This archive contains all of the 235 exploits added to Packet Storm in February, 2018.
8c2ea1ab1921c414e501a26f12905bc1e8f5166b0b4d784b400a19d2516d0806
TestLink Open Source Test Management versions prior to 1.9.17 suffer from an insecure direct object reference.
0910df37fb4c03268b6c09f2acdee5ba8b437d90519a496c092a0421442672d9
AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
d35bb1a5d3f761c3ff0d4cfa73dd81a7c335da6fabac0fea007e4f5814a538e4
Routers2 version 2.24 suffers from a cross site scripting vulnerability.
656c1fd056b23aa3b04843f9ce4f60bf1548dbce63cd318d5904c1fe2e28549e
D-Link DGS-3000-10TC with firmware 2.00.006 suffers from a cross site request forgery vulnerability.
717fd8dd46edd9530a1410930e153f70e4c7a7782e591a4475ba5d12b792139c
Apple iOS version 11.2.5, watchOS version 4.2.2, and tvOS version 11.2.5 bluetoothd memory corruption proof of concept exploit.
5f8953b66fca448151f5a297216335adee4b18b9b5c9dcce6a6c97b8961b820e
ClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
9c6e2a39e41028f37a5698b02254f9b2ad0ed428ace7ac29e792084d6d5b69b5
Sony Playstation 4 (PS4) 5.01 through 5.04 webkit code execution proof of concept exploit.
50707ec1ea6cb183b1acc58f4a9105b02ed91e670bbbd52694de03322405d4b2
ActivePDF Toolkit versions prior to 8.1.0 suffer from multiple code execution vulnerabilities.
bbe1907fecb7b9d4c5a5f2a491197a7b33927ecda949f5cdea144209dab0a47b
School Management Script version 3.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
45f216a66035e45b3a0b6dfe7aae25b6acdba66900fb85bda6fbfee2de3b4510
Joomla! K2 component version 2.8.0 suffers from an arbitrary file download vulnerability.
dc0c6b2f4c60b6b559ad0e56bf7a8207b044e34e6306339dae07b27da071a578
Sony Playstation 4 (PS4) versions 4.07 up to but not including 4.55 bpf local kernel code execution proof of concept exploit.
0a80756cef32e8dfd86910fdf5196720b1d7040a5d57e9fdaa25c56b05e7426b
Microsoft Windows versions 8.1 and 2012 R2 SMB denial of service exploit.
2d61926739ef489e55031fa18143cb2f0cef2d256919289fb41f646dedec04e4
Concrete5 versions prior to 8.3.0 suffers from enumeration vulnerabilities.
fb841081833ce7bda90f4c30fa3ff82541f8aae542692e8b4781a3128b4b6ac7
MyBB My Arcade plugin version 1.3 suffers from a cross site scripting vulnerability.
6bebe42fea553fd01b350d3c3a22346f11c933d69ec6010f0f00e66caf42073b
Schools Alert Management Script version 2.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
666d800ac5246d4a537bb9b76689a2facf3b7ec48c51e13335170e839e6f33df
In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not contain any code related to defeating anti-piracy mechanisms or running homebrew. This exploit does include a loader that listens for payloads on port 9020 and will execute them upon receival.
eba51f80848f00f666976cb2e9bb1936b74c8847d8afaa983131dfe6a891da56
GetGo Download Manager version 5.3.0.2712 SEH buffer overflow exploit.
c403a2fb0efc8e2ed3bd05ca2a54019570e1d8ed5514bd37cbe4ab7afa40b188
Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.
f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.
dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74
Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.
bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00
Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.
7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460
Torrent file parsing in libtransmission suffers from overflow vulnerabilities.
54ad18d8336156df7524e96c3d9da8e72a4e6da0788daef159edd65d3ca2b6b4
Chrome V8 suffers from an integer overflow vulnerability with PropertyArray.
78544b73868b4a617f838b6eedac6007779756c897dfb03b1166522de63fa42c
Chrome V8 suffers from a TranslatedState::MaterializeCapturedObjectAt caching bug.
c58dbf70a613c66bda60e5bdc9cedbc4e6777ffa60ce1c11ea4b8bd448b8f253