Packet Storm new exploits for October, 2007.
9971b21df8c29771123e3f6f470e9828c3c78df98de4e0cab840815b9f4d9e6b
ISPworker version 1.21 suffers from a remote file disclosure vulnerability in download.php.
55ca5e225126e342d46369ee76f34e6d80e49a9e985afc661e6285b8f4b6c910
ModuleBuilder version 1.0 suffers from a remote file disclosure vulnerability.
213e35de465df5adefc4fb5fef51a2c1b9fcfcaa72b9f40095fc902fb7aa5b7e
ILIAS versions 3.8.3 and below suffer from a cross site scripting vulnerability.
5c04062e7c2d142c43d85c8c39acfd287054dc5704dbada7794672cddb300fba
phpFaber URLInn version 2.0.5 is susceptible to a remote file inclusion vulnerability.
26be7eb819f53a216e02d78a41a48c2e8e4f564bca36e875cb4e98f1ae8aaae4
miniBB version 2.1 suffers from a remote SQL injection vulnerability.
4222c954f5bf2532294f274575e15c2204346ff740800b96422ff0a084047ea0
Django version 0.96 suffers from a cross site request forgery vulnerability in the administrative panel.
76aece109583ecf3ddabcd474683db807e3c19d93d2f8bafa67029a1044e275d
ProfileCMS version 1.0 suffers from a remote shell upload vulnerability.
c296f1459616acc9f2cf7271d8b4871aa941fd5223357aa0c0128269884d2c64
MySpace Resource Script (MSRC) version 1.21 suffers from a remote file inclusion vulnerability.
3a6be3baad413c82853a1e0a61150eacf286e74290b5c99729e01567d5923433
Omnistar Live suffers from a cross site scripting vulnerability.
67292beadd7560c2dab90692f7e2f9806dcc6e9822d9df3c8059a1ba90df0c36
AGTC-Membership system version 1.1a remote add administrator exploit.
0b9b008502ba04e1769466e8168120c061c7f4b6e6b26aa36cebd8b6fcf37de5
GOM Player version 2.1.6.3499 remote overflow exploit that makes use of GomWeb3.dll version 1.0.0.12. Spawns calc.exe.
906d927f7281a8d6b9f463de5a38983fe8e053fcbf3c0fe5cc7a02137c97ef19
Kodak Image Viewer code execution exploit that takes advantage of the MS07-055 TIFF vulnerability. Spawns calc.exe.
ac113a9757fdb12baa7a63fe821b53472c829b45ebe854614e258959e2d484e4
Sony CONNECT Player M3U playlist processing stack buffer overflow local exploit.
19b107d7edc7d67b224ebaa14f6fd2ba851bdbb98711f2d2ce4880a13495b6e4
SAXON version 5.4 is susceptible to a SQL injection vulnerability.
23411f8d6a90e9b31e57ceffd7996d568c7aa8f2fdbeaa3bac734ad639ddb4e4
SAXON version 5.4 is susceptible to a cross site scripting vulnerability.
1d43a200a24c368debf8a8e4ecee5ed36919c93f61f189dd6150d359436d3501
Smart-Shop Shopping Cart is susceptible to cross site scripting vulnerabilities.
6dab28de6ebe8e2ea6aa36fc03a5207632099c3f00fc85f513eb04fb2a85d6ef
teatro version 1.6 suffers from a remote file inclusion vulnerability.
34775a535f81918b876209a41fa291526e131661c6309a39abc201f8d5e7e616
Sige version 0.1 suffers from a remote file inclusion vulnerability in sige_init.php.
30739a13aa770eebaba651ec9bd3f2d8536bfd5e701bfa86035eca2333f26b3b
FireConfig version 0.5 suffers from a remote file disclosure vulnerability in dl.php.
5ac06960677d27bac2d19a384d86dce491a168dc67614b7b03fbe1c5f6cea201
emagiC CMS.NET version 4.0 suffers from a remote SQL injection vulnerability.
8a181bfc9e06840ffc2b5f3b2dd5b7cf282541bfd6f1e7cc7def8a1a4edf5229
CaupoShop Pro version 2.x suffers from a remote file inclusion vulnerability.
9ffa13cfe6c4724fc67482f77e0c005fdd29193e08b8d7290d08d029e49af884
JobSite Professional version 2.0 suffers from remote SQL injection vulnerabilities.
f3b459b9cd363e265838f28475c8ed746aefd632da148c0a1839ac48ec4e7e72
GoSamba version 1.0.1 suffers from multiple remote file inclusion vulnerabilities.
88d9c984d7a14d597e6aa639d88d58779c91a8d765db21afd3472196f24ae5d5
WordPress version 2.3 is susceptible to a cross site scripting vulnerability in edit-post-rows.php.
dc6c62b4cc76439a4d4ba84987a55d176a951524fe31b6b5b35f5c1198b81240