Latest Exploits

Syndicate content Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 11 hours 25 min ago

Adobe Flash ATF Image Packing Overflow

Fri, 07/08/2016 - 05:01
There is a heap overflow in ATF image packing. The file included in this archive demonstrates the vulnerability.
Categories: Security

Adobe Flash JXR Processing Double Free

Fri, 07/08/2016 - 04:44
This JXR file causes a heap overflow when loaded in Adobe Flash.
Categories: Security

360 Total Security 2016 DLL Hijacking

Fri, 07/08/2016 - 04:22
360 Total Security 2016 suffers from a dll hijacking vulnerability.
Categories: Security

Adobe Flash ATF Processing Overflow

Fri, 07/08/2016 - 04:22
This ATF file causes a heap overflow in ATF processing in Adobe Flash.
Categories: Security

Joomla Topics 1.5.12 SQL Injection

Fri, 07/08/2016 - 04:22
Joomla Topics component version 1.5.12 suffers from a remote SQL injection vulnerability.
Categories: Security

WordPress Lazy Content Slider 3.4 Cross Site Request Forgery

Thu, 07/07/2016 - 23:44
WordPress Lazy Content Slider plugin version 3.4 suffers from a cross site request forgery vulnerability.
Categories: Security

Hide.Me VPN Client 1.2.4 Privilege Escalation

Thu, 07/07/2016 - 22:33
Hide.Me VPN Client version 1.2.4 suffers from a privilege escalation vulnerability.
Categories: Security

IPS Community Suite 4.1.12.3 PHP Code Injection

Thu, 07/07/2016 - 18:23
IPS Community Suite versions 4.1.12.3 and below suffer from a remote PHP code injection vulnerability.
Categories: Security

Simpla Admin 1.02 Shell Upload / SQL Injection

Thu, 07/07/2016 - 09:44
Simpla Admin version 1.02 suffers from remote shell upload and remote SQL injection vulnerabilities.
Categories: Security

OPAC KpwinSQL Cross Site Scripting / Local File Inclusion

Thu, 07/07/2016 - 09:22
OPAC KpwinSQL suffers from cross site scripting and local file inclusion vulnerabilities.
Categories: Security

GE Proficy HMI/SCADA CIMPLICITY 8.2 Local Privilege Escalation

Thu, 07/07/2016 - 09:02
GE Proficy HMI/SCADA CIMPLICITY version 8.2 local privilege escalation exploit.
Categories: Security

InstantHMI 6.1 Privilege Escalation

Thu, 07/07/2016 - 09:02
InstantHMI version 6.1 suffers from a privilege escalation vulnerability.
Categories: Security

GNU Wget Arbitrary File Upload / Potential Remote Code Execution

Wed, 07/06/2016 - 11:00
GNU Wget versions prior to 1.18 suffer from an arbitrary file upload vulnerability that may allow for remote code execution.
Categories: Security

AWBS 2.9.6 SQL Injection / Cross Site Scripting

Wed, 07/06/2016 - 10:44
AWBS version 2.9.6 suffers from remote SQL injection and cross site scripting vulnerabilities.
Categories: Security

RS232-NET Converter (JTC-200) CSRF / Weak Credentials / Unauthenticated Access

Wed, 07/06/2016 - 10:42
RS232-NET Converter (JTC-200) suffers from cross site request forgery and weak credential management vulnerabilities along with unauthenticated access over telnet.
Categories: Security

CIMA DocuClass ECM CSRF / XSS / SQL Injection

Wed, 07/06/2016 - 10:37
CIMA DocuClass ECM suffers from cross site request forgery, cross site scripting, direct object reference, and remote SQL injection vulnerabilities.
Categories: Security

OpenFire 4.0.1 Cross Site Request Forgery / Cross Site Scripting

Wed, 07/06/2016 - 10:34
OpenFire versions 3.10.2 through 4.0.1 suffer from cross site request forgery and cross site scripting vulnerabilities. These issues are similar as findings discovered by hyp3rlinx but leverage different pages.
Categories: Security

PrinceXML Wrapper Class Command Injection

Wed, 07/06/2016 - 10:33
Wrapper classes provided by PrinceXML appear to suffer from command injection vulnerabilities.
Categories: Security

Micron CMS 5.3 SQL Injection

Wed, 07/06/2016 - 08:13
Micron CMS version 5.3 suffers from a remote SQL injection vulnerability.
Categories: Security

Teampass 2.1.26 Arbitrary File Upload

Wed, 07/06/2016 - 05:11
Teampass version 2.1.26 suffers from a remote authenticated file upload vulnerability that may allow for code execution.
Categories: Security