Expoit Files ≈ Packet Storm

Packet Storm – Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

Openfire version 4.4.1 suffers from multiple cross site scripting vulnerabilities.
SugarCRM versions 9.0.1 and below suffer from multiple phar deserialization vulnerabilities.
SugarCRM versions 9.0.1 and below suffer from multiple php object injection vulnerabilities.

SugarCRM 9.0.1 PHP Code Injection

11 October 2019, 3:14 pm

SugarCRM versions 9.0.1 and below suffer from multiple PHP code injection vulnerabilities.

SugarCRM 9.0.1 Path Traversal

11 October 2019, 3:13 pm

SugarCRM versions 9.0.1 and below suffer from multiple path traversal vulnerabilities.
Visual Studio Code enables its remote debugger by default when installed.
SugarCRM versions 9.0.1 and below suffer from multiple broken access control vulnerabilities.

SugarCRM 9.0.1 SQL Injection

11 October 2019, 3:09 pm

SugarCRM versions 9.0.1 and below suffer from multiple remote SQL injection vulnerabilities.
SugarCRM versions 9.0.1 and below suffer from multiple reflective cross site scripting vulnerabilities.

Ajenti Remote Command Execution

11 October 2019, 3:05 pm

Ajenti suffers from a remote command execution vulnerability.
National Instruments Circuit Design Suite version 14.0 suffers from a local privilege escalation vulnerability.
Intelbras Router WRN150 version 1.0.18 suffers from a persistent cross site scripting vulnerability.
WordPress Arforms plugin version 3.7.1 suffers from a directory traversal vulnerability.
MiniShare version 1.4.1 CONNECT remote buffer overflow exploit.
The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in nt!MiRelocateImage while parsing a malformed PE file.
The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!HashKComputeFirstPageHash while parsing a malformed PE file.
The Microsoft Windows kernel suffers from an out-of-bounds read in nt!MiParseImageLoadConfig while parsing a malformed PE file.
The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!CipFixImageType while parsing a malformed PE file.
The Microsoft Windows kernel suffers from a null pointer dereference vulnerability in nt!MiOffsetToProtos while parsing a malformed PE file.
Microsoft Windows Kernel suffers from a TTF font processing win32k!ulClearTypeFilter pool corruption vulnerability in win32k.sys.
SMA Solar Technology AG Sunny WebBox device version 1.6 suffers from a cross site request forgery vulnerability.
This Metasploit module exploits a stack buffer overflow in ASX to MP3 converter 3.1.3.7. By constructing a specially crafted ASX file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. Tested on: Microsoft Windows 7 Enterprise, 6.1.7601 Service Pack 1 Build 7601, x64-based PC Microsoft Windows 10 Pro, 10.0.18362 N/A Build 18362, x64-based PC.
TP-Link TL-WR1043ND 2 suffers from an authentication bypass vulnerability.
PBS Professional versions 19.2.3 and below suffer from an authentication bypass vulnerability.
Foscam Video Management System version 1.1.6.6 denial of service proof of concept exploit.