Packet Storm new exploits for July, 2008.
b8382208a8e8c2f815d7809d51d768d57d00662a78ee96c9ad68d62736f70e31
PHPX version 3.5.16 suffers from a cookie poisoning and login bypass vulnerability.
4446468690e6eb807b546f26f3063774d760766617d43f7ecb0e41eb42716c04
Symphony versions 1.7.01 and below remote code execution exploit.
d649c388da96d81d4817c032899cd853dc166aa7249c5ebb7b97ae3a66a8e1e2
Coppermine Photo Gallery versions 1.4.18 and below local file inclusion and remote code execution exploit.
94ea3ada86d4e6c5538a431a7bb6f62b290b4dbf11a66e78b863951d9948b259
LetterIt 2 suffers from a local file inclusion vulnerability.
2b2e71cf3e62fcc6162b93cc404d26d9c0228c579a3a96c8a57021fef2970aa9
The PozScripts Classified Ads Script suffers from a remote SQL injection vulnerability in product_desc.php.
bd93374f038ba112535b6063c0f0d33c0ec3bff7f239eaeafcbaa9e3d1e9dd77
csphonebook version 1.02 suffers from a cross site scripting vulnerability.
b04e76d9d27133c1a3de0fb915b816dc2a59f0ceea482a2419699ba3fafdc407
F-PROT Antivirus version 6.2.1.4252 suffers from an infinite loop denial of service vulnerability when handling a malformed archive. Such an archive is included.
05444e36b0fa5ae6dd080db432181f4f2d2b852627e58ee2d8608e643427eb83
NCTsoft ActiveX related remote buffer overflow exploit that takes advantage of AudFile.dll.
bb9a1ff149ec9e929d498bb8de12e5f3e483ad7031c6af5b035d02e6e2b1289e
The PozScripts Classified Ads Script suffers from a remote SQL injection vulnerability in browsecats.php.
c68b15a9ba8d06cb600c85390436c078939d86bab2e5caaf2d1b3957707dcb3c
TubeGuru Video Sharing Script suffers from a remote SQL injection vulnerability in ugroups.php.
8d3d42af277d77d5a8837303f3d031e964598d41d26e3c04886eb161bdb82947
eNdonesia version 8.4 remote SQL injection exploit that takes advantage of the calendar module.
9f18dc1d67797a8813b504d91095f02f82d5e04679146c28cab7ec511cd279af
Pligg versions 9.9 and below remote code execution exploit.
f54bc3d2e6b24cdd199526b6b2bb07e1f4d0079490841a24050fd5ab651e3399
Pligg versions 9.9 and below suffer from cross site scripting, arbitrary file access, and SQL injection vulnerabilities.
8951af9cbb0e1cb8b302cc5d8b9a2d0f3d0893fb2ebe73942ce1562bdf645737
Affinium Campaign version 7.2.1.0.55 suffers from a denial of service vulnerability in its Listener.
409f174deb2734fb33455f715be458ca7771b4452e3a584a4fd9708637195cb7
Affinium Campaign version 7.2.1.0.55 suffers from a directory traversal vulnerability in its Listener.
361a5fe7947bd8d0cd258ec7c536f58cde024e1a42d39189fab582b98aaed12d
Affinium Campaign version 7.2.1.0.55 suffers from a directory traversal vulnerability.
5aa4e14f00895220101919783b0a5c8fe0eb4337483e36ca303cd968223bc8bc
Affinium Campaign version 7.2.1.0.55 suffers from a javascript insertion vulnerability.
921ca5ae7e6ec08e4305b4dee7180b165fad9feed97d8ed15c114b81e10f83fd
Affinium Campaign version 7.2.1.0.55 suffers from multiple cross site scripting vulnerabilities.
05611b417843f52ea40678830e68b64d55d8267452c95284bad6f9bea704a4df
ScrewTurn Wiki versions 2.0.29 and 2.0.30 suffer from a cross site scripting vulnerability.
a8b22b2a31b599e7f3474d1550177b524c414b4751b3c994b3c15034bb922359
Atmail PHP version 5.41 suffers from a file download vulnerability that allows a remote attacker to gain access to database passwords and more.
ec3f58e7752fa8bcc7bdf8d9621bc8f693e90c42861ea841fa7d9cdf8c9bf714
Article Friendly Pro and Article Friendly Standard suffer from a SQL injection vulnerability in categorydetail.php.
f28480aef81574fe30a8d8f8bc0c80266e1bdb63b14fd2cde0dd3a3ae3da64bb
ZeeReviews suffers from a remote SQL injection vulnerability in comments.php.
da25093f76dc510d0fd267eb4200aeed02eabb934a5b0cb6a244ea536951c7f5
AtMail leaves world readable files available post install, allowing for the htpasswd file and more to be extracted.
4cdb25f15cb84fcb65b8a8362e83c80708f7391a4778ac56436fdc5a11d8a1b0
DEV WMS suffers from local file inclusion, cross site scripting, and SQL injection vulnerabilities.
f6ba9c1c425f3e55c4ad300276606ea2823c0fc578fbc215475ae576a1069697