My PDF Creator and DE DM version 1.4 suffers from local file inclusion and file upload vulnerabilities.
cc81c0b63733f6dd75f11423ad214819b47b184980b8f221c00c8841c9555a0dThis Metasploit module uses two vulnerabilities in Oracle forms and reports to get remote code execution on the host. The showenv url can be used to disclose information about a server. A second vulnerability that allows arbitrary reading and writing to the host filesystem can then be used to write a shell from a remote url to a known local path disclosed from the previous vulnerability. The local path being accessible from an URL then allows us to perform the remote code execution using for example a .jsp shell. Tested on Windows and Oracle Forms and Reports 10.1.
0ae51161a01d969079b5ae31c9e558381714eaaed892cb6da032845477f29e85Office Assistant Pro version 2.2.2 suffers from a local file inclusion vulnerability.
30cb2b510b5e639ac51997a9817262bd51d72ac919a3800bdeb9af06a3f2976eProof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.
ae7d5127e7b3b8fa46d888c48b1a569122f9a4eb074e9be265ffb8853f9989d3HP Data Protector EXEC_BAR remote command execution exploit that affects versions 6.10, 6.11, and 6.20.
61724438d24f7c3fae1f27461fbde907581b70b0ea7feeb0605890476a22853cOpen Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application. This vulnerability affects Open Web Analytics version 1.5.4.
33fdc3435e7222254bf0a84debe464683ce87c332c33bea4a6d45b428d72c3e2mbDriveHD version 1.0.7 suffers from local file inclusion and command injection vulnerabilities.
0defc0dabaff7f035a35e570bac2932c3ed3359b798d8fef709339759dcd991ePina CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
cc20e5401576a2ab22f58f1619da4ecf79fe33e2b0a925c31896dc3c7d7c65a8DSMS suffers from cross site scripting and content spoofing vulnerabilities.
a532f56dcb6a02581fb990ea71eac48b12052295b174c9a01efdf3d1bc99fea3This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.
0cfc418101360d5c0f8ce242ec0a13b08842bfc2efb02f687606c41de85db95fJoomla Wire Immogest component suffers from a remote SQL injection vulnerability.
00f576b8ef70f91d67d4a0cdd53e86330293ac059312acb206cf9b1dee235766phpMyBackupPro version 2.4 suffers from a cross site scripting vulnerability.
6767817fe5860950f41ec819032f9c3840f6da224c3da044c7046a905e269882Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.
78e82ca781d0bf202c1592072afde4056c2f49e9ef54f2deb4e6b7ae0a5203abH K Digital Online suffers from a remote SQL injection vulnerability.
57529e1228897e3e3426a9220d1201a76f6dfe5e211e8fab8ef65dd630347e2bSymantec PGP Universal Web Messenger versions prior to 3.3.2 suffer from an unauthorized access vulnerability.
3232c190e9c3b61290c9500712c00ed512bdaaceabaa23ecf04aebb226a5dba7This Metasploit module exploits a vulnerability found in the command and control panel used to control Dexter (Point of Sale malware). This is done by accessing the PHP page used by bots to report in (gateway.php) which does not sanitize input. Input is encrypted and encoded, but the key is supplied by the bot connecting. The 'page' parameter is used in this case. The command and control panel designates a location to upload files, and can be used as a reliable location to write a PHP shell. Authentication is not needed to exploit this vulnerability.
dce8241e9805e316fba94ae258cb1d530cdf76424afa2b06b216ab421407282cTomatoCart version 1.1.8.6 suffers from a local file inclusion vulnerability.
0db04e2aa39556df8a1625587d835afcc627d919a44f82e78ca794ed5802b291WordPress Better WP Security plugin version 3.6.3 suffers from information disclosure and cross site scripting vulnerabilities.
bafa2024f4c45430b34ad1a7bf7281c235b2ac9d77bc18d543a0ac4ec5aa3b0eAcunetix WordPress WP Security Make Backup plugin version 4.0.3 suffers from a cross site request forgery vulnerability.
b252718580ee023413cc606be9290cfbd4802abfc7c7fe6ae15564dab7317941Proof of concept SQL injection exploit for the panel in Dexter CasinoLoader. It exploits the gateway for bots to connect in, which sanitizes none of its input. This version of the exploit just dumps database data, and can create a GEXF file to make a graph in Gephi.
e23bf1f6bf9d448ec21c0e08084f86886e247080217d33e730242930b073b444WordPress Buddypress plugin versions 1.9.1 and below suffer from a privilege escalation vulnerability.
fa0ee4897fffef374ba31d9600f656b4b67d282b9dee8e74e5f06db89ccd0ac0WordPress Buddypress plugin versions 1.9.1 and below suffer from a persistent cross site scripting vulnerability.
cb6e6a7f1e53ac871ca5f03ab6a3fb79940b35b8a9e403602f1639a1c1c52a7bBoxcryptor.com suffered from a cross site scripting vulnerability.
aab48458247a4d57f3545b2250a6b9478315321df0e69c78e7b61de5f2d118d3This Metasploit module exploits a stack-based buffer overflow vulnerability in Easy CD-DA Recorder 2007, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .PLS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
c9daf2bd49e0d41a84aba9c84b5e15a725fb5951f463b99f9505e1ba8d5f5f1eCA 2E Web Option version 8.1.2 suffers from an unauthenticated privilege escalation vulnerability that can allow for a denial of service condition.
cb6ba2704a2a0e3d944bde61fec01be38663ee9a4892d786234c64e6316d2156
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed