IRIS Citations management tool suffers from a remote command execution vulnerability.
e789e15c69c2329a965883f322fff813ff1f36966e788f2e72e60793bc951b08Linksys E1500 and E2500 suffer from cross site request forgery, cross site scripting, remote command injection, and directory traversal vulnerabilities.
8f4ca31ed3ff1f131edf930a3e632c1433e475e164124e9a7516f54e7b1af180Linksys WRT160N suffers from cross site scripting, cross site request forgery, and remote command injection vulnerabilities.
39b1aacd1083769cd903e8b6c46c0bcef01ce5e97ca668800168ca3378fa2176D-Link DIR-615 rev H suffers from cross site request forgery, information disclosure, and remote command injection vulnerabilities.
41b970b21adea1850727bf853c7a64b9e73638cbc268a00e301d4a225d17b956Linksys WAG200G suffers from cross site scripting and remote command injection vulnerabilities.
2b6dddc567f756cb697c510a2e5bf2220a9fb207d776b1a3492dc2707810ea56This Metasploit module will create a boot persistent reverse Meterpreter session by installing on the target host the payload as a script that will be executed at user logon or system startup depending on privilege and selected startup method.
a70c92598f1b41407de595305edcc17da7cf3dfe1de0793892f2d4271ae6f663Schneider Electric Accutech Manager heap overflow proof of concept exploit.
49fa635763252eb16e9ccbb0e26e8f22a39b5d34dff91c81384d96f3f04280caFreeFloat FTP version 1.0 raw command buffer overflow exploit.
4f7362ee6be1e79970cb01ac60656901c0993df1ed4c92ead3f4b9a9440a878bThe TP-LINK administrative panel in WR2543ND with firmware version 3.13.6 build 110923 release 53137n suffers from a cross site request forgery.
a4ebb5a456113d1552369e105ce64cd004f64b5c019766c4fd17357cc443baeaThis exploit demonstrates the remote root vulnerability discovered by Michael Messner in D-Link DIR-300 and DIR-600 devices.
838e77a770f310592d0086570fd3486761116a8c97ae1aa49719f77441d5b192Cool PDF Reader version 3.0.2.256 buffer overflow exploit.
6da7c58daf97d72e5909ad30ae708e07b6f2050611b64f2bee8d97d06baa8e86A remotely exploitable buffer overflow vulnerability was discovered in the libcurl POP3 and SMTP protocol handlers. Proper exploitation can allow for arbitrary code execution.
8301b167f691755d2779432656ccab76e908343bbdfa0eb41f5123856c8be321Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities.
6f2789cd45882d7450ce7572d4406c8d84c4b10091095db5ba30b7f40fd8ded1PayPal suffered from a cross site scripting vulnerability.
e19a65a1052304005af595306660d4a925618d0cfa3ed99124632ab0c6814601The Netgear N150 Wireless ADSL2+ Modem Router DGN1000 suffers from cross site scripting, OS command injection, and insecure cryptographic storage vulnerabilities. Firmware versions 1.1.00.24 and 1.1.00.45 are affected.
dcec7c5cda6f10f1bbcd85f15e43d09cfdc1cbee7d31d660686584eb925c0e5cMS13-005 proof of concept exploit to drive a medium IL cmd.exe via a low IL process and message broadcasted.
50404753c972884d4bcaef2608e159561551d0c67fc240493d896a9db7df8d75WordPress Audio Player versions prior to 2.0.4.6 suffer from a cross site scripting vulnerability in player.swf.
2d9bd848a0d278160ec2ebe2b901736dd2667a68289c93d31309b38279ed0bacEasy Live Shop System suffers from a remote SQL injection vulnerability.
14c565f2b3a0a2248f1e2058efecb954d7169abfe319c9898b9ffe7fe2436e55SiteGo suffers from cross site scripting and local file inclusion vulnerabilities.
c99e07b9068b26af1eac0acf23ab7ecb21e147155ffa12778fcd6ca5436149a1This Metasploit module exploits a vulnerability in ActFax Server 5.01 RAW server. The RAW Server can be used to transfer fax messages to the fax server without any underlying protocols. To note significant fields in the fax being transfered, like fax number and recipient, you can use ActFax data fields. @F506,@F605, and @F000 are all data fields that are vulnerable. This has been fixed in a beta version which will not be pushed to release until May 2013.
4a69b08e3f25832796905f1a619e884a1be0ddff4a7741e5aa998ad429b5daaeGoogle Chrome version 24.0.1312.57 fails to properly recognize HTTP Basic Authentication when injected in various HTML tags. As a result of this behavior Chrome will not alert the user when HTTP Basic Authentication is taking place or when credentials are rejected.
e316ddd6ab2e95da7b3c2e08ac9ea8e27e40250049abf354194730d177c70c74This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been tested successfully with VMWare OVF Tools 2.1 on Windows XP SP3.
947c3e740f21931c7ef1cd3e576fdca5e6de25b2e58c1c570786397ac62955ddThis Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been tested successfully with VMWare OVF Tools 2.1 on Windows XP SP3.
9db02738e3d911d404dec888f15753cc6ace8f4996b9bf8064037d16d77e53a5The Microsoft Skype GiftCards application suffers from multiple cross site scripting vulnerabilities.
cf8abc721feaf16edbdec7700d540b0a83197f500581fd8cc33afc04c7238248WirelessFiles version 1.1 suffers from local file inclusion and remote file access vulnerabilities.
3850602449bad921852b410c589969cec88b5db971be283eacaa3ba68c2677a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed