Packet Storm new exploits for March, 2007.
56dc00adfeb1d6fc6e04b791536307543e756d97981a000362eb73482b92313e
Aardvark Topsites PHP 5 suffers from a remote file inclusion vulnerability.
502c32fc6318378781c4d9072d0d837e3da1cf2083605c5cf27e8f9f9d56e2fd
Shop-SCRIPT FREE suffers from remote file inclusion vulnerabilities.
eac9db017e86d383cd3d3cd68a4aa7a8e48a0472f732fe99f456a508277572c8
SLAED_CMS_2 suffers from a remote file inclusion vulnerability.
8bdf179637bfe3e3e2e646fecba4d7f699db347129c7603f7692d635f1d98211
The PHP-Fusion Calendar_Panel module suffers from a remote SQL injection vulnerability in show_event.php.
79ea46463221b9e0d1c36d3f074964b87a0d4475a456140e1265183688fb9a26
Exploit for the Microsoft Windows .ANI LoadAniIcon stack overflow vulnerability.
9bbb7c1c2b71a6a3b99aa65609485e47c1dfaa3714e3947845ac1906488602f1
Remote exploit for dproxy versions 0.5 and below. Binds a shell to TCP port 4444.
71d56c60f1e232a94229b71556636b01433745ed2ae92d6b6761ae4dc0da6e6e
Blog-Entry suffers from multiple cross site scripting vulnerabilities.
c067dbd712c87c9b9338f90a9d53ca2cdde330f9eb8a75de9b75684b912f4e8a
Time-Assistant versions 6.2 and below suffer from a remote file inclusion vulnerability.
3cfbf1daaae2f4113e3b127c6b2be84a5edccc5428527d1ffad449b787b71c38
DrakeCMS suffers from a cross site scripting vulnerability in ui.dta.php.
122036eb45d75c8107306fe5fe89eb26102349a8f2efd82e1a973d223646722e
MyBB suffers from a change password vulnerability.
ca762ba619df945efb65ce710198bae5e60b959ca1228eea5a18b1e86502565e
DataDomain OS versions 3.0.0 through 4.0.3.5 suffer from an arbitrary command execution flaw.
c27abbbc37ec5024f9f399fc7955c3b2bb3d37224f3d245488dec40b548509b5
Corel Worperfect X3 version 13.0.0.565 suffers from a stack overflow vulnerability. Exploit included.
66e4415b36f7d858205ef1c40f79c20ae01a0671387183e5b9ca35328fa71d3d
HP JetDirect print servers suffers from a remote denial of service flaw.
94e0e796887c49e13525ae9ca31a4ef00911073bbe04ec890b7bd69254ae40dd
aBitWhizzy suffers from local file traversal and cross site scripting vulnerabilities.
2093267fb24692dc542d6efe5cb6a6a50d030538517dbacd92e5ac71fc166602
Month of PHP Bugs - PHP version 4.4.5 and 4.4.6 session_decode() double free proof of concept exploit.
7bfd3521b829b12255417e9bda7344352dd74f548e46d687379a1e8cecdf7732
The Linux kernel suffers from a DCCP memory disclosure vulnerability. This is the second proof of concept exploit related to this vulnerability. Kernel versions 2.6.20 and above are affected.
dad59b64a19cd7c6b804730925f934f72c81a8c9c9b63a8a42caea8b305214a6
This Metasploit module exploits a stack overflow in the NaviCopa HTTP server 2.01 (release version 6th October 2006 or earlier). It is not the same vulnerability as the one described in BID 20250.
03ab5a966da5ebd65eb577481b7da91c6901aace800c5a1d15f6ca54195a3da2
Oracle 10g KUPM$MCP.MAIN SQL injection exploit version 1.
3d1aac434de155aa7b92d0166e9785b4d00f0fae18052220ec4fe0602e6a51c9
Oracle 10g KUPM$MCP.MAIN SQL injection exploit version 2.
36a71e48045fd220537ef493347971134aba3dac0bd56f5bb360babb4a09a24b
The Linux kernel suffers from a DCCP memory disclosure vulnerability. Proof of concept exploit included. Kernel versions 2.6.20 and above are affected.
f8671958b0db45a1a6adcb180eee27d633f9a8eac3e26e246ca282df1da711f7
FlexBB version 1.0.0 10005 Beta Release 1 suffers from a SQL injection vulnerability when parsing the user supplied cookie value.
43fdf56c7c5fd42533478278547df832f104fe6c96ebce307fe4959802e89779
Xoops blind SQL injection exploit for print.php. Currently affects all versions.
03b577f6ba3cc89e494cc877363eead0cbe5d6537d87f81d659fde9ea9c9f15d
C-Arbre versions 0.6PR7 and below suffer from a remote file inclusion vulnerability.
d5d3686703e6bbdc57b0c60d120c2dd60ee1c9dce1c842ac579cacd4170ae670
realGuestbook_V5 suffers from a HTML injection vulnerability.
b86ba6f04ebc3607caae18cbb9583cca99aa5c34260a4f01415eda8a014f5b3c