This archive contains all of the 252 exploits added to Packet Storm in October, 2018.
2cdfde44988447d6cb183dd741826624e1b294f18ab4e409ef6ca5f2240763c8
Loadbalancer.org Enterprise VA MAX version 8.3.2 suffers from a code execution vulnerability.
c1b5933307b825ef281540222a9dd2caae7b662038c0531344d50d6c23d82148
SmartFTP Client version 9.0.2615.0 suffers from a denial of service vulnerability.
1174f651451719a960db92d02beb56ca1686ad95a162b1bdd17da3a2032000d0
SIPp version 3.3.990 local buffer overflow proof of concept exploit.
4bc14bc157bcbd354e1dda2043632ef76048d5916be7adc9786a209b42729576
CI User Login and Management version 1.0 suffers from a remote shell upload vulnerability.
1a718e590df136d70984b4a4ceba2a1b0589a93bf3a97714829ab1bca138136f
Simple PHP Shopping Cart version 0.9 suffers from remote shell upload and remote SQL injection vulnerabilities.
8d07e63b9392128d60c6a85515f1a261a9eeeeddd624ba3c416174f8f399cd08
Microstrategy Web 7 suffers from cross site scripting and traversal vulnerabilities.
30777ed9b57a480eebcb23aab84475b30c6d135975f2cdd2cc7174474c9712b6
Instagram Clone version 1.0 suffers from a remote shell upload vulnerability.
68600eeca46fbd187c70931b5e47a2e07c1077156ee29b275ebf09e6d0e3b359
NETGEAR WiFi Router R6120 suffers from a credential disclosure vulnerability.
daf472c5d2611ddc71d425949ff533f742aebf7055faa072ae37de8c783cea0e
This Metasploit module exploits a stack based buffer overflow in Any Sound Recorder version 2.93, when with the name "hack.txt". Copy the content of the "hack.txt", start Any Sound Recorder version 2.93, click "Enter Key Code", paste the content into field "User Name" click "Register".
062b4c130006b7a1a41275e34f102fbcfff4af46144ccc18322350964fea97f7
Notes Manager version 1.0 suffers from a remote shell upload vulnerability.
887533f0b64cde0d0c97b6de543f5f4940b3b3784a573ef1390af7543d350ba2
xorg-x11-server version 1.20.3 privilege escalation exploit.
44e3595b1823ca1e39ba5878cc28006b66ed111988fc108df3838c650e54ef1b
University Application System version 1.0 suffers from cross site request forgery and remote SQL injection vulnerabilities.
f94335c679144f819806e9bc5d49e71a8a60916ff33d080f691b32984c19c9e4
Expense Management version 1.0 suffers from a remote shell upload vulnerability.
e2a544a538231de9de978842c78727d1c835ec8fa2e195a33352607d8fd482bd
R version 3.4.4 (Windows 10 x64) buffer overflow exploit with DEP and ASLR bypass.
07700acd789d612926deb573fcfa0d2c6894fed31acf844c7a33b0d0bb01c591
EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 suffers from having hard-coded root SSH credentials.
0a9f27f891c98728ab30ea54c81512e9a371e1b5f88b8b9083e0587872a38253
PHPTPoint Pharmacy Management System version 1.0 suffers from a remote SQL injection vulnerability.
9d619f3c8e7985f3bbba45f97073cc76e25133924047a9a246896f40c8972e21
ZyXEL VMG3312-B10B versions prior to 1.00 (AAPP.7) suffer from a credential disclosure vulnerability.
043dd9f6802d82984a7afef78cd5da2562fb13860ca43e1bd31ad2d12e9cdc30
QNAP NetBak Replicator version 4.5.6.0607 suffers from a denial of service vulnerability.
f35e0cbdf9dc55f1eccc4bf23ce82a874470078a6bcc2f5d2cc3126805a2cf7a
Electricks eCommerce version 1.0 suffers from a remote SQL injection vulnerability.
00c70aaa2d77ff0da8aca0f463a9670c49ffa475ad55d832a19a1c04efdb427e
South Gate Inn Online Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
968e8e581e9b6f15795838e3752539e1525b73aee422b5dd9e9b2fc23aa05c3c
Nutanix AOS and Prism suffer from an SFTP authentication bypass vulnerability.
db1b7758485522391a2551e8ed44a35d72e4628257e92047f3b4e13e8d79ab80
This exploit modifies a windows language registry key which causes some windows binaries to stick, including login which makes the session unusable. The key is in HKCU and can be modified without admin rights, but with a bypass UAC, all user sessions can be paralyzed by using reg.exe and user's NTUSER.DAT.
cebc8192e58860f9e56ac23e83917c52d657bce5533347a18906dba9296c9c96
PayPal/Credit Card/Debit Card Payment version 1.0 suffers from a remote SQL injection vulnerability.
bb4c744ee54ed5fddb0a37d1715957edacc5ce48f59259d99f3320a3a65df4b4
RhinOS CMS version 3.x suffers from an arbitrary file download vulnerability.
cbf35a0f4ec5661b2819f545be169c1558e7f98c44efe9814ee0288b2bf27b8a