PS Exploit News

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
  1. Oracle VirtualBox 5.1.18 Guest Additions Double-Free

    A heap double-free vulnerability has been discovered in Oracle VirtualBox version 5.1.18 when Guest Additions (and more specifically shared folders) are enabled in the guest operating system.
  2. WordPress AccessPress Social Icons 1.6.6 SQL Injection

    WordPress AccessPress Social Icons plugin versions 1.6.6 and below suffer from multiple remote SQL injection vulnerabilities.
  3. Exponent CMS 2.4.1 SQL Injection

    Exponent CMS versions 2.4.1 and below suffer from a remote SQL injection vulnerability.
  4. eBay Auction Premium Clone Script 6.42 SQL Injection

    eBay Auction Premium Clone Script version 6.42 suffers from a remote SQL injection vulnerability.
  5. Oracle Java 64bit DLL Hijacking

    A code injection through DLL sideloading vulnerability exists in 64-bit Oracle Java.
  6. WordPress Connection Information Cross Site Request Forgery

    The FTP/SSH form functionality of WordPress was found to be vulnerable to cross site request forgery. WordPress versions 4.5.3 through 4.7.4 are affected.
  7. Safari Browser Memory Corruption

    Safari suffers from an out-of-bounds memcpy in Array.concat that can lead to memory corruption.
  8. Oracle PeopleSoft ToolsRelease / ToolsReleaseDB / HCM SSRF

    Oracle PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a server-side request forgery vulnerability.
  9. Oracle E-Business Suite 12.2.3 SQL Injection

    Oracle E-Business Suite version 12.2.3 suffers from a remote SQL injection vulnerability.
  10. Oracle PeopleSoft HCM 9.2 XXE Injection

    Oracle PeopleSoft HCM version 9.2 on PeopleTools version 8.55 suffers from an XML external entity injection vulnerability.
  11. Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit

    Microsoft Windows IFEO Winlogin SYSTEM backdooring exploit.
  12. October CMS 1.0.412 Code Execution / Shell Upload

    October CMS version 1.0.412 suffers from access bypass, cross site scripting, code execution, and remote shell upload vulnerabilities.
  13. VirtualBox 5.0.32 Windows Process COM Injection Privilege Escalation

    The process hardening implemented by the VirtualBox driver can be circumvented to load arbitrary code inside a VirtualBox process giving access to the VBoxDrv driver which can allow routes to elevation of privilege from a normal user. Version 5.0.32 is affected.
  14. Trend Micro Threat Discovery Appliance 2.6.1062r1 Session Generation Authentication Bypass

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a session generation authentication bypass vulnerability.
  15. Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Information Disclosure

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi information disclosure vulnerability.
  16. Trend Micro Threat Discovery Appliance 2.6.1062r1 logoff.cgi Directory Traversal

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a logoff.cgi directory traversal authentication bypass vulnerability.
  17. Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from an admin_sys_time.cgi remote code execution vulnerability.
  18. Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a admin_sys_time.cgi remote code execution vulnerability.
  19. Trend Micro Threat Discovery Appliance 2.6.1062r1 detected_potential_files.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a detected_potential_files.cgi remote code execution vulnerability.
  20. Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi remote code execution vulnerability.
  21. Trend Micro Threat Discovery Appliance 2.6.1062r1 hotfix_upload.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a hotfix_upload.cgi remote code execution vulnerability.
  22. Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dae.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dae.cgi remote code execution vulnerability.
  23. Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dlp.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dlp.cgi remote code execution vulnerability.
  24. Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query.cgi remote code execution vulnerability.
  25. Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_system.cgi Remote Code Execution

    Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_system.cgi remote code execution vulnerability.
2 megabytes