This archive contains all of the 253 exploits added to Packet Storm in May, 2011.
e7bc798f4cc81eb1e408b098635f727cGuru JustAnswer Professional version 1.25 suffers from multiple remote SQL injection vulnerabilities.
d7771e297caa5d610e3a0e1998993869iPhone4 FTP Server 1.0 empty CWD-RETR remote crash denial of service exploit.
79657b665e9fa419c1fae8360ff6512fThis Metasploit module can be used to gain a remote shell to a Joomla! 1.6.x install when administrator credentials are known. This is achieved by uploading a malicious component which is used to execute the selected payload.
770f64482cd13284a81000f0afe6bddbA vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and then store those credentials within the notes_db. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.
b819205651e4caec804b0148a1d22d71Kentico CMS versions 5.5R22.23 suffers from a cross site scripting vulnerability.
c22edd73b708209a777319388b6c9d45This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
a474da5b9be867cdebee725b28be40fbGloDerWorks suffers from a remote SQL injection vulnerability.
d48b24a2e088c09d886171467bc9b073Belkin G Wireless Router with firmware version 5.00.12 suffers from a password hash disclosure vulnerability.
0b0b24201b67df4507c45b4baae53759This Metasploit module exploits multiple vulnerabilities found on IGSS 9's Data Server and Data Collector services. The initial approach is first by transferring our binary with Write packets (opcode 0x0D) via port 12401 (igssdataserver.exe), and then sending an EXE packet (opcode 0x0A) to port 12397 (dc.exe), which will cause dc.exe to run that payload with a CreateProcessA() function as a new thread.
2b8a3b2a358404af9856bc15f95108a4Websolutions suffers from a remote SQL injection vulnerability.
76d87afb1a59cc88f7a5868a6bd9369aBrother HL-5370DW series authentication bypass printer flooding exploit.
3c6391339b0105425851f345e7a9b485MSN Live Messenger version 14.0 Plus! suffers from a DLL hijacking vulnerability.
87d29737443f7dce2453bf1ae1338a8fCallisto 821+ ADSL modems suffer from cross site request forgery and cross site scripting vulnerabilities.
a771779480eee0d21e9b77d892b978f3Apache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site request forgery vulnerabilities. Proof of concept findings included.
46e0efc2873583daa101dbff8dd69e8eApache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site scripting vulnerabilities. Proof of concept findings are included.
781440f7cd26f179cb2f4c9001c1fe12w-Agora Forum version 4.2.1 suffers from a shell upload vulnerability.
403d4f200430d420e4ecd7b504d0c0faForticlient SSL VPN suffers from an insecure lock file creation vulnerability.
6bd9ddf64d7fb42a9ad767e5302a72aeTinyMCE AjaxFileManager suffers from a shell upload vulnerability.
5b4b705b66c67e3b039a9a5676534733The Joomla Joomnik component suffers from a remote SQL injection vulnerability.
522a9ed1cc946710f7f29347dbde1ccbHP Data Protector Client EXEC_SETUP remote code execution proof of concept exploit.
5b408a4ad9db16208636f5c645165cc5vBulletin versions 4 through 4.1.2 are vulnerable to a preauth SQL Injection issue that may be used by an attacker to extract user credentials, and potentially gain administrative access, potentially leading to remote PHP code execution.
23ef7ac73e51aaed5fc2776d5e7fcf9fThis Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
e0cfda04866c569459b89b151b76b785This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
16aaccb7754cf34c355d08373881a6f5nvisionix Roaming System Remote metasys version 0.2 suffers from a local file inclusion vulnerability.
1b3694b5fb0b741cb9fa850e0255bd6a
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed