IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.
>> ARCHIVE: 2017-06
KEMP LoadMaster version 7.135.0.13245 suffers from persistent cross site scripting and remote code execution vulnerabilities.
This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.
WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.
OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.
OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.
OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.
Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.
This archive contains all of the 193 exploits added to Packet Storm in May, 2017.
WebKit suffers from a universal cross site scripting vulnerability via Document::prepareForDestruction and CachedFrame.