This archive contains all of the 118 exploits added to Packet Storm in April, 2013.
796a707a40714a19684c71eaa704f1afa8f4783db71ca2856381cedd8088857fSyslog Watcher Pro version 2.8.0.812 suffers from a cross site scripting vulnerability in the date parameter.
915406c2f87f0049bb8834fe22f3c1981d4e58f7034f1ecd7f678170203cf3dbWowzaMediaServer suffers from a bypass vulnerability that allows for accessing of files outside of the allowed StorageDir directory.
f4564e946705fc60d5c17b51bebbe0c644dbb60355ce85b64a936c75bbf48ae6Personal File Share HTTP server suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.
35ab66e9b48e819eccea9de3c3b1264a3321487f6247141d750c465f46ab2f37This Metasploit module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. This Metasploit module has been tested successfully with SAP NetWeaver 7.00 and 7.01 on Windows Server 2008 R2.
62e0a4607ddec7e5f1da4c772ef23ba8583944002abf5e96e995e6da403c5361This Metasploit module exploits a PREG_REPLACE_EVAL vulnerability in phpMyAdmin's replace_prefix_tbl within libraries/mult_submits.inc.php via db_settings.php. This affects versions 3.5.x below 3.5.8.1 and 4.0.0 below 4.0.0-rc3. PHP versions greater than 5.4.6 are not vulnerable.
cde46aba3bb442a48c277780f2ae183ec296c40bdbad1fb176830924a1405679This Metasploit module exploits a PHP Code Injection vulnerability against Wordpress plugin W3 Total Cache for versions up to and including 0.9.2.8. WP Super Cache 1.2 or older is also reported as vulnerable. The vulnerability is due to the handling of certain macros such as mfunc, which allows arbitrary PHP code injection. A valid post ID is needed in order to add the malicious comment. If the POSTID option isn't specified, then the module will automatically bruteforce one. Also, if anonymous comments aren't allowed, then a valid username and password must be provided. In addition, the "A comment is held for moderation" option on Wordpress must be unchecked for successful exploitation. This Metasploit module has been tested against Wordpress 3.5 and W3 Total Cache 0.9.2.3 on a Ubuntu 10.04 system.
e5ac9a6fad8c4d6319f7a5b50dd28589a34b1e7d2753c81dd9c0c17b9fb0bb79Core Security Technologies Advisory - D-Link IP Cameras suffer from OS command injection, authentication, information leak, and hard-coded credential vulnerabilities.
c89524253ab599d8622f01400e1599d3a2ca11af0117966d4e4a0fe9ff04ad31Core Security Technologies Advisory - Vivotek IP Cameras suffer from information leak, buffer overflow, authentication, path traversal, and command injection vulnerabilities. Vulnerable are Vivotek PT7135 IP camera with firmware 0300a, Vivotek PT7135 IP camera with firmware 0400a, and possibly others.
fa7660e4a137a97602dd52a3f2f89792f4eba90870562d6329ab58bbcacf03d9Cisco Linksys E1200 and N300 routers version 2.0.04 suffer from a cross site scripting vulnerability.
c940fba04264c2e267af39f6a7ead1f281c2d9cc0420ff4ca58897013a5ee1c6Foe CMS version 1.6.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
f9cee0773f9203282881b7996ccb4e7e82ff6ed5751595da4aa7cbe5dcbda989Ipswitch IMail version 11.01 suffers from a cross site scripting vulnerability.
994dfe38a03dadf23ee63272381e22efa35b41a469d160c4208efb44566257f9Memcached denial of service exploit for an issue disclosed on their bugtracker two years ago and was never patched.
814e65638843b38bd9fd9f0e2304a82c68628fa8c903a54aaec2025d9de659fcJoomla! versions 3.0.3 and below suffer from a PHP object injection vulnerability in remember.php.
92c1b16050368998c04ca3342d9eced12b23a19d5974b249776e4d6b55dcefcdPayPal's Billsafe online payment service web application suffered from a remote authentication bypass session vulnerability.
a7648736a35c6d5b0f41156d9bb5608ca1538419ba339fc5cf0c58bcb604ae1bTinyMCE Ajax File Manager suffers from a remote code execution vulnerability.
d755af232c0c6aa46764039b4bc2eb4bec170c1ae8e037d2d4a69a96ee1a9200FreePBX version 2.9 suffers from a backup module remote command execution vulnerability.
0f737c88245ed86d1ced573e55dc41069885055dbdb06ade39b3d6fddb9f0145PHPValley Micro Jobs Site Script version 1.01 allows for a logged in user to spoof another user and take over their account.
be3489717f38a732799715a5bf9d318833e3065f792e86619fa9a7f2f1b2c792Elecard MPEG Player version 5.8 proof of concept local buffer overflow exploit.
7302291bed8b7eb00f297566ec60a621d7adcfae5c0545a7e9a021986f0bdd90Sites designed by Iron Lava Corp suffer from remote shell upload and remote SQL injection vulnerabilities. Note that this advisory has site-specific information.
75f7541db9cc5c202ba408bd1c4efc347e24216888610a60af000419f373eff4D-Link DIR-635 suffers from cross site request forgery and multiple cross site scripting vulnerabilities.
9f5aeb25f45b5c7859957c04d42fa54170e29e93b7f0b36b152822e378687b11In module wpsio.dll in WPS Office, a BSTR string stored in the file is copied to the stack buffer without strict length inspection leading to a stack buffer overflow. Proof of concept included.
38358e22e0283cc8f63c3c5da968863cd9aeb2e6d05f82b21fb4a56fc9a8dd4eCMS Cameron McKenna 2013 suffers from a cross site scripting vulnerability. The vendor has been notified of this issue. Note that this advisory has site-specific information.
9bb471ef068545d2955c05c1c10076f6f1d8c862aa331fcdf79fbb9334231220Windows Light HTTPD version 0.1 HTTP GET buffer overflow exploit that spawns a bindshell.
c6353474ef20863a17e6e60c49ab6d2415f53b3329ca89fc8312aa196928cdcdphpMyAdmin versions 3.5.8 and 4.0.0-RC2 suffer from multiple remote code execution, local file inclusion, and array overwrite vulnerabilities.
5f5b20d982ae97824512b1c23808b9c17b328dae83d316eee98cdebbab52a1c6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed