Packet Storm new exploits for April, 2006.
3fcdf00d37fb67293877100733a03a81Libxine versions 1.14 and below MPEG stream buffer overflow proof of concept exploit.
ecfaa7d99c321245838047a4abc6b374TopList versions 1.3.8 and below are susceptible to a remote file inclusion flaw.
f6a7e598e46406778c41f449315c7e01DirectAdmin HMS is susceptible to cross site scripting attacks.
42f94f0eb01d2bc2a5bc43084e6a400cpoll.pl in ronpoll is susceptible to a remote command execution flaw.
3d9303dbb91e5951e45d2430ec08b824A remote file inclusion vulnerability exists in OpenPHPNuke versions 2.3.3 and below.
5c313a5ff18c962da58bb473050a9014A remote file inclusion vulnerability exists in Knowledge Base Mod versions 2.0.2 and below.
e5d33dc038d1d1357af8c34da8da6420A remote file inclusion vulnerability exists in sql.php from Limbo CMS versions 1.0.4.2 and below.
2f9888bf109fbec8260dd401f2ed3a4fMyBB 1.1.1 suffers from several SQL injections in the administration panel.
1b2edbdb14193710dc304b9468c50648BL4s SMTP server versions less than 0.1.5 suffers from a flaw that can allow remote attacker to cause a denial of service or execute arbitrary code due to a buffer overflow in the SMTP service.
905bed11cacb4ab6224c1bbe3fdd8c4aInvision Power Board 2.1.4 SQL injection in func_msg.php exploit.
2fede22903097f04eba8afe5b7bdccfbCoolMenus Event suffers from a remote file inclusion vulnerability. POC included.
8b1617008460f9d14a481b020b124477Artmedic Event suffers from a remote file inclusion vulnerability. POC included.
d77c40e326b600644a72ee6615c4b2e2I-RATER Platinum suffers from a remote file inclusion vulnerability. POC included.
1f52835d4b176669447600604f71d2a2An example of a return into libc exploit that possibly works though grsecurity patch protection.
fb96640bf2648c2a5f3ec348f79a5079FlexBB 0.5.5 remote SQL login bypass exploit.
8d89b0e5a63afbae31b183270a44ac7eNeon Responder 5.4 for Windows suffers from a DOS - sending it a specially crafted "Clock Synchronization" packet causes it to crash. POC included.
a03fdc22463117f2bc324e0f2f615e20phpMyAgenda 3.0 Final suffers from a Remote File Include Vulnerability in agenda.php3.
602b82cf0b5b871c177b8903c06a345cexploit for Oracle 10g 10.2.0.2.0.
79f77b624d7570912c3028d56fd38c5cA perl script to bypass the OCR Shop XTR vvlicense validation scheme.
5a8d344a74f43c4c874f00d2f4884b1cexploit for SQL injection vulnerability in confixx professional 3.1.2
fe6debcae0c63f0a248734b0e80893edFlexBB 0.5.5 function/showprofile.php remote SQL injection exploit. Grabs admin password hash.
5ca3e2a3f3a3dda7393369324bce1080Invision Power Board 2.1.5 remote code execution exploit.
fb97144f7f18d89a32b5119c5f9df68aPOC for the Internet Explorer Modal Dialog Issue: A malicious user could create content that would request the user to click an object or press a sequence of keys. By delivering a security prompt during this process, the site could subvert the prompting and obtain permission for actions that were not necessarily authorized.
61e232351a27c299047e672cc590d23caxoverzicht.cgi is vulnerable to remote file inclusion.
da64f752dc396a5c09e52b9da7a8dc84
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed