This archive contains all of the 110 exploits added to Packet Storm in June, 2019.
6377714e2025561461a06f0bce98b77779ff55f28b338584340fbc9448c205b5
ZoneMinder version 1.32.3 suffers from a persistent cross site scripting vulnerability.
e94efa7642936ba71bb0743ce4201017616e013258f90a2f172a6f409a8c519d
CiuisCRM version 1.6 suffers from a remote SQL injection vulnerability.
be51038e0706dd6dc4aff4592294f2d56579b86b1996c3d6145005bffe24eba9
WorkSuite PRM version 2.4 suffers from a remote SQL injection vulnerability.
db1e0a50fe88e6acf597749ecdd0ca98cf1a68fec7ff0a0baf78a5ef34b6564a
There's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%\system32\cleanmgr.exe. Since it runs as Users, and we can control user's environment variables, %windir% (normally pointing to C:\Windows) can be changed to point to whatever we want, and it'll run as admin.
58e8c9a2922eb9b32f5e84d467e3b7a8e02cbd89977b2287f299fcfa861a0d71
JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.
4fc1b906250e6f6a8054f27ecadabf5ff49d66951ffa585578a40731082a91b1
Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.
69c0f2eade7e52a983ec44cfcf350ae8215fde7477f5777ca054bbb2cdd25e60
LibreNMS version 1.46 addhost remote code execution exploit.
e097a34b58d0c2df9716a65556604b2510639df3b7a0b98498f57b52615842f2
D-Link models DIR-652, DIR-615, DIR-827, DIR-615, DIR-657, and DIR-825 suffer from an administrative password disclosure vulnerability.
836a2a284ed2a9985417986d306b4db1f5742beca7f44da2a471cb893fd99d6c
This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell.
497ccf076e88aa8797c172933964fb4ad92dddf4ca42816ab9c5f28af82b486b
BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from a path directory traversal vulnerability.
6a2c42641d4296f9a21aee848c4725f2494a67b5f3c258c250034179e2a48cf2
Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities.
f3304438db41066a361a9c48682e8fe987bd5904a7ad099883d46442445cc1a3
WordPress Live Chat Unlimited plugin version 2.8.3 suffers from a persistent cross site scripting vulnerability.
ab8bc1948bcdc3f2bfb4fe1c92cd333ba1e13b7b2227e3a9a5462063b0160841
WordPress iLive plugin version 1.0.4 suffers from a cross site scripting vulnerability.
fd619811b05b204dfc56b440e51d9beff8359cf1c99ba855c68323667b6eb6f7
SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability.
8c2ffa8c45bd6258d34b73f2418379b89138a62e8600141be0baac10df62bde8
SuperDoctor5 implemented a remote command execution plugin in their implementation of NRPE that can be leveraged without authentication.
d6c0429243c969acaf8ffc7a427c26c5b9f2c01b2c9571c53034ba8870bba0d9
Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.
9e304ae2a07d3108f6f5ef85d1c28d031eea4e4fd06da0f3643edab9e09c52ee
The Windows Font Cache Service exposes section objects insecurely to low privileged users resulting in elevation of privilege.
dcd4603b5df7584c96b28ba89a54652b0a598775dce738ad4fce99ceb40bfde3
Microsoft Windows suffers from a CmpAddRemoveContainerToCLFSLog arbitrary file and directory creation vulnerability that allows for elevation of privilege.
e9fe2f31e8d857a922afac6a9b0dc08c238b42596dd0c0b56fd16a1c45e94752
The IDAL HTTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server. The IDAL HTTP server does not safely handle username or cookie strings during the authentication process. Attempting to authenticate with the username "%25s%25p%25x%25n" will crash the server. Sending "%08x.AAAA.%08x.%08x" will log memory content from the stack.
2710131973cb651b312b3b4490bb6638b5ec8ddf6b94183de3c0860cb2228091
The IDAL HTTP server is vulnerable to a stack-based buffer overflow when receiving a large host header in a HTTP request. The host header value overflows a buffer and overwrites the Structured Exception Handler (SEH) address with a larger buffer. An unauthenticated attacker can send a Host header value of 2047 bytes or more to overflow the host headers and overwrite the SEH address which can then be leveraged to execute attacker controlled code on the server.
2421624e7ad840181ca84c4621cdcea0f08c090f97ea23834ea7b42bf7a3e813
Fortinet's FortiCam FCM-MB40 product suffers from root code execution, privilege escalation, hardcoded key, and various other vulnerabilities.
9f2f94c84dfd3b5547608074fb33e50712d22787afc74eccddf998d33fd24309
SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.GroupMgr.php.
858fb99e5e36779263c2e779c1c6c5b5f9c3310453df4715374cf21fdf6c2304
SeedDMS versions prior to 5.1.11 suffers from a remote shell upload vulnerability.
2e81d288604fec50132b6f4b1900c03daee7000f172b691749bfbdf578667cb3
SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.UsrMgr.php.
0dfb58e7e058dac851138d94079c3d5de11edd4c0ecb6b3903aceff14a62a710