This archive contains all of the 157 exploits added to Packet Storm in February, 2013.
3ca8c782834b8aa7cad0999737ca998d5dabc9d1a592cf13353edea165d992c6
Piwigo version 2.4.5 suffers from cross site request forgery and path traversal vulnerabilities.
fa7caef3d71bf542944197ba1254ae80793c996f818ebada67016b53bda20be2
Geeklog version 1.8.2 suffers from a cross site scripting vulnerability.
65069d7d58e534e690dddae77b00805e002a5382694fcd1b33220b7f7858f6b3
D-Link DIR-645 devices suffer from a direct access authentication bypass vulnerability.
dcf3e8cc9b88697715721a2cb01e45776ca2a0185c8282b483cd16f4d102e436
The Fileutils Ruby gem suffers from possible remote command execution due to a lack of passing unsanitized user input to CutyCapt for execution. It also suffers from insecure file handling in /tmp.
9effb3c69c98b3176ca1adde2524ed4a2a4b6bee7a62e010054f819e6d60b521
Joomla! versions 3.0.2 and below suffer from a PHP object injection vulnerability in highlight.php.
b92a59cc11acf090199faddc39dc367a4ca15c89eb182aeebe087497a2bb2b43
WordPress Comment Rating plugin version 2.9.32 suffers from vote limitation bypass and remote SQL injection vulnerabilities.
f3eff5dbde08320f1b9d6c19ee7a8ff2b8c4264d0143262e0b8d26506831ed4e
Gambas creates a directory in /tmp called gambas.UID where UID is the user id of the person running the software. Gambas does not check to see if a malicious user has already created that directory.
265512fa79bfac648de386e18f99ee937d26851f9df7995309f00539ecbf6106
Brewthology version 0.1 remote SQL injection exploit that dumps the user table and leverages beerxml.php.
2a468fd42e9ff8f4ed89e105b058173e97ccfb7bcac8a4635e83bb2d0588d739
Local root exploit for Archlinux that allows an unprivileged user to take over control in kernel mode due to an out-of-bounds access of the sock_diag_handlers[] array. Works reliably against x86-64 3.3-3.7.
25f2aab0c8030a52582b1a4727080cb36afc4818b3e2b57e373fe61a918c940d
This Metasploit module exploits a file upload vulnerability in Glossword versions 1.8.8 through 1.8.12 when run as a standalone application. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the 'gw_temp/a/' directory.
6a00fc56bffca149e62d8602fbecdb81bf01e94e53c11f7eba4da3baed5c74a4
This Metasploit module exploits a vulnerability in Kordil EDMS version 2.2.60rc3. This application has an upload feature that allows an unauthenticated user to upload arbitrary files to the '/kordil_edms/userpictures/' directory.
c33960b0a5838ddb0853afe03218b7db5ca3b95debdf3a837b3c39d718e797fc
This Metasploit module exploits a file upload vulnerability found in PolarPear CMS. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
d370b8ce0ea599ae7baa968d4166c255fd933b5c56eb77c490c0d1b8f597ef28
MTP Poll version 1.0 suffers from multiple stored cross site scripting vulnerabilities.
fd4383d0770c3c6af8f72b9815aae12605343398154a01d43ae44636bef6dc5d
MTP Guestbook version 1.0 suffers from multiple stored cross site scripting vulnerabilities.
529efdafea4eb48f880aaa208c6bdf7dfbfaa5fd4e980cf47f3d7c5e2a66616e
MTP Image Gallery version 1.0 suffers from a stored cross site scripting vulnerability.
61c1d4858ce3e719e8413ba6347af8e914ac284cf57610d197eed9aef84f1294
This Metasploit module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February of 2013. Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning to the user.
0abc5276937c182f0640b79c2c4ed49a2a0bde2a1aa762e63cc17c0ddad5fe4f
phpMyRecipes version 1.2.2 suffers from multiple persistent cross site scripting vulnerabilities.
9ee74a35b8f01ce1962bdb0304e813e3d1601e6030bd495015c297cb735c1093
WiFilet version 1.2 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.
9e42d3706a2f92089013ffd59637c2acb3ac7fa9a20c41a3158d9e48b2f1c6c3
Porch Light Media suffers from a remote SQL injection vulnerability.
c3ef4a42129971062e2fc48aaa53cf71cf7b0e9ee59beaf43b5e106fa48ca120
This Metasploit module exploits a use-after-free vulnerability in Microsoft Internet Explorer where a CParaElement node is released but a reference is still kept in CDoc. This memory is reused when a CDoc relayout is performed.
c34a481f2b8be1ac2f3b8a01e8ab562889bd7cdb4f5c7a2ba7fee1e09d0c1f5b
Rix4Web Portal suffers from a remote SQL injection vulnerability.
21a5c60f31cc971ba72b095390c902fc6403d9885ffdc35709a60522a7c84a89
Photodex ProShow Producer version 5.0.3297 suffers from an insecure library loading vulnerability. Proof of concept code included.
37042fd4c529e3d7db8443fd5e77c902abe947c3615533a5f6e2701744019f79
IPMap version 2.5 suffers from remote shell upload vulnerabilities.
4ea9f2c5a1e983bec5d9a1f80b38b56539c742b02f0aebdb0efe644b9791b52f
Kayako Fusion version 4.51.1891 suffers from multiple cross site scripting vulnerabilities.
e5a1b421f1331b506120588b7077a7a1b08b387f3bfb66b50b518984683e378b