29	SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit	4221	R		D		Stack
2008-05-29	CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability	3693	R		D		Stack
2008-05-29	PHP Booking Calendar 10 d Remote SQL Injection Exploit	4020	R		D		Stack
2008-05-29	PHP Booking Calendar 10 d (fckeditor) Arbitrary File Upload Exploit	4661	R		D		Stack
2008-05-26	RoomPHPlanning 1.5 Arbitrary Add Admin User Vulnerability	5240	R		D		Stack
2008-05-20	EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit	5363	R		D		Stack
2008-05-19	AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit	4683	R		D		Stack
2008-05-16	Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit	5096	R		D		Stack
2008-05-16	Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability	5874	R		D		Stack
2008-05-12	Battle.net Clan Script <= 1.5.x Remote SQL Injection Exploit	5402	R		D		Stack
2008-05-12	Advanced Image Hosting (AIH) 2.1 Remote SQL Injection Exploit	5020	R		D		Stack
2008-04-14	SmallBiz eShop (content_id) Remote SQL Injection Vulnerability	4992	R		D		Stack
2008-04-07	ChartDirector 4.1 (viewsource.php file) File Disclosure Vulnerability	3946	R		D		Stack
2008-04-03	KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability	4373	R		D		Stack
2008-04-01	Joomla Component actualite 1.0 (id) SQL Injection Vulnerability	7579	R		D		Stack
2008-01-28	bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities	5037	R		D		Stack
2008-01-26	Bubbling Library 1.32 Multiple Local File Inclusion Vulnerabilities	5063	R		D		Stack
2008-01-23	Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability	5560	R		D		Stack
2008-01-17	PHPEcho CMS 2.0 (id) Remote SQL Injection Vulnerability	6572	R		D		Stack

[ papers ]

-::DATE	-::DESCRIPTION	-::HITS					-::AUTHOR
2009-02-27	[Morocco] Playing with cookies (ST1)	4757			D		Stack

[ videos ]

-::DATE	-::DESCRIPTION	-::HITS					-::AUTHOR
2009-03-03	Injecting Malicious Code via phpBB	20384					Stack
2009-02-06	Injecting a Backdoor via PhpMyAdmin	24487					Stack

send all submissions to submit[at]milw0rm.com [gpg]
Copyright © 2004-2009 milw0rm