Packet Storm new exploits for March, 2008.
613019d940cccc4c6f3c0679a25977a020d9fc860be6af46487822ef26987a6a
2X ThinClientServer versions 5.0_sp1-r3497 and below along with TFTPd.exe version 3.2.0.0 and below suffer from a directory traversal vulnerability.
9b3253a8b61ef8c70cf1336d5c6c53496e12ab3bf584561690dfbd9cbdf162f7
VbSeo suffers from a cross site scripting vulnerability.
6b6f21c6f611e76839a26986641ae360ca4bb37a26527b04d985626991e61e5c
Proviso SiteKiosk suffers from a bypass flaw that allows for file downloads.
814b4daa279162f1ce3648beaa054279e4bbd422f822554387855f50615aed62
mxBB module mx_blogs version 2.0.0-beta remote file inclusion exploit.
27657f3dac1a3a03b450e42e044d2befa24fe921d63baa2d5956852946151c2e
The Woltlab Burning Board Add-on JGS-Treffen suffers from a SQL injection vulnerability.
aaa0dce3c9d99f1879094d84fb192af4375174d8a41005901aefa552bdf73bf1
The Wordpress Download plugin suffers from a SQL injection vulnerability.
5cd86be39af293e12c8a4916cea19a99cbcfe29d7446e520c78542bb4863e2ff
AuraCMS versions 2.0 through 2.2.1 security code bypass and add administrator exploit.
b9fcf1df8d0b3239604b5926fda602f5e5af14176a7f1be6961f88694a5b1d15
phpSpamManager version 0.53 beta suffers from a remote file disclosure vulnerability in body.php.
db4fe023741796ca5f9ad0b641901aa28a589f4b3438f8df779029fdb6a5f7aa
Microsoft Office XP SP3 Powerpoint file buffer overflow exploit that spawns calc.exe. Based off of the vulnerability listed in MS08-016.
089531978b6a885785ca32c982f498cf2cc3d588bbb1be680e2a031d21497962
Efestech Video version 5.0 suffers from a SQL injection vulnerability.
af8f72ff039338c59c6e5de7e82373123a6a44b2af2c6f8612b2fb3413e0d5b5
JShop versions 1.x through 2.x suffer from a local file inclusion vulnerability in page.php.
732115a1f359b22fbaa43e2f29439ba1d3d78c5f6e51846898dc4c2361553e97
KISGB versions 5.1.1 and below suffer from a local file inclusion vulnerability.
90b19729df7c3c86475f40f25024b434abb977e9378d58d9328c111288e44db5
Smoothflash suffers from a SQL injection vulnerability in admin_view_image.php.
3114c8f85a5c7bfa5331cb41374fbe0567b8487757861662354621bacf7823ba
Microsoft Windows Explorer unspecified .DOC file denial of service exploit.
c826e80ec94bd60cd51b9ef33ac7ff5edea237bad5c1f27015894c9a424c3fae
Visual Basic suffers from a local stack overflow vulnerability in vbe6.dll that can lead to a denial of service condition.
8fb3771ca08590a5f9a0570aa7087507e34bc3f0ed87eb527f2c1b21a8c11633
CuteFlow version 1.5.0 suffers from SQL injection and cross site scripting vulnerabilities.
838cb440c5743b2268c3921f98956d7642b9814130d2109034274e95e0d3918e
The Joomla MyAlbum component version 1.0 suffers from a remote SQL injection vulnerability.
771c22825e7f27cb918d9625ea1fcb03472301cfe6352b8e6650a0344b42b7f4
DigiDomain version 2.2 suffers from cross site scripting vulnerabilities.
914a8520a51150ebc5c46ccdf773c71689b560961d89ea5bf2acfe26c9580c80
JAF-CMS version 4.0 RC2 suffers from remote file inclusion vulnerabilities.
f095384856abbe083f03f44a0dd2e953a2e49d6a242245466ca0aa3e0b2c7af3
GeoCarts suffers from cross site scripting and remote file inclusion vulnerabilities.
64a2127868ad766725ccc2a6ee91a7f3d27e9b21334eaba4a444a2c875616af5
Demonstration exploit code for IBM solidDB versions 6.00.1018 and below which suffer from format string, crash, NULL pointer, and server termination vulnerabilities.
038d3b3993fe0c01cfed2a62f8ce866d6eb763003f023ba470ac0ff67e251358
Invision Power Board versions 2.3.x and below allow for an arbitrary iframe insertion.
8c908879829b9103be2ddd6cb8070b795c89440b8481bc82b9cd15d3aa20e5ed
Quick TFTP Pro version 2.1 SEH overflow zero day exploit that binds a shell to port 4444.
1bac570fc98c5f940e65509f6372e870bf2fe8387dd7abd28dbe29874b43bf7a
TFTP Server for Windows version 1.4 ST zero day buffer overflow exploit. Binds a shell to port 4444.
67086b8e331febb1aa873729f1bee0fc7975c00a401b0d11aa39d04f9b68c580