This archive contains all of the 146 exploits added to Packet Storm in July, 2019.
b76e4eafb33b19c70ff52b280e2dece0f32608ff1186210f33b753f9bee0202c
Oracle Hyperion Planning version 11.1.2.3 suffer from an XML external entity injection vulnerability.
0d39d0644d09bb4d3dfa4a22cb5642fb82abaeb26cae5531a648ce129b94e1a3
D-Link 6600-AP suffers from cross site scripting, key extraction, shell escape, config file disclosure, and denial of service vulnerabilities.
f580de2e06dbdc5921970071619ee06bb483b9211619861239ad47358475cfa6
iMessage suffers from a memory corruption vulnerability when decoding NSKnownKeysDictionary1.
f3f3a02ba980c223208ec503d2c4f3f27010697688b8d75d71b43f8085694f67
iMessage suffers from a vulnerability where NSArray deserialization can invoke a subclass that does not retain references.
06b590135e589bcd01f211a6bf1d481e9256276cf36f296ebd6050a735c1853a
iMessage suffers from a vulnerability where NSKeyedUnarchiver deserialization allows file backed NSData objects.
6c7c840d2fc2b11f68245ed1c1330a7246311f86308b102d287fb1ef3322a711
WordPress WP Fastest Cache plugin versions 0.8.9.5 and below suffer from a directory traversal vulnerability.
a48aa7f98293e513ef94ab9b82442089b2529f76733376c84e5da8863c042fd3
Amcrest Cameras version 2.520.AC00.18.R suffers from an authentication bypass vulnerability allowing an attacker to retrieve audio streams.
34cf3ecd349123700d9ee80c886a5fee2647aec2c36415ca9f6b58690d283c65
A bug in JSC YarrJIT initParenContextFreeList allows for bytes to be overwritten.
038399bf2390bfa66637b2a2feb687184873772e215bfdc1e773cfc1d47d7c58
JSC suffers from a data mishandling bug in ytecodeGenerator::emitEqualityOpImpl.
8bea8fb18d0ac7ce60485d227dcad33f12182219301a7157fc251e6f00c07bfb
This Metasploit module can be used to leverage the extension functionality added by Redis 4.x and 5.x to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.
8a25e4a7af0bb0c47237e268c64439b1ccedef5a35d240b4946e5ec04d9df945
WordPress Simple Membership plugin version 3.8.4 suffers from a cross site request forgery vulnerability.
7e996b9a0d5c55ce682f3a72f364856b363009662f11039014a1b488c29f8035
NSKeyedUnarchiver suffers from a use-after-free vulnerability with ObjC objects when unarchiving OITSUIntDictionary instances even if secureCoding is required.
63703796ab8c03a5e2f4d71cdf0827418691b14bf48da00e28c71cabc8224370
GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability.
12e787f5c5392e49c6311a9b44f43ad57ccb50a5642eda646cd6107b1814c708
WordPress Real Estate theme version 2.8.9 suffers from a cross site scripting vulnerability.
8ff267fb390b5d90824ed48ea7bb321959b47eb88d718c974b7723ccf7f65c7b
This Metasploit module exploits inadequate access controls within the Schneider Electric Pelco Endura NET55XX webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NET5504, NET5500, NET5516, NET550 versions.
9f1a1fca209500f23a5d828a6c170bd77e26b7a3c4b045f75fc08a8419a6a484
There exists a command injection vulnerability in the Wordpress plugin wp-database-backup for versions less than 5.2. For the backup functionality, the plugin generates a mysqldump command to execute. The user can choose specific tables to exclude from the backup by setting the wp_db_exclude_table parameter in a POST request to the wp-database-backup page. The names of the excluded tables are included in the mysqldump command unsanitized. Arbitrary commands injected through the wp_db_exclude_table parameter are executed each time the functionality for creating a new database backup are run. Authentication is required to successfully exploit this vulnerability.
401ad527c7daa315ba1bf0e69bfa9cc8df0e398c4a05459107a808ada7823a8d
Zurmo version 3.2.6 suffers from a persistent cross site scripting vulnerability.
78dd4cf9cac1ce59afb343a7d09687c57a8237d03c13a57ddf725f905d8fdbfe
Zurmo version 3.2.6 suffers from an iframe injection vulnerability.
be149ee47f765fcce8f2b2994d34e9eaee177b91190c25d3cb463249050e9ac7
Zurmo version 3.2.6 suffers from an open redirection vulnerability.
8b719a489c483b76d9ccc18497e929ce77707eb873424068907ff05ba6b03807
Zurmo version 3.2.6 suffers from an out-of-band code evaluation vulnerability.
7c3e153c94a1ce42cab8549f0468f88ce426261b7a57e8d156c769fa02e84043
Ahsay Backup versions 7.x through 8.1.1.50 suffer from an XML external entity injection vulnerability.
dd8c01c9f85afcf5145302b1adfc9557936417386490d477aa5caa61b6d6728b
This Metasploit module exploits an authenticated insecure file upload and code execution flaw in Ahsay Backup versions 7.x through 8.1.1.50. To successfully execute the upload credentials are needed, default on Ahsay Backup trial accounts are enabled so an account can be created. It can be exploited in Windows and Linux environments to get remote code execution (usually as SYSTEM). This module has been tested successfully on Ahsay Backup v8.1.1.50 with Windows 2003 SP2 Server. Because of this flaw all connected clients can be configured to execute a command before the backup starts. Allowing an attacker to takeover even more systems and make it rain shells!
83afb5ef0b4fb3cbf8a67a2f3aef040fe1e3f8026ef03cddf56dee9c7ba91e49
Ahsay Backup versions 7.x through 8.1.1.50 suffer from authenticated arbitrary file upload and remote code execution vulnerabilities.
8f297f63226a55c017752fbfc4e3ad2b92918ea609bfd8418e0ea5ca9cf59421
pdfresurrect version 0.15 suffers from a buffer overflow vulnerability.
6573e21a72fbf0b36261b1749b306359e3b8af17322ae8b0324340888de8e1f4