This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
7f7fa7d76079ea7a99a629f8223bcb4b881b275d2d9b9c051e830361276e7852This Metasploit module exploits a vulnerability found in appRain's Content Management Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a malicious user can upload a file to the uploads/ directory without any authentication, which results in arbitrary code execution.
ecfbba7aea3ed45a511e747ceee47ff495011c2a8d081ea91351b0810e76feccPHPCollab version 2.5 fails to properly block access to data on the system.
ad1e859a0053e07ee00038c1f82d65922620560b4eba951b6f1db6e5b2ee29a5YDFramework version 2.0-Beta1 suffers from a local file disclosure vulnerability.
30af9929c9f3964f827f0a5fca1c7df7ea29edae703cfdfcf3fc2c41f7adfd54mod_auth_openid versions prior to 0.7 insecurely store session ids in /tmp/mod_auth_openid.db unencrypted.
38e86ab74026a3ed1cc80b4676aa4ecb3b7863107daed098dea57ce009b8de2cSymantec End Point Protection version 11.x and Symantec Network Access Control version 11.x local code execution proof of concept exploit.
d2c6c09960003fa18cb090bcea7cbd0573d048ef3bac16353e5db8e15ab33911PHPCollab version 2.5 suffers from an unauthenticated file upload vulnerability.
b659409d571a68a9b67a3701abfc25188156d0e9e9e283e902fe7b44fa58cec0Ajaxmint Gallery version 1.0 suffers from a local file inclusion vulnerability.
ae24ac569a977d10cd3b7a2b2a8e5ff5f4039f1fb0729324c394d08749a38467RuubikCMS version 1.1.0 Beta suffers from cross site scripting, information disclosure, and directory traversal vulnerabilities.
deb663d308e32b6666af67c1933589bdef38a45778db4b991eadf3895df60329Novell Client version 4.91 SP3/4 privilege escalation exploit for Win2K3 and WinXP.
4ec2f8f29147c1ce17f8421e5cc26463ec7e91ac339c0dc03fbab345bff2b6fdThis proof of concept code demonstrates a Microsoft Windows XP keyboard layouts pool corruption vulnerability, post MS12-034. The vulnerability exists in the function win32k!ReadLayoutFile() that parses keyboard layout file data.
54effee805a222747d3e4ec5807005657d3668ba3d5cbbdb7f184fa0ed2f64c3Supernews versions 2.6.1 and below remote SQL injection exploit.
414be42901dc68b497a5a2788ff5fb2d0b26e9d4463a3cf9651c275fa24f8c16PHPCollab version 2.5 suffers from an unauthenticated database backup download vulnerability.
9a46856d1ef2f65839de2f080ba3af5ea42fd6478ae04438b9ce383fffe5a549Tftpd32 DHCP server version 4.00 suffers from a denial of service vulnerability.
1a342e796ff5f970ca9b1981321d23fdbb89c169be041e74c062f6901144040aPHP CGI argument injection remote exploit version 0.3. Works on versions up to 5.3.12 and 5.4.2.
c1ea06d9cffa10420a9d1187939611b8d7ae8fbca94540c697ed77e8bcca021eYandex.Server version 2010 9.0 Enterprise suffers from a cross site scripting vulnerability.
7be25af2c11de6d35265a9dbf7c47a1f05b8735eb5b46f23a2623887426bfcfdThis Metasploit module exploits a vulnerability in the FlexNet License Server Manager. The vulnerability is due to the insecure usage of memcpy in the lmgrd service when handling network packets, which results in a stack buffer overflow. In order to improve reliability, this module will make lots of connections to lmgrd during each attempt to maximize its success.
2d6d029945aaecc2ac0003cb91c1250f912d627ce695077b2bfbd1919c57f669This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.
009165bbb7f39c130705ca1779b5bf21f2c3fd6f324d13329ecce60c590e0dccThis Metasploit module exploits a vulnerability found in HP's StorageWorks P4000 VSA on versions prior to 9.5. By using a default account credential, it is possible to inject arbitrary commands as part of a ping request via port 13838.
1f354fd80321e3a8c75c32db994ccf7fbd51de54814d94d9641e5bfccae9d6f6This Metasploit module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab by abusing a preg_replace() using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in activecollab/application/modules/chat/functions/html_to_text.php.
dc407149c6ca0f8de287ff88144c5d975efe9da8376d1ec83d0a3d2bd4d18f90Plogger Photo Gallery suffers from a URL encoded SQL injection vulnerability.
1d809b3e47f9bc73a1cdb2626975f37ede3807ab5c5a5139362dded3b11e4574PHP versions 5.4.3 and below com_event_sink denial of service exploit.
f9e58d76235326111668e7a07024e4373c09a94c235cdd96324ef0f57eeebd16phAlbum PHP Gallery Script suffers from a cross site scripting vulnerability.
723c6ef6661ac7169ced0e8dd7d0c1a433062a8a9b5a6efd4ad00d031c7e04c4Acuity CMS version 2.6.x suffers from a shell upload vulnerability.
eb52dc2e6402bd8221b5dcbb9f2dd676100c2ec5e3e8bb777c4b9c31939659e0PHP versions 5.4.3 and below wddx_serialize_* / stream_bucket_* variant object null pointer dereference exploit.
186f4ea7623d98c66ebb266a599e771143dbdb3ba4aac5d564ff29b77b55d1d6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed