This archive contains all of the 310 exploits added to Packet Storm in April, 2012.
0778b4690ac03dc41af7421cff62de5b9c7dc634628983345be2df57bb00b38e
McAfee Virtual Technician version 6.3.0.1911 suffers from a MVT.MVTControl.6300 GetObject() active-x control security bypass remote code execution vulnerability.
5a476c9c527f6a272b92f731c3096dfabcad22d8aab8943fa6a023e57ce5a5bd
WebCalendar versions 1.2.4 and below suffer from a remote code execution vulnerability.
505518c769aa0a8f543863fa3ee2b3bea199044e7d9263695e1c25fffbeb5719
vBulletin version 4.1.10 suffers from a local file inclusion vulnerability in functions_cron.php.
628185c7c48cdc051330593d7c3c685ea1fbb03ae78f4671d8f1c0d577ad2677
Pritlog CMS version 0.821 suffers from a cross site scripting vulnerability.
245888a240151ce0d1e93a3c82f4cb9b13ac65c695f627a201a8dffe6f04c945
PHP Volunteer Management version 1.0.2 suffers from a remote SQL injection vulnerability in get_messages.php.
9a74e361eb691b26b30af3d6a4929353b0efdc655299a686c93aeb2aae246967
N.E.T E-Commerce Group suffers from a cross site scripting vulnerability.
8677b08e72ca47640d9e89a8c7da39a1cbe33369a575d70cb6e76beda74603d8
The WordPress WPsc-MijnPress plugin suffers from multiple cross site scripting vulnerabilities.
c828e72507c89ff59beebcca230f1581bccd1988ca7e1fe0546a71cb4fced2cb
This Metasploit modules exploits a vulnerability found in WebCalendar versions 1.2.4 and below. If not removed, the settings.php script meant for installation can be updated by an attacker with injected code. This allows arbitrary code execution as www-data.
29b4c547a774b448684e25b5a3790447dba6bd3752a031b9b5ce3b8d549c07cb
Remote Anything Player version 5.60.15 suffers from a denial of service vulnerability.
bed7c036a7c82edb36944ea8ec914bc2ee2e4524de039500e9c4d2ab54455325
Booklight suffers from a remote SQL injection vulnerability.
bbe921d900d3b3d205aab38fe306d0b1d296ce3a918bdf180fcea22c22d6ab60
Opial CMS version 2.0 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
b715a5d501c76b72681966b20da82857d1bfe2b30fa888e030a30457fc23c59a
Croogo CMS version 1.3.4 suffers from a cross site scripting vulnerability.
d52edbae3dcbd904127baa83996273ebf95e0a131a2429e7ffdc398dc3e73ca1
Soco CMS suffers from a local file inclusion vulnerability.
b262c4bad8a0db244172d85bc17ec280f51cd55643f5503b5357848448ff6548
The Chinese Pujiang government suffers from a remote blind SQL injection vulnerability.
7328c5b2dad92a77a5427450b574a00da3c7225dc0e5259414b1b575dec3bd6d
Varzesh3.com suffers from a cross site scripting vulnerability.
df5d8a0d6bef7441b14a9a4211f200846a0aefb650d668cd3db8a04164fb8921
CMS GratingPeru S.A.C suffers from cross site scripting and remote SQL injection vulnerabilities.
cd880ae80f357995e86aa35da84af90210c858d7b132f4c0e19a1425b0225847
MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.
e6b0a6d0eb5642150f170e010552ff83ed91020020af670d6d374c55c6a6add5
IPA-IAC.org suffers from a cross site scripting vulnerability.
77a9e2f310258d1940bc0fe562fc77d876b8fef7e84ca4cef9c39a6d6b387064
eRealty Shop suffers from a remote SQL injection vulnerability.
2c251560027262d87f3e58becdb1eb1ef90c4a4ac1aea433394fd3f03b13a30d
Maxxweb CMS suffers from a cross site scripting vulnerability.
38c469861a4a9cf8469dd60047951e878965800747f1740ea27f2c4ac072974c
Uiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.
b9152582b0c4f0b77c7e1db220fcefc393f21d4e2076d4a38a60087190e6ac5d
Uiga FanClub suffers from a remote SQL injection vulnerability in index2.php.
b891f30b05c9592cda7573ce5109fbc6144061bfe8d26859be66aca92711d27f
theEZsite CMS suffers from a remote SQL injection vulnerability.
9d4acd5f831e225a13cf452da26b915dc83f601ab922fbf3a0630f1c39bc075b
Source CMS suffers from a remote SQL injection vulnerability.
79b3712cd4d46a746e6e373928813d3bb4c12657dbdfd1e1fecc9438702f9c46