Gekko CMS appears to suffer from a file disclosure vulnerability.
fc10d007f192d991f48cc9832fb49312This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.
8dc19f398388284a81cf2ecae5005436This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.
d5c7b728cc34e438d56471e6fbda49bdResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.
6f23782d3add86957f122b199a5849ecThis Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.
c93d65487a1c0efc12fc9a8a68adc5dbLogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.
2427d2cf98e92db38be0f21c58da1065Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
7b79d17eacb9df80bafc88ab8fbbdabcpragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.
5433c6278bfe6b6212f911b0a46eda42DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities.
476adc1bf90918f7ad3741caca2d770eSocial Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
46affb7ec997a27515c12a50d78d65f6Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability.
d94ce6017c8d48224a7a09c0a77c7c0eWireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities.
b69533c3c9d8a81ed6f166ce32f3088dWireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability.
e44a652926a9f450c49f6ecbc1a0cd3cJaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.
6e6b513afde6050a95045e553840c8c1bsnes version 0.87 suffers from a denial of service vulnerability.
e1b422d8ffa4c0e558e83d2d33d761f7This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
c768b9282de90ed20180d7ae12452941This Metasploit module exploits a vulnerability found in appRain's Content Management Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a malicious user can upload a file to the uploads/ directory without any authentication, which results in arbitrary code execution.
326c66024ed2135e3da4e6dab3059464PHPCollab version 2.5 fails to properly block access to data on the system.
bc86a1653dea13519ffa3cf29b1445e8YDFramework version 2.0-Beta1 suffers from a local file disclosure vulnerability.
2e0a865b7df93b06e07bffc87eb32d85mod_auth_openid versions prior to 0.7 insecurely store session ids in /tmp/mod_auth_openid.db unencrypted.
e87cd3eab63295cb00d55e62f346bb6cSymantec End Point Protection version 11.x and Symantec Network Access Control version 11.x local code execution proof of concept exploit.
174fc0f373ce2fdf3dc6f1c8d79bb041PHPCollab version 2.5 suffers from an unauthenticated file upload vulnerability.
1b7459efe1a8274c10aa92fb7e82792bAjaxmint Gallery version 1.0 suffers from a local file inclusion vulnerability.
db4ac715f286ea13414831d16f447d95RuubikCMS version 1.1.0 Beta suffers from cross site scripting, information disclosure, and directory traversal vulnerabilities.
dbca1c445b9b9049982dc2e17c9a37beNovell Client version 4.91 SP3/4 privilege escalation exploit for Win2K3 and WinXP.
e59e74f4b1cab13f13403229646f8b01
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed