This archive contains all of the 214 exploits added to Packet Storm in October, 2012.
55d391b831d27387b76fef84f98ff7370a0ac8a949ed56ae7e923c105ba708a8Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities.
e553338547e8f9516a41ca14cb1fb5ac3c1728638db05b0a8e2505e5ba2cfb72bloofoxCMS version 0.3.5 suffers from multiple cross site scripting vulnerabilities.
7f0652486b0b291eaf4ebee1cf69d8a112da0619edd1c1b47c453d40da74eb4aUMPlayer version 0.98 suffers from a dll hijacking vulnerability.
0346a1414dcfdb72c89580ced7c9e21057d21993cac2959f40ba81ffa39dc871Sites powered by 4ColorDesign suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
8451d79734a9041baa396067cef45b7d89b3387d7a743f011734c5ab2f20e5f5Sites built by VICOM STUDIO suffer from local file inclusion and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
be47a7fcb6978ccd66bcb0aa815c774e9705f375b723c1fa20793fb2813c0aafSites designed by Keshav Infotech suffer from SQL injection and cross site scripting vulnerabilities. Note that this finding houses site-specific data.
05e33709bf75e4ca9c8b145bd1ae0133f69517c6eb0d6523941dcc3bde6eea38Sites powered by DATA Estudio suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
fb6fe9d8b4db47ed8317afc07acf2199e7f10925c700f42c0852b807ac4038d3Sites designed by 2Point Solutions suffer from cross site scripting, remote SQL injection, and local file inclusion vulnerabilities. Note that this finding houses site-specific data.
b3e51a3c2727df62feacdf264759aa35468da518c44c7cc4c7ee9e0466b16224Sites created and hosted by SIGMA COMPUTERS suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
2b579827db4c76e68f3ab7495217d701009afb5c8e916aada451d84dab1ac930WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.
de830eed195cbfc1599a0dbca00d8fe76804c6bb2f451f88dcf2319725caba6aCYBSEC Security Advisory - Endpoint Protector version 4.0.4.2 suffers from multiple persistent cross site scripting vulnerabilities.
ef0092389df049ef7eb3985f4d8f532b6da2398a44b2cb06c67d4c0a037ddab5PG Dating Pro CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
2d29ab841271349d3f70693eec7abef53734b54ed8c65588674506854c6b0f6eVaM Shop version 1.69 suffers from cross site scripting and remote SQL injection vulnerabilities.
b0b18e474c417fd1c040915d886eccf373c7e089f4abd9ab7ba5574762eb53acThe Joomla Quiz component suffers from cross site scripting and remote SQL injection vulnerabilities.
a4cf9598978b4e508c4901011742af5b2e071f4e07687b1393bd4f8be7d61956NetCat CMS version 5.0.1 suffers from cross site scripting and HTTP parameter pollution vulnerabilities.
21d9c58badf1220d20cd3097eafaba785483ba2bd3262191fdded25eb9733d84TP-LINK TL-WR841N suffers from a local file inclusion vulnerability. Firmware versions 3.13.9 Build 120201 Rel.54965n and below are affected.
30b33ca4e19b4006382480798e9d11511f9fab053f7f020f3416d3cf693d302aThis Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x8c opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
b17f8aa903e5e1fb8c11edc59aa31a5d56b46b6c73d9f2b8f5465c470c2951aaThis Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x34 opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
809a9aac4f2a408b3f9058799cf1083d77ec0a7e8360fb3dc6acb06f3554aeeeThis Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.
ae2e0907bda1eeb2906f4560caa8085b35712d1a7fe05eeb19dddd8fe8de7ac1Aladdin Knowledge System Ltd PrivAgent.ocx ChooseFilePath buffer overflow proof of concept exploit.
6b0e1f5b8ce0b43f6fe89b5aefc2eb998856bca69d78c4825813a7b9d9459d3dhMailServer version 5.3.3 IMAP remote crash proof of concept exploit.
454219d88cfcbbb8095c691c1741bbe47a484f55661fbda3a4c11ecd92d298bbMicrosoft Windows Help memory corruption proof of concept exploit.
82d19ca3b60a9332405e2523a1e48b00ebbabb65324fe0407d610384e7436670Microsoft Office Publisher 2010 crash proof of concept denial of service exploit.
b2596f036e91036b1d9c5e75fe931fc3789cd3a28a5f811d1c8bdfe17aa40c79Microsoft Paint version 5.1 memory corruption proof of concept exploit.
15e5373002cdf14b6c92cf97696861304cc35f3a4bceeadf2a2995e5a4c4daa2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed