This archive contains all of the 334 exploits added to Packet Storm in April, 2011.
743f38c3c668eb2c1cfdc703d384f8c4faebedfd6246d72d48323a87341337ef
This Metasploit module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 (Multi-target exploit). When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.
40169fda292d731fa83423db95f72a9157b704f1e0c735313549ab77c3e54b4e
This Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 When opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.
b34af7c1a1ed7cf2711905e10f913bce6d4781228c221060be316b6715a150a5
Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.
e2b8a20317fcb2c65a108738183b164cb42f48896b69cc8d703724161298a74a
SOOP Portal Raven version 1.0b suffers from a remote SQL injection vulnerability.
705187530713b62e4422e4a4b7cc4b3e15ab53f6245be6f4069d6c04b129a08d
A vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and use those credentials to execute arbitrary PHP code against the target. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.
28c21a2ec7d950cbd9d0976d7cd73119b9bed67f6d2b34e15cc02ba5fdbc2d93
phpGraphy version 0.9.13b suffers from cross site request forgery and cross site scripting vulnerabilities.
fbdabfd29694fefa57ed099cd4597225a08e5e9e1707ccfbdac1e7569375e383
The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7
xMatters AlarmPoint APClient version 3.2.0 suffers from a heap buffer overflow vulnerability.
dfe1f17a4b315b9eb567317dec5b4f68396be1e0dc312bac7ad5cb3869ad68fa
NetOp Remote Control versions 8.0, 9.1, 9.2, and 9.5 buffer overflow exploit.
51071e988c3edf11b4a9923524b79005ace98aab816f01362592f4042d07a58c
Kusaba X versions 0.9.1 and below suffers from a cross site scripting vulnerability and a cross site request forgery vulnerability that allows for arbitrary SQL statement execution.
64e2bd26377186de93fea5e171b4925473cc45a08142ff4fd3e932681827e225
This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.
e1157c518d84a4ffe3868bae4edb8772e80255a4824a34ca07799e7a7f517728
This Metasploit module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH overwritten, allowing arbitrary code execution.
26d612333618be29098a0672577a27e3c6d14fed9fd3745d7b80c96b8ea7a1fe
Cook Media Web Development Group suffers from a remote SQL injection vulnerability.
5753e094098a7bd0379bc7e35773a8de8aea4d191a595d330ac7d23d48640417
Daily Maui Photo Widget WordPress plugin version 0.2 suffers from a cross site scripting vulnerability.
3ce415536de4b96ee4985b66cd8380f457622bc1f8badc312859ee148a0f2531
WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.
a8836eafacba3a9faa51ea0de462b5618a7fb80f46ff27f72fde7b2339bd4e16
PixelGems remote file disclosure exploit that leverages a local file inclusion vulnerability.
2e7facf90aaaa0bcdd0ef29248ec91a52c246136d5645ad8eaf30961b54ddecf
eyeOS versions 1.9.0.2 and below suffer from a stored cross site scripting vulnerability.
7d4a4e68d121c5860bc7375739b43d9371bb170bdaea8915ae59210fcafb7f60
Shackleton Rollin suffers from a remote file disclosure vulnerability.
8a4b30a459bf89489b49464052951aba45564c8d22f8d0c574a62823ada4d336
BackupPC version 3.1.0 suffers from a cross site scripting vulnerability.
94caa59ee7f687031cb378f80893959ed9e17654456f0bc3c46700cb4648a125
SE Software Technologies suffers from a remote SQL injection vulnerability.
55e2527e04b3dd937b6c340e1c1d15332b0a0cd8c58364aa23c1e143136b0a4c
libmodplug versions 0.8.8.2 and below .abc stack based buffer overflow proof of concept exploit.
dbfed6a7a58ca7e45c3fb022dda6012d48c3db31b77600aca3592fc6e32e19c4
xMatters AlarmPoint Java Web Server API version 3.2.1 suffers from a cross site scripting vulnerability.
4d18669ab73ab6d9de1600f56c01ff07b87a8ca67c7effa5cd907e1b5db3d0a5
CMS Made Simple versions 1.9.4.1 and below remote shell upload exploit.
92049434cb2bd8f6a583baeff7f79abf85cc49fb49fe0162f4718be889ed112e
ClanSphere version 2011.0 suffers from shell upload and local file inclusion vulnerabilities.
4d1a95b9a80050f14fb1622f4741629ba579c1e41dbf79ffe972075e3ddf73e6