Backdoor.Win32.Optix.02.b malware suffers from a hardcoded credential vulnerability.
8c8ad33e111ebd91632229baa25c24e2eb3101bf3951d070074c5b4618e78fcf
Backdoor.Win32.JustJoke.21 (BackDoor Pro - v2.0b4) malware suffers from a code execution vulnerability.
efd34490081822962a9907289feb284b29b116cd83a6df573fe5cae3f6d09fb1
Backdoor.Win32.PoisonIvy.ymw malware suffers from an insecure credential storage vulnerability.
2a0b97e3b01f0c3a9c85e1a96ede18240c61b21ee538261305346eec34828cd5
Online Travel Agency System version 1.0 suffers from a remote shell upload vulnerability.
e1c910902237872a9a7ebb40f19760f24f84f89e4b7e66a2979867c3d7860ef2
Tourism Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
db170b3ac31a17248bfa19e67220ae00449f12c6e02e1fc5d27c5fcdf490b79a
Tenant courier management version 1.0 suffers from an ignored default credential vulnerability.
e5bc487016d175a441c7e77bd92498997edbbd879dd65cd842a7fdf9320ae77f
Supply Chain Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e470a8736045692eb5cfaa7bc4e77aaa4cc7c9beb8b335abd16a1b89d107b75e
Student Result Management System version 2.0 suffers from an insecure direct object reference vulnerability.
bda5efeeb9ed25bc54c10734b12e890e9b254852bf233042b1f26d7328107bff
Student Record System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
65197edb9fa8815555185ffcfdef263bccbd753949a90ec711337f13c2e0c060
Student Attendance Management System version 1.0 suffers from an arbitrary file upload vulnerability.
8301589003c010f20ac529eb42cbb71ab3534415a910f9e4049f5a4439af953d
Online Course Registration version 1.0 suffers from a remote blind SQL injection vulnerability.
33f34004d037922833768a63f88ac2eafd52901b044b79be249240c957b80608
Texas Instruments Fusion Digital Power Designer version 7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials.
7d2282798e3247a2123a5993d7d6d2cb77a3755e9e0270c916b57856fbfaf0ef
Taskhub version 2.8.8 suffers from an ignored default credential vulnerability.
2c385d7b29ff2d1f0cadb673bff0447f2a27c839cc502710002b3eab58740544
Webpay E-Commerce version 1.0 suffers from a remote SQL injection vulnerability.
aab9cd23f27d0b380a30652d38f6b7294616ac5ba2a2caacad04babc8614cba6
SPIP version 4.2.9 suffers from a code execution vulnerability.
d4ed25b80a6fdd5de7edecd14eb96fe799d3bf844e756b0284c009a504280356
Online Traffic Offense version 1.0 suffers from a cross site request forgery vulnerability.
94fe5b823b710c5c6f181d6f318ef1740f7740edaddc57380ec3b9edff783886
Penglead version 2.0 suffers from a cross site scripting vulnerability.
4803b54886f3d92678ccb96aae5fd9a82832e85074cee13728faeb8279e61357
PPDB version 2.4-update 6118-1 suffers from a cross site request forgery vulnerability.
f9a7acddf2a8e87d760a0885cc5283d0764737fcf83a7d69b6cba9d514a0bf6e
Online Travel Agency System version 1.0 suffers from an arbitrary file upload vulnerability.
5d679af79681b3230bebbb01358d179220b220e1d69d8bcf6fa3c2dfc830be0f
This archive contains all of the 722 exploits added to Packet Storm in August, 2024. Please note the increase in size for this month is due to a massive backlog of older exploits being added to the archive and is not representative of an uptick in new issues being discovered.
134571b730367a368bd78e19cc2729522241ac88f947a572cd37314d9f37a24f
Zero day remote root exploit for IntelliNet version 2.0. It affects multiple devices of AES Corp and Siemens. The exploit provides a remote shell and escalates your permissions to full root permissions by abusing exec_suid. No authentication needed at all, neither any interaction from the victim. The firmware affected by this exploit runs on fire alarms, burglar sensors and environmental devices, all on the internet, all vulnerable, no patch. Full control over hardware and software with no restrictions, you can manipulate battery voltage and even damage the hardware with unknown outcomes.
03f6a27dff52d1325441a14044dae92e43735378844d284aa4a56aa28a72abe1
Online Musical Instrument Shop IN version 1.0 suffers from a cross site scripting vulnerability.
2e3a9e009b49f67ad6f0534a437aba16431617d1d2588b6c4ed1087d4399d493
Online Job Portal IN version 1.0 suffers from a remote SQL injection vulnerability.
92218ce274c20d93f28c9b743aacda84a68675963b3607d54c3484d9218e178e
pgAdmin versions 8.4 and earlier are affected by a remote reverse connection execution vulnerability via the binary path validation API.
263e864f594c394a102efec26ea63661ce2ce5e3573fde482860fbce55467c71
SPIP version 4.2.7 suffers from a code execution vulnerability.
160ad4f3c2b9737ce719a722da0465d21060eaa5bdf0025e6c316b142389c830