Packet Storm new exploits for September, 2007.
a86908a1a48073474ca329cda87066d13ef53738fc2bf23a32e3dd5c25dbf2a8
Whitepaper discussing multiple vulnerabilities discovered against the AXIS 2100 IP camera system.
986692b6f4654c94d63979c6dd3fda4e17b01269b1945b047ee8d945a1bdd005
Netkamp Emlak Scripti is susceptible to a SQL injection vulnerability.
89b14bb41b6db98788e40f03d8fc3047cb99245f794eb3fa30c9bc6b2b7db1bf
Ohesa Emlak Portal is susceptible to a SQL injection vulnerability.
a3f8a7412f9eb1c696cf443bddce0e3b995c95732615ddf57512fd11f0343788
This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and sends it to a logging server by creating an hidden iframe into G-Mail's page.
20de0e897ec70cae2d19020dbc28f0afb395ff11a21cf566e2d898f6373105e1
This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and prompts it into an alert box.
d1666deab432edbc9e59a484712e616f3e4b12ccc20689e06d1d5c0bc471f7ea
Tor versions below 0.1.2.16 ControlPort remote rewrite exploit.
60b86debafefb6d4092a83ca2af33ae8129a47368aa7ce9d92ec93a733810284
mxBB module mx_glance version 2.3.3 suffers from a remote file inclusion vulnerability.
2452ced34c50af4690d62b6fe58791ab3b0d2ded240e907461225e7342a0a5da
Mambo component Mambads versions 1.5 and below suffer from a remote SQL injection vulnerability.
bc2e66c74f97bc49fce32b0cc68da588ed69741137f1b8c385c35065f452beb1
MDPro version 1.0.76 remote SQL injection exploit.
64eaf5d131bd08a7e3e3c5b3b5c444e628ed3dcb7fa505197104b5c034e53233
Zomplog versions 3.8.1 and below suffer form an arbitrary file upload vulnerability.
51229d2b0d699b76e2f2d85f2160f5d3f9583f5d8bec1e486329a2849f66fd41
Public Media Manager versions 1.3 and below suffer from a remote file inclusion vulnerability.
73c24490fa872998ce87aa181b956bc916cdd6b48ba86c301e654ff1fd49ae10
PhFiTo version 1.3.0 suffers from a remote file inclusion vulnerability.
6f201de717e60b3590a98f42735faca4702aa76c08b947c8b723f015079fc7ae
IntegraMOD Nederland version 1.4.2 suffers from a remote file inclusion vulnerability.
c18d630a0995ca3cc89ee83e4abd52a27fa505389db37da92a394e90b5b7722f
Chupix CMS version 0.2.3 suffers from a remote file inclusion vulnerability.
a4e953901d2a70f58038414dd8415b25e8d4e55d7af26f54cdf81ae81e2e37a9
lustig.cms BETA version 2.5 suffers from a remote file inclusion vulnerability in forum.php.
1c5ce0430a7ee0d8823d612e455cf0d1f02aac4aad55020743d7ad457aca07e5
Local root exploit for the x86_64 Linux kernel ia32syscall emulation bug.
8d91a3219d851d8406ae0d6bc5f4d6d08474c37d42d187149534fafa463a0295
The Promise NAS NS4300N web GUI allows an administrative user to change the root password.
296acc5d1ca21ed112707b6bddc76675c50f0159dfb90a26d10bdc0466809919
SiteX CMS is susceptible to an unauthorized file upload vulnerability.
f140776b42ea2d5cfcabf66ae5f0716bd312a92afebbe27bf5a4c4df5a2838a4
Novus version 1.0 suffers from a remote SQL injection vulnerability in notas.asp.
50a76b4ed1c9608d23df481ff0f1d9d4bb3cd589902cc023a86924d43fd7d685
Softbiz Classifieds PLUS suffers from a remote SQL injection vulnerability.
07fde2e11390bc86f1310e2f8a1f79bcd88673d1b2d3028fc14280dbc240b12f
FrontAccounting version 1.13 suffers from remote file inclusion vulnerabilities.
ce85cf5a956552aad728522d06b7fbaf888fc241607d0424c5c99ac80293f921
Core Security Technologies Advisory - Remote command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software. Versions 6.1, 6.2, Pro, and Lite are affected.
a169752bda3d6b540fda18a859076936d25011576f4d4dcaa1301b5888256f66
SimpNews version 2.41.03 suffers from a local file inclusion vulnerability.
66293223fd03c19a5fcd12f3842660cc0deeb3af05a93b299417b9837443317f
SimpGB version 1.46.02 suffers from an information disclosure vulnerability.
2963f36b0a3ca99b6716c8153cf68812209159f572fe153b2c4456b7754d3411