Latest Exploits

Syndicate content Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 14 hours 39 min ago

CivicRM 4.7b3 SQL Injection

Sun, 04/10/2016 - 08:22
CivicRM version 4.7b3 suffers from a remote blind SQL injection vulnerability.
Categories: Security

DotCMS 3.5 Beta Cross Site Scripting

Sat, 04/09/2016 - 08:33
DotCMS version 3.5 Beta suffers from a cross site scripting vulnerability.
Categories: Security

DotCMS 3.5 Beta Directory Traversal

Sat, 04/09/2016 - 07:12
DotCMS version 3.5 Beta suffers from a directory traversal vulnerability.
Categories: Security

ExaGrid Known SSH Key / Default Password

Fri, 04/08/2016 - 21:11
ExaGrid ships a public/private key pair on their backup appliances to allow passwordless authentication to other ExaGrid appliances. Since the private key is easily retrievable, an attacker can use it to gain unauthorized remote access as root. Additionally, this module will attempt to use the default password for root, 'inflection'.
Categories: Security

PostgreSQL CREATE LANGUAGE Execution

Fri, 04/08/2016 - 21:09
Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.
Categories: Security

Android IOMX getConfig/getParameter Information Disclosure

Fri, 04/08/2016 - 21:05
The GET_CONFIG and GET_PARAMETER calls on IOMX are vulnerable to an information disclosure of uninitialized heap memory. This could be used by an attacker to break ASLR in the media server process by reading out heap memory which contains useful address information.
Categories: Security

Android IMemory Native Interface Insecure IPC Use

Fri, 04/08/2016 - 21:04
The IMemory interface in frameworks/native/libs/binder/IMemory.cpp, used primarily by the media services can be tricked to return arbitrary memory locations leading to information disclosure or memory corruption.
Categories: Security

Hikvision Digital Video Recorder Cross Site Request Forgery

Fri, 04/08/2016 - 20:55
Hikvision Digital Video Recorder versions LV-D2104CS, DS-7316HFI-ST, DS-7216HVI-SV/A, DS-7208HVI-SH, and DS-7204HVI-SH suffer from a cross site request forgery vulnerability.
Categories: Security

AccelSite Content Manager 1.0 SQL Injection

Fri, 04/08/2016 - 17:22
AccelSite Content Manager version 1.0 suffers from a remote SQL injection vulnerability.
Categories: Security

Monsta Box WebFTP Arbitrary File Read

Fri, 04/08/2016 - 17:06
Monsta Box WebFTP suffers from an arbitrary file read vulnerability.
Categories: Security

Apple Intel HD 3000 Graphics Driver 10.0.0 Privilege Escalation

Fri, 04/08/2016 - 16:22
Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability.
Categories: Security

WordPress Multiple Meta Box 1.0 SQL Injection

Fri, 04/08/2016 - 15:32
WordPress Multiple Meta Box plugin version 1.0 suffers from a remote SQL injection vulnerability.
Categories: Security

Perli 2.6 Filter Bypass / Script Insertion

Fri, 04/08/2016 - 08:55
Perli version 2.6 suffers from filter bypass and script insertion vulnerabilities.
Categories: Security

Eight Webcom CMS 2016 Q2 SQL Injection

Fri, 04/08/2016 - 08:44
Eight Webcom CMS 2016 Q2 suffers from a remote SQL injection vulnerability.
Categories: Security

MESS 0.154-3.1 Buffer Overflow

Fri, 04/08/2016 - 08:33
MESS version 0.154-3.1 suffers from a buffer overflow vulnerability.
Categories: Security

Quicksilver HQ VoHo Concept4E CMS 1.0 SQL Injection

Fri, 04/08/2016 - 08:33
Quicksilver HQ VoHo Concept4E CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.
Categories: Security

JPEGSnoop 1.7.3 DLL Hijacking

Thu, 04/07/2016 - 23:44
JPEGSnoop versions 1.7.3 and below suffer from a dll hijacking vulnerability.
Categories: Security

SIDU 5.3 Cross Site Scripting

Wed, 04/06/2016 - 19:33
SIDU version 5.3 database web gui suffers from multiple cross site scripting vulnerabilities.
Categories: Security

SIDU 5.2 Cross Site Scripting

Wed, 04/06/2016 - 19:32
SIDU version 5.2 database web gui suffers from multiple cross site scripting vulnerabilities.
Categories: Security

Microsoft Windows 8.1 Console Driver Job Object Process Limit Bypass

Wed, 04/06/2016 - 19:03
One change in Windows 8.1 from Windows 7 is the introduction of the console driver (condrv.sys) which is responsible for handling the management of consoles. It contains a method, CdpLaunchServerProcess which creates an instance of conhost.exe. This method calls ZwCreateUserProcess which means that the system call runs with kernel permissions, it also passes a flag (0x400) to the system call which indicates that the new process should not be assigned to the parent job. This allows for the conhost process to bypass the job restrictions.
Categories: Security