This archive contains 191 exploits that were added to Packet Storm in September, 2015.
dbcc2c23f380e55442959b7f96b6a54560db3fece32bfae2df7c76134db406d0Kaseya Virtual System Administrator suffers from multiple code execution vulnerabilities and a privilege escalation vulnerability. VSA versions 7.0.0.0 through 7.0.0.32, 8.0.0.0 through 8.0.0.22, 9.0.0.0 through 9.0.0.18, and 9.1.0.0 through 9.1.0.8 are affected.
1c99f00ec0d2ed27ea5157a13205f5e690ec57a19a7df31ce5375b1b3e123c64Mitsubishi Melsec FX3G-24M suffers from a denial of service vulnerability.
11305edb69fbaa63801ee810fdf8c773dad4fb7309cec538b632d1ce094cd87eWestern Digital My Cloud with firmware versions 04.01.03-421 and 04.01.04-422 suffer from a command injection vulnerability.
5d13f0de1e0b2a53135158203c1905e87a858a9bdaaed71017ec7b5b3450f136WordPress mTheme-Unus theme versions prior to 2.3 suffer from a local file inclusion vulnerability.
12285bc1e496cd6d4315b9ec60b09a7ec673603539932383c3d6766aa6187a63Centreon version 2.6.1 suffers from a stored cross site scripting vulnerability.
6681b871f00d7c1d0d12d5de3f5e49d61b5ac631bdcefc4a0db93c3a54e96145PCMan FTP Server version 2.0.7 suffers from a directory traversal vulnerability.
e377ce572fb44bf79adeccd6d80f6e799f096b1c0279f26b2d558839516a13bdVtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability.
96b388a6a1d5f8b1624567791aa9ea216d7831e2fe9b587518ffa4e13d1e477cCentreon version 2.6.1 suffers from a command injection vulnerability. The POST parameter 'persistant' which serves for making a new service run in the background is not properly sanitized before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands as well as using cross site request forgery attacks.
de65336a8a68b4177f682854c6416feedbbf44c0a5ff31835c174e78d0ac4037IconLover version 5.4.5 suffers from a stack buffer overflow vulnerability.
96362c631d4c3b738ce245283544cd680aad9448b9f8b0b08fdb3b35d96e4555Photos in Wifi version 1.0.1 suffers from a remote shell upload vulnerability.
4a00b037a1dc3051f06630d1a90f45ed20afc5751a1f8f286020dfd2832f6a2bCentreon version 2.6.1 add administrator cross site request forgery exploit.
fb7aeb82618878ab24c9f5c4140479064eb157f08ed35e744bf8bc3096f3f188The latest version of the Vector.primitive length check in Flash 18,0,0,232 is not robust against memory corruptions such as heap overflows. While it is no longer possible to obviously bypass the length check there is still unguarded data in the object which could be corrupted to serve as a useful primitive.
8a4222c338a3d67f609ec341393b261bae85b7cd1930829eb76c347db90be962BisonWare BisonFTP version 3.5 suffers from a directory traversal vulnerability.
1575080d2288468ab9940c569c8d1809df7eea9a1a1378d054311901e42a6d5bThis Metasploit module exploits a SQL query functionality in ManageEngine EventLog Analyzer v10.6 build 10060 and previous versions. Every authenticated user, including the default "guest" account can execute SQL queries directly on the underlying Postgres database server. The queries are executed as the "postgres" user which has full privileges and thus is able to write files to disk. This way a JSP payload can be uploaded and executed with SYSTEM privileges on the web server. This Metasploit module has been tested successfully on ManageEngine EventLog Analyzer 10.0 (build 10003) over Windows 7 SP1.
883715a7f63b19f3be245204a59084b8ad642d1866b7fdd2c6b33080b2dcb675Proof of concept exploit code for the Linux Rowhammer DRAM privilege escalation vulnerability.
489f5aee79c282a129929f43e430e1183b4104c9deb7c71d43c23c88bca7a02cCentreon version 2.6.1 suffers from a remote shell upload vulnerability.
d6f7d3dc2b9d187d9f488cbf0e34984b389cdb34f36401b172e21e70df766956WordPress Appointment Booking Calendar plugin version 1.1.7 suffers from multiple cross site scripting vulnerabilities.
e41e23f354eb6f4f08e77c00b69191422177ba4009cf99f1480256bf86d9069aProjeQtor version 4.5.2 suffers from a remote shell upload vulnerability.
081258bf82d0ffd88eeb2b6c53406776966e393e12f59c27c56af0870c182791Collabtive version 2.0 suffers from an arbitrary file upload vulnerability.
b1ee0eb6e9437d18623734420a78d2cd726cde7dca6939be3c5774847879e5a4Mango Automation version 2.6.0 file upload and arbitrary JSP code execution cross site request forgery exploit.
369af63a236f59835ae9d5a84423f18106dbf1b5306ca3dd89941c5d6319d779Mango Automation version 2.6.0 arbitrary command execution cross site request forgery exploit.
b09f9d0d9450a157ee3b553cca92aa462e2f7e2a6ee87d0b4a8ba6fbcc0e4298Mango Automation version 2.6.0 suffers from an information disclosure vulnerability because it contains default configuration for debugging enabled in the '/WEB-INF./web.xml' file (debug=true). An attacker can entice a logged-in user to visit a specially crafted URL which will produce a system exception with stack trace on the Jetty server. When this error occurs, the debug option generates a status page with all the information from the visitor, meaning that the attacker is able to see usernames, password hashes, e-mails and of course, Cookie sessions). Using the generated error, the attacker can easily perform session hijacking and take over the system using previously discovered vulnerabilities by just visiting the status page non-authenticated.
1fbd54960e1a8376a34addc2eda82c308365f46b97f014b96b16a22e077651c6Mango Automation version 2.6.0 arbitrary SQL query execution cross site request forgery exploit.
38d00e0cab4a748a1fcc3245087d28805312e778adcb96788a6049042e972de6Mango Automation version 2.6.0 add administrator cross site request forgery exploit.
3452804cb607c2191e8133952e326e01991ce212c3686cc9fd10f03579695729
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed