Latest Exploits

Syndicate content Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 18 hours 51 min ago

WordPress Woocommerce 2.6.2 API Cross Site Scripting

Sat, 09/10/2016 - 10:27
WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.
Categories: Security

WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass

Sat, 09/10/2016 - 10:24
WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.
Categories: Security

WordPress InfiniteWP Admin Panel 2.8.0 Command Injection

Sat, 09/10/2016 - 10:21
WordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.
Categories: Security

WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting

Sat, 09/10/2016 - 10:09
WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.
Categories: Security

Vodafone Mobile Wifi Reset Admin Password

Fri, 09/09/2016 - 21:07
Vodafone Mobile Wifi reset administrative password exploit.
Categories: Security

LamaHub 0.0.6.2 Buffer Overflow

Fri, 09/09/2016 - 21:06
LamaHub version 0.0.6.2 suffers from a buffer overflow vulnerability.
Categories: Security

Google Docs XSPA / SSRF

Fri, 09/09/2016 - 20:56
Google Docs appears to suffer from XSPA and SSRF vulnerabilities.
Categories: Security

WordPress 4.5.3 Cross Site Scripting

Thu, 09/08/2016 - 21:05
WordPress version 4.5.3 suffers from a cross site scripting vulnerability when an uploaded image filename has a malicious payload inserted.
Categories: Security

PHPHolidays CMS 3.00.50 Cross Site Scripting

Thu, 09/08/2016 - 21:01
PHPHolidays CMS version 3.00.50 suffers from a cross site scripting vulnerability.
Categories: Security

WordPress Cubed Theme 1.2 CSRF / File Upload

Thu, 09/08/2016 - 20:28
WordPress Cubed theme version 1.2 suffers from cross site request forgery and remote file upload vulnerabilities.
Categories: Security

Airmail 3.0.2 Cross Site Scripting

Thu, 09/08/2016 - 20:25
Airmail versions 3.0.2 and below suffer from a cross site scripting vulnerability.
Categories: Security

Picosmos Shows 1.6.0 Stack Overflow

Thu, 09/08/2016 - 20:01
Picosmos Shows version 1.6.0 suffers from a stack overflow vulnerability.
Categories: Security

WhatsApp DLL Hijacking

Thu, 09/08/2016 - 19:11
WhatsApp suffers from a DLL hijacking vulnerability.
Categories: Security

HDWiKi 4.0.4 Cross Site Scripting

Thu, 09/08/2016 - 19:02
HDWiKi version 4.0.4 suffers from a cross site scripting vulnerability.
Categories: Security

BugNET 1.6.315.0 Cross Site Scripting

Thu, 09/08/2016 - 19:02
BugNET version 1.6.315.0 suffers from a cross site scripting vulnerability.
Categories: Security

WinSCP 5.9.1 DLL Hijacking

Thu, 09/08/2016 - 19:01
WinSCP version 5.9.1 suffers from a DLL hijacking vulnerability.
Categories: Security

OoVoo 3.7.1 DLL Hijacking

Thu, 09/08/2016 - 19:00
OoVoo version 3.7.1 suffers from a DLL hijacking vulnerability.
Categories: Security

Jobberbase 2.0 Disclosure / XSS / Code Execution / Upload

Thu, 09/08/2016 - 15:03
Jobberbase version 2.0 suffers from code execution, open redirect, path disclosure, unrestricted file upload, and SQL injection vulnerabilities.
Categories: Security

Zabbix 3.0.3 SQL Injection

Thu, 09/08/2016 - 14:34
Zabbix versions 2.0 through 3.0.3 remote SQL injection exploit.
Categories: Security

LogMeIn Client 1.3.2462 (64bit) Credential Disclosure

Thu, 09/08/2016 - 14:29
LogMeIn client version 1.3.2462 (64bit) suffers from a local credential memory disclosure vulnerability.
Categories: Security