PS Exploit News

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
  1. Windows Escalate UAC Protection Bypass (Via COM Handler Hijack)

    This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This Metasploit module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This Metasploit module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.
  2. VMware VDP Known SSH Key

    VMware vSphere Data Protection appliances 5.5.x through 6.1.x contain a known ssh private key for the local user admin who is a sudoer without password.
  3. IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution

    This Metasploit module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This Metasploit module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.
  4. Disk Pulse Enterprise 9.9.16 Buffer Overflow

    Disk Pulse Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
  5. Disk Sorter Enterprise 9.9.12 Buffer Overflow

    Disk Sorter Enterprise version 9.9.12 suffers from a buffer overflow vulnerability.
  6. Sync Breeze Enterprise 9.9.16 Buffer Overflow

    Sync Breeze Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
  7. Apache2Triad 1.5.4 CSRF / XSS / Session Fixation

    Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.
  8. Joomla Ajax Quiz 1.8 SQL Injection

    Joomla Ajax Quiz component version 1.8 suffers from a remote SQL injection vulnerability.
  9. PHP Coupon Script 6.0 SQL Injection

    PHP Coupon Script version 6.0 suffers from a remote SQL injection vulnerability.
  10. Bitcoin / Dogecoin Mining 1.0 SQL Injection

    Bitcoin / Dogecoin version 1.0 suffers from a remote SQL injection vulnerability.
  11. Microsoft Edge Chakra chakra!Js::GlobalObject Integer Overflow

    Microsoft Edge Chakra suffers from a chakra!Js::GlobalObject internet overflow vulnerability.
  12. Joomla Twitch Tv 1.1 SQL Injection

    Joomla Twitch Tv component version 1.1 suffers from a remote SQL injection vulnerability.
  13. PHP-Lance 1.52 SQL Injection

    PHP-Lance version 1.52 suffers from a remote SQL injection vulnerability.
  14. PHPMyWind 5.3 Cross Site Scripting

    PHPMyWind version 5.3 suffers from a cross site scripting vulnerability.
  15. PHP Jokesite 2.0 SQL Injection

    PHP Jokesite version 2.0 suffers from a remote SQL injection vulnerability.
  16. TP-Link TD-W8901G Default Credentials / Authentcation Bypass

    TP-Link TD-W8901G suffers from default credential and authentication bypass vulnerabilities.
  17. Microsoft Edge Chakra NULL Pointer Dereference

    Microsoft Edge Chakra suffers from a null pointer dereference vulnerability.
  18. Microsoft Edge Chakra Heap Buffer Overflow

    Microsoft Edge Chakra suffers from a heap buffer overflow vulnerability.
  19. LiveCRM 1.0 SQL Injection

    LiveCRM version 1.0 suffers from a remote SQL injection vulnerability.
  20. Mozilla Firefox nsHtml5TreeBuilder Use-After-Free

    Mozilla Firefox versions prior to 45 nsHtml5TreeBuilder use-after-free exploit with EMET 5.52 bypass.
  21. Easy DVD Creator 2.5.11 Buffer Overflow

    Easy DVD Creator version 2.5.11 suffers from a buffer overflow vulnerability.
  22. Joomla KissGallery 1.0.0 SQL Injection

    Joomla KissGallery component version 1.0.0 suffers from a remote SQL injection vulnerability.
  23. LiveSupport 1.0 SQL Injection

    LiveSupport version 1.0 suffers from a remote SQL injection vulnerability.
  24. Matrimony Script 2.7 SQL Injection

    Matrimony Script version 2.7 suffers from a remote SQL injection vulnerability.
  25. eCardMAX 10.5 SQL Injection

    eCardMAX version 10.5 suffers from a remote SQL injection vulnerability.
2 megabytes