YingZhi Python version 1.9 application for iOS allows for arbitrary file uploads to the root WWW directory and also has a ftp server directory traversal vulnerability that forces no authentication.
dd481a7d02e448e69e88b80af5a9bce38fe30a0e912040a9b5f2d81914099c34ViArt Shop Evaluation version 4.1 suffers from a remote file inclusion vulnerability.
02717033383934fa8dc9251d060608c48e547159abdaef24db57a37c89e26680MaxForum version 2.0.0 suffers from a local file inclusion vulnerability.
6b6af0124afc2d1945d6ac862846413bbf00fb12e531f0e3f7b907907568a37cQNX version 6.5.0 with QCONN version 1.4.207944 suffers from a remote command execution vulnerability.
17c7824aed1a4d5db99bd7573e8240e3cdeda8a4830da36d33966a37bcf64e26The Archin WordPress theme suffers from cross site scripting and various handling vulnerabilities.
79feda0b7bd00e685a77a7bcc11ae8076e0fd00fde04b69a0ff51a66722cf77eThis Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.
ec3a92a54d30ec8115475aa2f9d8a0f18702ad62a555db9aaf6b1450a030cadaThis Metasploit module exploits a vulnerability found in Auxilium RateMyPet's. The site banner uploading feature can be abused to upload an arbitrary file to the web server, which is accessible in the 'banner' directory, thus allowing remote code execution.
a7035c9bcda8b50beee473cbedd67c5154d287ee3c5a962c820f3de3648682e5Sites powered by Stoneast suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
fcb9049bb0be6dc14b6d0be1d5698d8cd3d24bbc7d027d589fba10bef8c93e78Wordpress Plugin Token Manager suffers from a cross site scripting vulnerability.
d8b5aa91136d87d8690e965cca7c9c14444d8e47d614e655c71097afeb5cbc46Guacamole 0.6.0 contains a trivial buffer overflow vulnerability that allows connected users to execute code with the privileges of the guacd daemon. In the Debian distribution the guacd 0.6.0-1 daemon runs as root and allows connections from unauthenticated users. However, it fortunately only listens on localhost by default. Proof of concept code included.
21c45827b31f9112a4a0c027ff900505880422add95028ba0827c3398244682fAtlassian Confluence version 3.0 suffers from multiple cross site request forgery vulnerabilities. The vendor has decided not to fix these issues.
6e88245447b2add784ebc4bf3776bc8c35934754261c84c7568e33f4427e4076This is a Samba 3.x 0-day remote root exploit that was disclosed via pastebin/full disclosure.
3255de01ba1a431fa82887d7507fcc0079bd47d18e3c54f9494184842d7564dcIFOBS suffers from cross site scripting and cross site request forgery vulnerabilities.
63668d72bd95647224efbfb7997f0b4e6709fb1a368273a9d0dcb1e4586bb573Drupal version 7.15 suffers from multiple path disclosure vulnerabilities.
da97f6c6b621a645409067c51ab630e17eccce383e667955d67f4fe8018bec3eSites designed by TapIn Solutions LLC, LetUsPlay, and SmartCreations suffer from a remote SQL injection vulnerability. Sites designed by infobigs suffer from a local file inclusion vulnerability. Sites designed by Morgane and mc-creation suffer from a cross site scripting vulnerability. Note that these findings house site-specific data.
dfccfe9cfd65286116ea0a47f237c1a759784b335a20ddcad7253c19be95263fThis Metasploit module exploits a vulnerability in ZEN Load Balancer version 2.0 and 3.0-rc1 which could be abused to allow authenticated users to execute arbitrary code under the context of the 'root' user. The 'content2-2.cgi' file uses user controlled data from the 'filelog' parameter within backticks.
00bb887bb0df418300d4b44bcb42abfdd700d3c405ec1e719a786661df083664This Metasploit module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check() method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents, which leads to code execution under the context of the user visiting a malicious web page. In order to bypass DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
71b360ec4aa13486de7017b18411dfb19378317ae8e8699d3895d166df0771b8This Metasploit module exploits a vulnerability found in the NTR ActiveX 1.1.8. The vulnerability exists in the StopModule() method, where the lModule parameter is used to dereference memory to get a function pointer, which leads to code execution under the context of the user visiting a malicious web page.
6acce73c09ae26c0cdd0799d7b6afb5dff55a6136f9b0ac4216f6537527d0c5cWordPress Sexy Add Template third party plugin suffers from a cross site request forgery vulnerability that can allow for a remote shell upload.
1affa7a2359402e238e1b45c9641771b83a76a3cc8221b1f223342302e09ee91WordPress Add Multiple Users third party plugin suffers from a cross site request forgery vulnerability.
cd81726386482650be2191a3326e6387bcd6563259e0760023dc4715b91133e1YCommerce Pro / Reseller suffers from a remote SQL injection vulnerability.
674c1ec52b72be8da7c68b254c57f1fa20b169ec82242c6089ef21eab6bd8f64WordPress version 3.4.2 appears to suffer from a cross site request forgery vulnerability.
8af686881751d2aa70f5450175099f61552a275371353ead762482baa2fc2edcWordPress Sociable third party plugin suffers from a cross site scripting vulnerability.
ca8088abc345a19c3f1604398bb7efd02e47001f0f14442f8a4d0ddfee1de7c9WordPress Notices third party plugin suffers from cross site request forgery and cross site scripting vulnerabilities.
c7f6f312ad102dfd03172cf002d68b08ff7abfb419195a0645aaf0408d7cf12eGazine2 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
7fa4e5d5e20307e2c56a0df96c4f1476a397f5b02ed278d9f472b80ebc330323
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed