Complete comprehensive archive of all 1,926 exploits added to Packet Storm in 2013.
46861406c453071d085d144e6c1bfd6c680e804b02e4da7f3f60921d8c973653
This archive contains all of the 168 exploits added to Packet Storm in December, 2013.
d4b9459dd028290897fa390b58a99fcf657ef3793cf5219a9528b697985dbd84
CMS Afroditi version 1.0 suffers from a remote blind SQL injection vulnerability.
24268d032758b3a26e8d832ca265c267accb897a59979da9cb5ffc116dcf3625
ACal version 2.2.6 suffers from authentication bypass, cross site scripting, and local file inclusion vulnerabilities.
511a1d027ab58b124b1f26063b3c337a2208eff63967679b47f5076351eb9b0c
Ophcrack version 3.6 local stack based buffer overflow exploit. Works on Windows 8 64-bit.
0be61e9632ecb1d28ddf2fffce00da4b5cfe5daf17694f3476753649c809805d
This program maps memory pages to the low range above 64k to avoid conflicts with /proc/sys/vm/mmap_min_addr and then triggers the virtual-86 mode. Due to unhandled FPU errors, task switch will fail afterwards, kernel will attempt to kill other tasks when switching.
ad658d72431edc17d84f7ede3e6041ec2ef755c6e9a6f0e063d9951b0dd8656f
NoticeBoardPro version 1.x suffers from a remote SQL injection vulnerability.
e0f9bb7c8e1aeac55b2e064f82d87116e084600e77beaa14dc364db6bee942a9
This Metasploit module exploits a vulnerability found in PhotoStore version 4.0.7. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
3bdbec107d32194db2d22bea603f8df3b12edc8ee908c6cb6fb759053cc04b0b
As prior disclosure to Snapchat has not resulted in fixes, the researchers at Gibson Security have released exploits and documentation on the previously undocumented API.
fac0b4639306a9c24f63349abdcdd3a9a44619200b2d4d71132244cce7879d9b
IBM Web Content Manager versions 6.x, 7.x, and 8.x suffer from blind XPath injection attacks. This allows an attacker to get current application configuration, enumerate nodes, and extract other valuable information from vulnerable installations of Web Content Manager.
69ed54de30dd34415932f287057413898bcb590a08bf4420d7b20ebaa5b7b2aa
This Metasploit module exploits a SQL injection vulnerability in the "explorer" action of "miq_policy" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier) by changing the password of the target account to the specified password.
b55583d572b94d5be808ddfcb5ca09620c6e831caa6772d47ef4ca397a0d8dfc
The PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used.
79d05414fca80bf21d6c2eb1c842e21bb4fd3ab573ff1e90f90b60fa32541ebb
Amazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.
9627d5239332fca927a6137f308067102214ba471ccb72e6c5da1b446bc2f5dc
PHPSurveyor suffers from a remote shell upload vulnerability.
1ae2be6659eceab6f2fe08517e7d5ee0c444690d71d791f904fc264c5ccdc978
Ofilter Player version 1.1 integer division by zero exploit that creates a malicious .wav file.
82448eb9a0eb3e37a6df8d7c7ac93b3401c0c63f6d2f2ebbad44bb6503c592cc
This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.
8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232e
WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.
00c782cd1bf296e3d433962ceb1d7976f641f78821242d9e2dcb9de59a95273c
AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
83e2b745be93d36c6d8f251eb3ff8e050c3d08d2693edf4929bbd4bd6f6b2a97
WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability.
f8840c091172531deddf4652fb5f9157003d57aa86d4e8c7c034f771605b859b
RBS Change version 3.6.8 suffers from a cross site scripting vulnerability.
925e2a5ae0d035197ded4fa690d78d5f9cbfbe8153e26db10ef8fa743617ce20
eFront LMS version 3.6.14 suffers from arbitrary file upload, file read, and path disclosure vulnerabilities.
236bf191a5b34718ed687f6cdf5729cb22931ec79eda5c590ecd278be5ac58d2
AFCommerce aka Amazing Flash Commerce suffers from a remote file inclusion vulnerability.
38635dedaba0b79f283542b9b7fac8b6b1cbee36f0f5a1954dd0efc39f29c96e
Windows Live Movie Maker 2011 suffers from a denial of service vulnerability.
241e324526f25e75f9300532724c02cca0e7a22fdc2aa5837d9184c9f046fc58
JForum suffers from a cross site request forgery vulnerability.
f93df6b7611a0b561f97c882b6fbffda3eb97f02bbf55aa9f4eead3559e8a9fa
RealNetworks RealPlayer versions 16.0.3.51 and 16.0.2.32 buffer overflow exploit that spawns calc.exe.
58542a3b53839183c22c124f4c3d3ee9a380986526edc0d4edc243944855703e