This archive contains all of the 172 exploits added to Packet Storm in January, 2013.
74fea4a019701a031dbee29df1744b162ea82c0d2f2a57756440daa357692b8a
Netgear SPH200D suffers from cross site scripting, path disclosure, and directory traversal vulnerabilities.
feb81bf5c98699eaaac241a0def910ecd684f41727637e5be8c37af1a136cd6a
This proof of concept exploit determines the password length of a local user who runs "su -".
022c6530fd20470c1bf0ebb6d2d713b94830d8056ee73fad6c52655e8f455190
The WordPress RLSWordPressSearch plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
b26265f8773c88bd11c805605ff88de7f20c168b9649111452af6b633c767de8
A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.
a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8
Buffalo TeraStation TS-Series with firmware versions 1.5.7 and below suffer from file disclosure and command injection vulnerabilities.
a1a174bf53968f44a8d76eb7f7bf2481d5306ead2f09c68a726696b25e20edf1
D-Link DCS Cameras suffer from authentication bypass and remote command execution vulnerabilities due to a remote information disclosure of the configuration.
c1329b50cb25791144375301f318deb9c2bb5c9ab4b24f003828a94666df0172
DataLife Engine version 9.7 suffers from a PHP code injection vulnerability in preview.php.
f9fca371c6cc4a2c4cbce0576e95fe335c2ff36d4ec6b96f3b9230f8bf8b8d3a
PFsense UTM Platform version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
45926ded3475024d0aef4360545bac2b39e3270b21031d2fb34960a446010ee1
Apple QuickTime Player Windows version 7.7.3 suffers from an out of bounds read vulnerability.
3d60aec0fbab876dd922d47e86103c69e20f4e9c1f873e349d83a0f172ffc979
This Metasploit module exploits a remote code execution vulnerability in the JSON request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a remote object, which in turn can be used to execute any ruby code remotely in the context of the application. This vulnerability is very similar to CVE-2013-0156. This Metasploit module has been tested successfully on RoR 3.0.9, 3.0.19, and 2.3.15. The technique used by this module requires the target to be running a fairly recent version of Ruby 1.9 (since 2011 or so). Applications using Ruby 1.8 may still be exploitable using the init_with() method, but this has not been demonstrated.
769b2cec718b2f5c0376d0da94e63d98f26719caaa5c210d5a2be3bf33552211
Hunt CCTV and generic brands suffer from a file disclosure vulnerability that discloses authentication information.
14b74ae440b4a6e07d0a98ee13f99a611c71523e6ac3e975712c53334e4ca50b
Kohana Framework version 2.3.3 suffers from a directory traversal vulnerability.
ea06955b013046f6fb45f73dc70e9f96d73e7d9d2dc5ae38af913fe70c4fa2f7
Exception-handling and input filter bypass vulnerabilities have been detected in Fortinet's FortiMail IBE Appliance Application versions 200D, 400C, VM2K, 2000B, and 5002B.
a7f37e90cd1bb9bf20490bf181d3c23bf5514eb7d341e42a733e7a2989dc440c
nCircle PureCloud Vulnerability Scanner suffered from bypass and cross site scripting vulnerabilities.
d0981aa4c5de3af0ee27372b710e88674902e0a7e5c20ed0ad8cebb12d5f460a
PayPal suffered from a persistent script insertion vulnerability.
94a509e5cbb5161d8060abd3385a8bdff995a376f1b0272a7ceeefe20b90587d
Photodex ProShow Producer version 5.0.3297 suffers from a stack-based buffer overflow vulnerability.
8950afe8c76bac1b5fc520a0e7b3f1321468130de042fa250c83d0f3ac59b4f8
This archive has a whitepaper that discusses research and methods used to circumvent Microsoft Windows 7 and 8 memory protections in order to execute arbitrary assembly code. Proof of concepts are also provided.
c8e610b00b7c56c4bacab2f28c7776039d77d68be2dd25ef959f8e2a888d5f82
WordPress SolveMedia version 1.1.0 suffers from a cross site request forgery vulnerability.
d6d5e137bc5f0fd2a00a14895fd74b59860d9438f3c86d91c1becb0e2045422e
SQLiteManager versions 1.2.4 and below suffer from a remote PHP code injection vulnerability.
61d7e00826c1ad6e61312d9904f3e661a3f1f6e54ab615e5b0e96b810b66f878
iCart Pro version 4.0.1 appears to suffer from a remote SQL injection vulnerability.
3b48b3579020811b9ff44226fda4004419b2ed8fa19f76a27cc1df8a74f23ac0
PHP Weby Directory Software version 1.2 suffers from cross site request forgery and remote blind SQL injection vulnerabilities.
572d1b20768e8331c2b66eac4d6d1dc5cfdf85fc241f40af5ca5afd11e3ac57f
KMPlayer versions 3.5.0.77 and below suffer from a denial of service vulnerability.
21636c8ad96d39b661590a210d00122e1737eabf00f768fb403dac06928de73b
This exploit abuses a buffer overflow vulnerability in Novell eDirectory. The vulnerability exists in the ndsd daemon, specifically in the NCP service, while parsing a specially crafted Keyed Object Login request. It allows remote code execution with root privileges.
41c7d577cabf17bf6074aed42966e6f700d82cb01279178ff1582300f49a6054
This Metasploit module can be used to execute a payload on MoveableType (MT) that exposes a CGI script, mt-upgrade.cgi (usually at /mt/mt-upgrade.cgi), that is used during installation and updating of the platform. This allows for code injection.
9f1569dcdb5b14c9f7ccc437f947a2040582d389fc39d6d3e38a34b0a7f83d25