Complete comprehensive archive of all 2,465 exploits added to Packet Storm in 2016.
4a1add3c48eda74eaf39e36b3a6290fde888c8a08fcd48999b625080605b237a
This archive contains all of the 137 exploits added to Packet Storm in December, 2016.
d3a179c88720d9f22cc3bcc67772715e15175710ac958d5dee24539190145857
AContent CMS version 1.3 suffers from a cross site scripting vulnerability.
8fd4012ef73824f6b27dd49f03c21c000e83eca919e32dc0da30862ce508c844
Dell SonicWALL Secure Mobile Access SMA version 8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
9c6e1e62011dc14636b4f5849d5f84a87d42f3acec586620f4296ac473fb6a89
Dell SonicWALL Network Security Appliance NSA 6600 suffers from a reflective cross site scripting vulnerability. Versions affected include NSA 6600 running SonicOS Enhanced 6.2.4.3-31n, WXA 4000 running 1.3.2.0-07, and SafeMode 6.1.0.11.
7acfa2c554a74790d4f42eb76bd861d05da2b1676d2dbb778bd9718473d384d5
Dell SonicWALL GMS versions 8.1 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.
8f794ee7fc9e35a42edc8e64fbf6ee9b23bb21bc417c3048b02542052351a465
Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple cross site scripting vulnerabilities.
4ff507814e6b70172b5af043ac9e0187e3cde0d9d9dc599e3faaaaadbb3a2be8
Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple blind SQL Injection vulnerabilities.
ed39afdb0140eefc12c029710bd973c6e28062ce928ce54e618a3047f92fce43
WordPress Templatic plugin versions 2.3.6 and below suffer from a remote file upload vulnerability.
fff3adededad0edcf403d8a8ae2510616b9205fa30fb3b7430db7969991f8258
SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.
6c8d495f3e13599fefac246580f75812ee61962841c2cff7e333f604d3caee57
Joomla aWeb Cart Watching System for Virtuemart component version 2.6.0 suffers from a remote SQL injection vulnerability.
7e01460777d0c5fa47b60fb42392b753f3aa3c93727eef86010d979434caf030
PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.
0c56ae7013e3bf2befd1a423d12185599a480137baf9d7604084810574ff6517
WordPress Simply Poll plugin version 1.4.1 suffers from a remote SQL injection vulnerability.
ef47966e67d7cfe37bcac64037fb9770922a3340d0c34e06bc26a88367e9820b
PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.
773582183b0cfc6f38ae24f52f7dfb831cd2f3410287245bc6daea84d4d8db83
Popcorn Time version 5.6 suffers from a dll hijacking vulnerability.
883530884f216f6c68ef7fc7eb9ed28a2843523eb359a4b11af300a6969b344a
WordPress Image Slider plugin versions 1.1.41 and 1.1.89 suffer from an arbitrary file deletion vulnerability.
d26c0835b8209ca0f2b538837df8ceca4fa3b26c17c033bd4da15d6d4bce5a72
PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.
dff0fa27b99b22d59b30f33bda4811c6f57a5db1cf1cab549e564bd62faa8e9c
PHPMailer version 5.2.17 suffers from a remote code execution vulnerability.
71254449b5468229de9f3d24cd3659f8ff035410115b6cf7f950f99bf518712f
Wampserver version 3.0.6 suffers from an insecure file permissions privilege escalation vulnerability.
c7e89a27153abc7ebb3140264dc5c61b0e999733bfa04f0a88ce1e56a56b9a1d
Joomla! Blog Calendar versions prior to 1.2.5 suffer from a remote SQL injection vulnerability.
d43ceeb3d57b6a55f47e13a781d0487e123a0c2f103c3250a2c4763f565546fd
This Metasploit module exploits a missing check in the get_user and put_user API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commit_creds and ptmx_fops address, then uses the write primitive to execute shellcode as uid 0. The exploit was first discovered in the wild in the vroot rooting application.
eac5456bcf0ec583938479375c419cbd5715505092e66d61115ffa99e92b6015
FTPShell Server version 6.36 .csv local denial of service vulnerability.
fbbda7e4c4d04826dd8369a377f258809c43b80bd437062af6390d7e8c6ed30d
XAMPP Control Panel suffers from a denial of service vulnerability.
f05b21834528a55bfaf91568b2e88205225e6f5c80809bcdd2ebf4368df72f26
Apache mod_session_crypto versions 2.3 through 2.5 suffer form a padding oracle vulnerability.
390f7fdc6969dd238103bdc9a74a406df47dd249a11cddc2a73743e36e51e549
ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.
1d6c349a4c1cbeebdb441bb9d71d28155836dfc3262d25c0f5027232b302026b