MyBB version 1.6 suffers from a path disclosure vulnerability.
fb61889e93832fed75b7cd0efb437c32d5e0103f8c4933dfeab205d1b680e937DZCP version 1.5.4 suffers from a local file inclusion vulnerability.
6b96d2bb7ae63af23c43a5f8f2a0228c43841ab939560ff58c6915d3a55a4798ACC IMoveis version 4.0 suffers from a remote SQL injection vulnerability.
a5a8363e5190c06712687d4aacd8f94a10f0c2f4834c62d7fd7a214f6f579ef3Firefox Interleaving document.write and appendChild denial of service exploit.
a43b05010abfc8a21721223d7f181abcebccf2f3c2f17bf1541dcc9a4be55167DATAC RealWin SCADA version 1.06 buffer overflow exploit.
6818f87a91e009b671fe428a53fdce95774746ae0a3c4d078f33d078501fe807Novaboard version 1.1.4 suffers from a local file inclusion vulnerability.
ad3152110254e0c465425d7ab2b2b398133f8bc85097d5989f37953b09687241BloofoxCMS version 0.3.5 suffers from information disclosure vulnerabilities.
410e3d2d80986f2be076e0dc21d60c5d985769e1bb60a9e8999032bfd54e7fb3BlogBird suffers from multiple cross site scripting vulnerabilities.
69687c4161f06f9b0c5cabc45b8632182d0c7ca95f0dd7a229b4717c7999fb1cZomplog version 3.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
5c5fd1b8bbc0a9423a14d73f6c6032b11eaf728c85485b9ebe3a7cfc92de5c79Energine CMS suffers from a remote SQL injection vulnerability.
9d322793eef93151511e9b868a2729d8c8d3635a89209ec5cccff447faab4997BloofoxCMS version 0.3.5 suffers from a remote SQL injection vulnerability.
4ccf8e1916bc33bcf1ed20adcdfb80f6ce671f9ff51eec7d0cb626fdad438b6bZomplog version 3.9 suffers from a cross site scripting vulnerability.
7a3e242631c616ec8042ae0de0cb7a6d2f968366ce85c99f5f7fc3613017720614H28.com LES PACKS suffers from a remote SQL injection vulnerability.
3a4e357884b1ab1a9157d573039a3810fa8b38f6810124c642ad8ea7db3ae4cdBigace version 2.7.3 suffers from a cross site request forgery vulnerability.
0aaeaa40222ddce3eecf56595dfc4f0b7ea7547f48deb7ebfeffb94374c65a28The Joomla Projects component suffers from local file inclusion and remote SQL injection vulnerabilities.
f53c54d2bc0815983b63bcb8e7f5fc2941dfe90b05adb7dbdd782551d8d4290bSmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
0a8c2d9a9b6b25e76828d4528d063bf6d6e6d75f8d9314b1a6682e9bf35411b7Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.
0b0eb9feb6c3855164b908c8fb3a05f19029df2808703a991ee4ae4932833ec6Apache 2.2 suffers from a local denial of service issue on Windows.
a2ae731ec092009c52e197c594544de0d92bdc247403bbef73391ab3d382af0eNitroSecurity ESM version 8.4.0a suffers from a remote code execution vulnerability.
5a5dff0296b475d5d8af442fad48c87fe0e18e612bc44dab86e13d7fc361a66cThis Metasploit module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp" parameter, it will copy the contents of the "docbase" parameter to a stack-buffer using the "sprintf" function. A string of 396 bytes is enough to overflow the 256 byte stack buffer and overwrite some local variables as well as the saved return address. NOTE: The string being copied is first passed through the "WideCharToMultiByte". Due to this, only characters which have a valid localized multibyte representation are allowed. Invalid characters will be replaced with question marks ('?'). This vulnerability was originally discovered independently by both Stephen Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't been done, all versions since version 6 Update 10 are believed to be affected by this vulnerability. This vulnerability was patched as part of the October 2010 Oracle Patch release.
dfbadc6979afc5d422243d430c6c8f9d84ede4aee2963020fcf6c4c80f0ba887This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.
edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1This Metasploit module exploits a command injection flaw within Oracle\\'s VM Server Virtual Server Agent (ovs-agent) service. By including shell meta characters within the second parameter to the 'utl_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. NOTE: Valid credentials are required to trigger this vulnerable. The username appears to be hardcoded as 'oracle', but the password is set by the administrator at installation time.
a344bd54fa4c477119c5044e88885c1a910d29d6cdf06faf3ada865aec5793cdMinaliC Webserver version 1.0 suffers from a denial of service vulnerability.
3ab3f9b4f8db837e41c853797142e2f7df8a77688a4ae396d0ae8f66b544545aMinaliC Webserver version 1.0 suffers from a directory traversal vulnerability.
ead72a6bb8f230f533f692b2b034a67c99dc4c2679e9d63e5f3f4ccf08d8e869HP Data Protector Media Operations version 6.11 HTTP server remote integer overflow denial of service exploit.
4d3d1965bea2dedd57e80ca25e0124e7fe28ea8e1822d292ae5429b5ad45ae92
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed