ApartmentSearch suffers from remote SQL injection and insecure cookie handling vulnerabilities.
f70664f1159346a32dca8e14d11a30139bed900ebb07ff196dbbd374ada33bc1BannerExchange suffers from an insecure cookie handling vulnerability.
e6d0111b2dca63521463c8ae4ca37a41f3c50211060634a71c8b9853bea7d921ClassifiedUltra suffers from remote SQL injection and insecure cookie handling vulnerabilities.
9a674906fdb7031cbaff11a38e68a300bf41c37b405c77bd92d4b8944bce45d2GameRoom suffers from a remote shell upload vulnerability.
a9ec7763d3e0bc2e157489e25db92ed4476ea0edf90e465bfce5d050a379aeb5Fonts Site Script suffers from a remote file disclosure vulnerability.
8d0749bec84e8468c254282169645aafae25ea0c7bf0c66066c95dc31e4a76b0PLS PLA WMDownloader proof of concept denial of service exploit.
58723fafbe0a13a70b30f483aebbfa7a0bb5aca7d0cb7d5d97ac8939e9185028osTicket version 1.6 RC5 suffers from a remote SQL injection vulnerability.
01c73a88cbfab7465580491f7f4e97899dda1ff7a5d9a516e04f11303f9fdafcosTicket version 1.6 RC5 suffers from a reflected cross site scripting vulnerability.
c0f6f29fe0189dab5804cfd0a4ebd7b44b06e5d7695e3669030949749e416e3cFlaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
6b3ebf2a7a39c7c5203cde6f4027d748b138e372cc4996244b973486d32706b4Whitepaper called Building Your Own Shell-codes.
86ef527d9aa10343480e09786cd1e4d1938ad0c3b246d7d5f2f5973fcf16289dUltraISO version 9.3.6.2750 local buffer overflow exploit that spawns calc.exe. Written in Python.
3a37514859add1cff54bec0372109f4964da0dd81e184d0298c7ccab2cfe5e1dZomorrod CMS suffers from a remote SQL injection vulnerability.
0b26af37ace660ffd257755a383e61ab47239725ba11dfff398513d5f7365922Newsletter Tailor suffers from a remote file inclusion vulnerability.
d5a917e2d95aa23b1b63f5751fdbc33d48d9a93fcd4f61f46d71fdc6fb2c5508Various product from ARWScripts.com suffer from cross site scripting and remote SQL injection vulnerabilities.
35e3c63c76f4df3b619c33c2867fe717d4da902b054619ffbcc1dfc3e0428136A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious PowerPoint PPT file. The specific flaw exists in the handling of TextCharsAtom (0x0fa0) records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy copies user-supplied data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the credentials of the currently logged in user.
8e1c23ac15700c930c9745ee6e55c11fbeb356f471c8041790add6cbebb32c65Limny suffers from a remote shell upload vulnerability.
ce4958a529d1e760b0bfda8b73f662f612126e8d2adc32df7041e151c4c91fd0phpMiniSite suffers from an insecure cookie handling vulnerability.
abb797a1cbdbeb51750c59fd85c4e4888087ee4a570730b1e83e2bca599e59bfvBulletin Adsense suffers from a remote SQL injection vulnerability.
a219122b84ab22aebec20e7ea061e96fc62e32affca9485b6515c03632753173
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed