Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:46:31 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1806880383&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F1005-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1806880383.1338180391.1338180391.1338180391.1%3B%2B__utmz%3D32867617.1338180391.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/111879/mathematica-insecure.txt http://packetstormsecurity.org/files/111879/mathematica-insecure.txt http://packetstormsecurity.org/files/111879/Mathematica-On-Linux-tmp-Vulnerability.html Mon, 16 Apr 2012 18:13:59 GMT Mathematica on Linux uses the /tmp/MathLink directory in insecure ways that can allow for account takeover. The problem was made worse by later versions as the addendum states. http://packetstormsecurity.org/files/90133/1005-exploits.tgz http://packetstormsecurity.org/files/90133/1005-exploits.tgz http://packetstormsecurity.org/files/90133/Packet-Storm-New-Exploits-For-May-2010.html Tue, 01 Jun 2010 23:42:52 GMT This archive contains all of the 489 exploits added to Packet Storm in May, 2010. http://packetstormsecurity.org/files/90112/joomlaquran-sql.txt http://packetstormsecurity.org/files/90112/joomlaquran-sql.txt http://packetstormsecurity.org/files/90112/Joomla-Quran-SQL-Injection.html Sun, 30 May 2010 23:17:08 GMT The Joomla Quran component suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/90111/alscowebdesign-sql.txt http://packetstormsecurity.org/files/90111/alscowebdesign-sql.txt http://packetstormsecurity.org/files/90111/Alsco-Web-Design-And-I-Tech-SQL-Injection.html Sun, 30 May 2010 23:02:26 GMT Alsco Web Design and I-Tech suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/90110/cmscout-xss.txt http://packetstormsecurity.org/files/90110/cmscout-xss.txt http://packetstormsecurity.org/files/90110/CMScout-Cross-Site-Scripting.html Sun, 30 May 2010 23:00:36 GMT CMScout suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/90109/oscommerceonlinemerchant-disclosebypass.txt http://packetstormsecurity.org/files/90109/oscommerceonlinemerchant-disclosebypass.txt http://packetstormsecurity.org/files/90109/OSCommerce-Online-Merchant-2.2-Bypass-File-Disclosure.html Sun, 30 May 2010 22:59:17 GMT OSCommerce Online Merchant version 2.2 suffers from bypass and file disclosure vulnerabilities. http://packetstormsecurity.org/files/90107/symphony-lfi.txt http://packetstormsecurity.org/files/90107/symphony-lfi.txt http://packetstormsecurity.org/files/90107/Symphony-CMS-2.0.7-Local-File-Inclusion.html Sun, 30 May 2010 22:56:39 GMT Symphony CMS version 2.0.7 suffers from a local file inclusion vulnerability. http://packetstormsecurity.org/files/90105/webiz-shell.txt http://packetstormsecurity.org/files/90105/webiz-shell.txt http://packetstormsecurity.org/files/90105/Webiz-Shell-Upload.html Sun, 30 May 2010 22:52:32 GMT Webiz suffers from a remote shell upload vulnerability. http://packetstormsecurity.org/files/90104/webiz-sql.txt http://packetstormsecurity.org/files/90104/webiz-sql.txt http://packetstormsecurity.org/files/90104/Webiz-SQL-Injection.html Sun, 30 May 2010 22:51:49 GMT Webiz suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/90103/nginx-disclose.txt http://packetstormsecurity.org/files/90103/nginx-disclose.txt http://packetstormsecurity.org/files/90103/Nginx-0.8.35-Source-Code-Disclosure.html Sun, 30 May 2010 22:49:31 GMT Nginx version 0.8.35 suffers from a source code disclosure vulnerability. http://packetstormsecurity.org/files/90102/ip2location-overflow.txt http://packetstormsecurity.org/files/90102/ip2location-overflow.txt http://packetstormsecurity.org/files/90102/IP2location.dll-1.0.0.1-Initialize-Buffer-Overflow.html Sun, 30 May 2010 22:47:30 GMT IP2location.dll version 1.0.0.1 Initialize() local buffer overflow exploit. http://packetstormsecurity.org/files/90101/grboard1861-rfi.txt http://packetstormsecurity.org/files/90101/grboard1861-rfi.txt http://packetstormsecurity.org/files/90101/GR-Board-1.8.6.1-Remote-File-Inclusion.html Sun, 30 May 2010 22:45:26 GMT GR Board version 1.8.6.1 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/90099/zeeways-xss.txt http://packetstormsecurity.org/files/90099/zeeways-xss.txt http://packetstormsecurity.org/files/90099/Zeeways-Script-Cross-Site-Scripting.html Sun, 30 May 2010 22:44:09 GMT Zeeways Script suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/90100/oscommercemerchant-shell.txt http://packetstormsecurity.org/files/90100/oscommercemerchant-shell.txt http://packetstormsecurity.org/files/90100/OSCommerce-Online-Merchant-2.2-Shell-Upload.html Sun, 30 May 2010 22:42:01 GMT OSCommerce Online Merchant version 2.2 summer from a remote shell upload vulnerability. http://packetstormsecurity.org/files/90096/cosmossolutionscms-sqlxss.txt http://packetstormsecurity.org/files/90096/cosmossolutionscms-sqlxss.txt http://packetstormsecurity.org/files/90096/Cosmos-Solutions-CMS-Cross-Site-Scripting-SQL-Injection.html Sun, 30 May 2010 22:37:13 GMT Cosmos Solutions CMS suffers from cross site scripting and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/90097/simpleattach-rfi.txt http://packetstormsecurity.org/files/90097/simpleattach-rfi.txt http://packetstormsecurity.org/files/90097/Simple-Attach-Remote-File-Inclusion.html Sun, 30 May 2010 22:36:59 GMT Simple Attach suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/90095/cosmossolutionscms-sql.txt http://packetstormsecurity.org/files/90095/cosmossolutionscms-sql.txt http://packetstormsecurity.org/files/90095/Cosmos-Solutions-CMS-SQL-Injection.html Sun, 30 May 2010 22:35:05 GMT Cosmos Solutions CMS suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/90094/milehighcreative-sqlxss.txt http://packetstormsecurity.org/files/90094/milehighcreative-sqlxss.txt http://packetstormsecurity.org/files/90094/MileHigh-Creative-SQL-Injection-Cross-Site-Scripting.html Sun, 30 May 2010 22:33:07 GMT MileHigh Creative suffers from cross site scripting and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/90093/aimwebdesign-sqlxss.txt http://packetstormsecurity.org/files/90093/aimwebdesign-sqlxss.txt http://packetstormsecurity.org/files/90093/Aim-Web-Design-Cross-Site-Scripting-SQL-Injection.html Sun, 30 May 2010 22:31:50 GMT Aim Web Design suffers from cross site scripting and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/90092/fusebox-sql.txt http://packetstormsecurity.org/files/90092/fusebox-sql.txt http://packetstormsecurity.org/files/90092/Fusebox-SQL-Injection.html Sun, 30 May 2010 22:27:17 GMT Fusebox suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/files/90091/marketingwebdesign-sqlxss.txt http://packetstormsecurity.org/files/90091/marketingwebdesign-sqlxss.txt http://packetstormsecurity.org/files/90091/Marketing-Web-Design-Cross-Site-Scripting-SQL-Injection.html Sun, 30 May 2010 22:25:58 GMT Marketing Web Design suffers from cross site scripting and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/90089/nucleusgallery-sqlrfi.txt http://packetstormsecurity.org/files/90089/nucleusgallery-sqlrfi.txt http://packetstormsecurity.org/files/90089/Nucleus-Gallery-0.94-Remote-File-Inclusion-SQL-Injection.html Sun, 30 May 2010 21:55:39 GMT The Nucleus Gallery plugin version 0.94 suffers from remote file inclusion and remote SQL injection vulnerabilities. http://packetstormsecurity.org/files/90088/nucleustwitter-rfi.txt http://packetstormsecurity.org/files/90088/nucleustwitter-rfi.txt http://packetstormsecurity.org/files/90088/Nucleus-Twitter-0.8-Remote-File-Inclusion.html Sun, 30 May 2010 21:54:26 GMT The Nucleus Twitter plugin version 0.8 suffers from a remote file inclusion vulnerability. http://packetstormsecurity.org/files/90090/sugarcrm-xsrf.txt http://packetstormsecurity.org/files/90090/sugarcrm-xsrf.txt http://packetstormsecurity.org/files/90090/SugarCRM-Community-Edition-5.5.2-Cross-Site-Request-Forgery.html Sun, 30 May 2010 21:53:37 GMT SugarCRM Community Edition version 5.5.2 suffers from a cross site request forgery and can be exploited to create a new admin. http://packetstormsecurity.org/files/90087/udviklet-sql.txt http://packetstormsecurity.org/files/90087/udviklet-sql.txt http://packetstormsecurity.org/files/90087/Script-Udviklet-Of-X-Host-SQL-Injection.html Sun, 30 May 2010 21:52:10 GMT Script Udviklet of X-Host suffers from a remote SQL injection vulnerability.