This archive contains all of the 253 exploits added to Packet Storm in May, 2011.
3bfe1448e63a35e61e4f6614a659dc1481879f4fe7b179f5ea443690c00161a5
Guru JustAnswer Professional version 1.25 suffers from multiple remote SQL injection vulnerabilities.
b411599b06af14d877cb69d0191dcba323cdc4737823fe7f423d38036f3c283e
iPhone4 FTP Server 1.0 empty CWD-RETR remote crash denial of service exploit.
475b9126b494053efc37cc13c7a6fa63dedf0a3b5b6cfad131b1b11adc82d7a6
This Metasploit module can be used to gain a remote shell to a Joomla! 1.6.x install when administrator credentials are known. This is achieved by uploading a malicious component which is used to execute the selected payload.
612d16778b5cce15c16e50253fe4bc1f0dbda9b28aac75b76518ca8050eb526c
A vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and then store those credentials within the notes_db. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.
647e5aeb46772c7d0cdb8e0649db65e77ffaa67a35949d881a8ff0eac18b6c6d
Kentico CMS versions 5.5R22.23 suffers from a cross site scripting vulnerability.
9f11fec3060e9fb15201282364d5cc0bf0d5d681f43c5b204bee3e6115fd40af
This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
f8db17b294efb81fd18b606bdb54bbae4c0ec34e8fe95b0d4a1492781eed0504
GloDerWorks suffers from a remote SQL injection vulnerability.
bd2dd524079f96906063e53d73019cf13f518a5826cfc773ec864ba4cbc7184a
Belkin G Wireless Router with firmware version 5.00.12 suffers from a password hash disclosure vulnerability.
1ff16d35f0826f93976163d23810916b6c842c832770207c9409be7c72c79f0d
This Metasploit module exploits multiple vulnerabilities found on IGSS 9's Data Server and Data Collector services. The initial approach is first by transferring our binary with Write packets (opcode 0x0D) via port 12401 (igssdataserver.exe), and then sending an EXE packet (opcode 0x0A) to port 12397 (dc.exe), which will cause dc.exe to run that payload with a CreateProcessA() function as a new thread.
296723ada905112b4245260cd9a74751a41e72054aba11b2d7103f9bf26ee23d
Websolutions suffers from a remote SQL injection vulnerability.
30a65cedb585c3de4627c61682d858af6792fec5474e7dc37acbfadb130be426
Brother HL-5370DW series authentication bypass printer flooding exploit.
69ba0d86e6d0b7124147193d370e4dfd4bd7cb45647214a92e3d52799e0c90b2
MSN Live Messenger version 14.0 Plus! suffers from a DLL hijacking vulnerability.
aefdb3d190c9576d9c7aff86808641f8c0b86d00650059273a13b750b4452983
Callisto 821+ ADSL modems suffer from cross site request forgery and cross site scripting vulnerabilities.
0e16cf1eb86fda073d42b60cae20ced062f3ed4454b91874e9820d5bfad4540b
Apache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site request forgery vulnerabilities. Proof of concept findings included.
b246d86c77384bffeea71e41705debe975936da36f6664257f23a0509e892515
Apache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site scripting vulnerabilities. Proof of concept findings are included.
1f7075aceb2d7c4e01fac7c5d2d2a82b49fcbec88ecad5a0c498e8a110ae8625
w-Agora Forum version 4.2.1 suffers from a shell upload vulnerability.
1d03bd93f900a0aeef872305e5386ad4576347bb3a38abce47a006ff17a3c125
Forticlient SSL VPN suffers from an insecure lock file creation vulnerability.
8506d14f5b9b106d76701809ddd09faece117b48ea34a90276743543733328d0
TinyMCE AjaxFileManager suffers from a shell upload vulnerability.
44777303e5da93672d9c5850f2ad115033b7443eace995d9841ceb2e993b5de7
The Joomla Joomnik component suffers from a remote SQL injection vulnerability.
26a5ba75fdccbc4771490590f55b59f490f45090d5cd4c980defbc32c76774b2
HP Data Protector Client EXEC_SETUP remote code execution proof of concept exploit.
74be50124dc9e7c705be0e3addd5aeb34b9d814fd5388d581dbc47f14bf3077b
vBulletin versions 4 through 4.1.2 are vulnerable to a preauth SQL Injection issue that may be used by an attacker to extract user credentials, and potentially gain administrative access, potentially leading to remote PHP code execution.
66a76054bed8d3379af551d8013a3dd18f852a2244d56170a687f6adc9318f37
This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
b79669815ce9dff5b0766e6ccba3931a6b21c34e7949eaf09004b7f32698c32f
This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
95ab789932419023a2b9612004b6abf2c74e2907a3d992a52eb027409b4fa0c2
nvisionix Roaming System Remote metasys version 0.2 suffers from a local file inclusion vulnerability.
b9be354e82d57c4f7deaa02953e80b5ac0e0d369470d7bee527364a2667c04a8