This archive contains 174 exploits that were added to Packet Storm in April, 2015.
67480065aa8abecec85b2ad4c8cb36f1b82c6d8fedcfa0b5e7d84c41fd389464This document details a stack based buffer overflow vulnerability within TestDisk version 6.14. A buffer overflow is triggered within the software when a malicious disk image is attempted to be recovered. This may be leveraged by an attacker to crash TestDisk and gain control of program execution. An attacker would have to coerce the victim to run TestDisk against their malicious image.
7a37d596089ffb1fa811b151734f591791c8d53219a3fdd9ea5cf26e1b134cc6SevDesk version 1.1 suffers from a persistent script insertion vulnerability in the application dashboard.
b44b3d91f0262e0b448dcfc054371b496431ca08b92de3910209721ad41b89f1Foxit Reader versions 7.1.3.320 and below suffer from a pdf parsing memory corruption vulnerability.
bd04944c6132e51165de2cd47879e4605bc439659bd47936955cab36552e79aaOS Solution OSProperty version 2.8.0 suffers from a remote SQL injection vulnerability.
afb9d76a0580b59eef035727449af6742f88e1ec6208060bf24d021e74f952d4Ninja privilege escalation detection and prevention system version 0.1.3 suffers from a race condition vulnerability.
0c04f125429ae3d5bf78e45cae4f47cf93b72213a6ec0a6ae100e2ab1807e2e3WordPress TheCartPress plugin version 1.3.9 suffers from local file inclusion, improper access control, and cross site scripting vulnerabilities.
c7864d1f9f6c456cfb191d7c8ce59288c2188a532e7d7d1111c6f0c87c396032A type confusion vulnerability was discovered in exception object's __toString()/getTraceAsString() method that can be abused for leaking arbitrary memory blocks or heap overflow.
b3a8329c29d10dca9d7ddc4c0f46af58e29999c11da31e6009cf9c41975e1db6A type confusion vulnerability was discovered in unserialize() with SoapFault object's __toString() magic method that can be abused for leaking arbitrary memory blocks.
628689009bd04f420924af79082ba1d3c89d666f96215bfa8944020190c85c15Wing FTP Server Admin version 4.4.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
baa33a8db697aa73d142896a3bba1e7eae95cd119c23f80057b7d2cef956a942Using a crafted tar file bsdtar can perform an out-of-bounds memory read which will lead to a SEGFAULT. The issue exists when the executable skips data in the archive. The amount of data to skip is defined in byte offset [16-19]. If ASLR is disabled, the issue can lead to high CPU load, and potential CPU exhaustion in single-core hosts.
fd0fb753afd7d4f8141a07df1844dc319539bc557bf657925079de4444885e9aUntangle NGFW versions 9 through 11 suffer from a cross site scripting vulnerability that can allow for remote code execution as root. They also suffer from an information disclosure vulnerability. This is a follow up discussing additional attack vectors not previously disclosed in the prior advisory.
e86c9969d013c35f87d327a8f236b5f675e69ae24e898f23a4e957c0d77bf3adPayPal's Marketing web service suffered from a remote code execution vulnerability due to running a JDWP server.
9853c32d02d8c001fa92b9d3e97eabbcee48dfa8b41649e9b38b8311a72758caSonicWall SonicOS versions 7.5.0.12 and 6.x suffer from a client-side cross site scripting vulnerability.
677993c8c06c4decc97efbcbd2bfa770f60f4cac9d6303c6d4ea13229d44530cCore Security Technologies Advisory - The InFocus IN3128HD Projector is vulnerable to an authentication bypass in its web interface login page, and is missing authentication for the "webctrl.cgi.elf" CGI file, which allows several actions to be performed or configured inside the device. Firmware 0.26 is verified vulnerable.
43fb2590b9fc435e2c9ebe21968f5729e87d0846d203db8e44a8e274d09e864cProjectSend version r561 suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities.
29d896ac590fb902688a8def54fd8f901bc1d97ee250f682f184d6620674de0eWordPress Exquisite Ultimate Newspaper theme version 1.3.3 suffers from a cross site scripting vulnerability.
5638e9618253bdbda4e9cb5c3397585b53f03bbb25f90ea69aec66e823644843WordPress version 4.2 suffers from a persistent cross site scripting vulnerability.
ef94590cf5768ff21a652878473304f3150a74395f438f8b10ecd2800eee2c48UniPDF version 1.2 buffer overflow SEH overwrite denial of service proof of concept exploit.
934be4720b0e5b95ac2e7b102bbe4bd5203c2d9abc16b79d5c687604745e30ceMiniUPnPd version 1.0 stack overflow remote code execution exploit for AirTies RT Series. Provides a reverse shell.
498f2c5bf24844ab26545a5525a97f66a570ba969b3a46e477e4b93e5982d9b2OTRS versions 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 suffer from a persistent cross site scripting vulnerability.
2e3f4aa9bd8270be5647e928e03c289520cddaae59e541df172d313c213650b7VideoSpirit Pro version 1.91 buffer overflow with SEH bypass exploit.
4a610b7c8fb559b4026157db23297421051705f258bfe8264267c8d6838a889fSimple proof of concept tool to leverage remote code execution on the Legend perl IRC bot.
7ed64a03ba8a28e4a3162e46f413835566f71dbc30233138782e899686ac85d9WordPress WooCommerce Amazon Affiliates plugin version 7.0 suffers from file disclosure and remote shell upload vulnerabilities.
6bf85916f8328ca14bfba59426f65b3d54e44bb1f87dfe285d315cafe7390693This Metasploit module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin versions 1.3.3.3 to 1.3.9.5. It allows you to upload arbitrary PHP code and get remote code execution. This Metasploit module has been tested successfully on WordPress WPshop eCommerce 1.3.9.5 with WordPress 4.1.3 on Ubuntu 14.04 Server.
f619d802b93d34eebff17a8861709268616692a3263b82947bee155839965331
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed