This archive contains all of the 201 exploits added to Packet Storm in April, 2020.
de2d54c316e5e787807ce732ad25725f5943fb8ff779b4e4998d4f670f9649c6
PHP-Fusion version 9.03.50 suffers from a persistent cross site scripting vulnerability.
93888b7013296958415c64c90fe2338b37bbb4b8f83c1c8cd6184a3d0aee8baa
Online Scheduling System version 1.0 suffers from an authentication bypass vulnerability.
6afcc5b0051b6eec0e838842890ca8ab551609a47811313dd84cb767b3e02fed
Online Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.
872919a2779e6e04e5d200971fb18ef5498c54070aaccf8201ff0a606608bc9c
VirtualTablet Server version 3.0.2 denial of service proof of concept exploit.
e9c444478a217681ecd30e4776665550aa7a618d4013ed3cdb86ad100fd86fef
HardDrive version 2.1 for iOS suffers from an arbitrary file upload vulnerability.
0c34b14b82c1c179e184b9fb03967beb613f81201373e46509c51dd3086c8082
ChemInv version 1 suffers from a persistent cross site scripting vulnerability.
ce55a4c9abc9f7ac209d854759125740884e7c0fcb843b7e2e23ca696c5974d9
This Metasploit module exploits a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro version 1.2.4.
0f186f161bc8220e1b6f8e1a04626191746fd3904db4d3e3cd00c8971c1ab028
Druva inSync Windows Client version 6.5.2 suffers from a local privilege escalation vulnerability.
31dfb7b5bc6e0e8460608ac6efee03fdb1a7159259a19815bc7b9c3106a68129
hits script version 1.0 suffers from a remote SQL injection vulnerability.
5d84239f404367cfcc0755fee28879cc891111f6491a780d5fbb098b79daa891
EmEditor version 19.8 suffers from an insecure file permission vulnerability.
a90bafdd2cbfefa34fbbea58c90b700449be9cad9a3c7d2b1c6cd4b3582cdd28
Gigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.
4f94429e64d9c424c9369febb776c41eae261c908658edff22b96292c43a0a65
NVIDIA Update Service Daemon version 1.0.21 suffers from a nvUpdatusService unquoted service path vulnerability.
503db033cf0df9a8ab28aa60846bb44ef7310c0396452231a748fdc182ab89db
Open-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability.
5893982b84476fb326ba71dec7355182063aa15846f74c2968e884acb1e5e0f0
Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
d8e9402b9604c3706a2115909b60726c461d0262c2196626918539a2164e5352
School ERP Pro version 1.0 suffers from an arbitrary file read vulnerability.
66a872f32ba02b4e93f374c2a694f871df9e25610abafbc0a4b38e5fd174d855
School ERP Pro version 1.0 suffers from a remote code execution vulnerability.
33658e4687b6ea2e6df5c71aff06b7bc6a7911ddda6e8d799b37b244ce516874
School ERP Pro version 1.0 suffers from a remote SQL injection vulnerability.
052180169bf27a5bc9f67877a3e2052703c7f8daad6418218cd20b54baf72ead
Andrea ST Filters Service version 1.0.64.7 suffers from an Andrea ST Filters Service unquoted service path vulnerability.
f302dd9172e1413837eedc0b280c043bc3dea9f1b24226c8ff9ee918187ebe99
Chrome suffers from an out-of-bounds access vulnerability in ReadableStream::Close.
0c4354e2d883e9008f418c20b53a6697d384f98bd55b8f13e5cac05115930417
File Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.
ea14301d1a375382b614cf4695eb405fac6da803f565cb546fa482ea056bcd0d
Transfer Master version 3.3 for iOS suffers from a denial of service vulnerability.
b9a6596f4343d975491387b6c0efd8201358ab2d43217453fd2b457c61b63294
Internet Download Manager version 6.37.11.1 suffers from multiple stack buffer overflow vulnerabilities.
bf2fbd139c8279731a36484b54ed8b9dfec5b99d1a3463612d1cff48e2e54c22
File Sharing and Chat version 1.0 for iOS suffers from a denial of service vulnerability.
c66a7b587e5d56766ddbffc738da93fb383a62c08ea701cd5be6321bcf2549ea
Easy Transfer version 1.7 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
e1d1fd4ef3b5d9a2ecd4486677c8c2bdaa9be2ff977e3a1ce3b6718426fcbd30