Latest Exploits

Syndicate content Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 20 hours 27 min ago

Adobe Coldfusion 11.0.03.292866 Remote Code Execution

Tue, 02/06/2018 - 21:22
Adobe Coldfusion version 11.0.03.292866 BlazeDS java object deserialization remote code execution exploit.
Categories: Security

Geovision Inc. IP Camera / Video Server Remote Command Execution

Tue, 02/06/2018 - 20:11
Geovision Inc. IP Camera and Video Server remote command execution proof of concept exploit.
Categories: Security

Kaspersky Secure Mail Gateway 1.1.0.379 CSRF / Code Execution

Tue, 02/06/2018 - 12:36
Kaspersky Secure Mail Gateway version 1.1.0.379 suffers from code execution and cross site request forgery vulnerabilities.
Categories: Security

WINCVS 2009R2 DLL Hijacking

Tue, 02/06/2018 - 12:34
WINCVS 2009R2 suffers from a dll hijacking vulnerability.
Categories: Security

Android KeyStore Permission Bypass

Tue, 02/06/2018 - 12:32
The keystore binder service ("android.security.IKeystoreService") allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also unprivileged daemons such as "media.codec". A permission bypass vulnerability exists in the KeyStore service due to getpidcon.
Categories: Security

Joomla! Zh GoogleMap 8.4.0.0 SQL Injection

Tue, 02/06/2018 - 12:18
Joomla! Zh GoogleMap component version 8.4.0.0 suffers from a remote SQL injection vulnerability.
Categories: Security

Joomla! Zh YandexMap 6.2.1.0 SQL Injection

Tue, 02/06/2018 - 12:17
Joomla! Zh YandexMap component version 6.2.1.0 suffers from a remote SQL injection vulnerability.
Categories: Security

Joomla! Zh BaiduMap 3.0.0.1 SQL Injection

Tue, 02/06/2018 - 12:16
Joomla! Zh BaiduMap component version 3.0.0.1 suffers from a remote SQL injection vulnerability.
Categories: Security

Joomla! JSP Tickets 1.1 SQL Injection

Tue, 02/06/2018 - 12:14
Joomla! JSP Tickets component version 1.1 suffers from a remote SQL injection vulnerability.
Categories: Security

WordPress Core Denial Of Service

Tue, 02/06/2018 - 12:04
WordPress load-scripts.php denial of service exploit.
Categories: Security

Student Profile Management System Script 2.0.6 SQL Injection

Mon, 02/05/2018 - 07:12
Student Profile Management System Script version 2.0.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Categories: Security

Joomla! jLike 1.0 Information Leak

Mon, 02/05/2018 - 05:11
Joomla! jLike component version 1.0 suffers from an information leak vulnerability.
Categories: Security

Matrimonial Website Script 2.1.6 SQL Injection

Mon, 02/05/2018 - 05:11
Matrimonial Website Script version 2.1.6 suffers from a remote SQL injection vulnerability.
Categories: Security

Online Voting System Authentication Bypass

Mon, 02/05/2018 - 05:11
Online Voting System suffers from an authentication bypass vulnerability.
Categories: Security

Wonder CMS 2.3.1 Host Header Injection

Mon, 02/05/2018 - 04:32
Wonder CMS version 2.3.1 suffers from a host header injection vulnerability.
Categories: Security

NixCMS 1.0 SQL Injection

Mon, 02/05/2018 - 03:32
NixCMS version 1.0 suffers from a remote SQL injection vulnerability.
Categories: Security

BOCHS 2.6-5 Local Buffer Overflow

Mon, 02/05/2018 - 00:22
BOCHS version 2.6-5 suffers from a local buffer overflow vulnerability.
Categories: Security

Wonder CMS 2.3.1 File Upload

Sun, 02/04/2018 - 22:33
Wonder CMS version 2.3.1 suffers from an unrestricted file upload vulnerability.
Categories: Security

WordPress Core load-scripts.php Denial Of Service

Sun, 02/04/2018 - 21:02
WordPress Core suffers from a load-scripts.php denial of service vulnerability.
Categories: Security

Hava Tahmin 1.0 Database Disclosure

Sun, 02/04/2018 - 12:32
Hava Tahmin version 1.0 suffers from a backup disclosure vulnerability.
Categories: Security