Dorsa Web CMS from 2016 Q1 suffers from a remote SQL injection vulnerability.
>> CATEGORY: exploit
Dorsa Web CMS from 2016 Q1 suffers from a remote SQL injection vulnerability.
Cades 2016Q1 suffers from a remote SQL injection vulnerability.
Docker UI version 0.10.0 suffers from a persistent cross site scripting vulnerability.
Docker UI version 0.10.0 suffers from multiple client-side cross site request forgery vulnerabilities.
Hi Technology and Services CMS suffers from a remote SQL injection vulnerability.
Patron Info System suffers from a remote SQL injection vulnerability.
This archive contains all of the 196 exploits added to Packet Storm in March, 2016.
The included proof of concept crashes Windows 7 with special pool enabled on win32k.sys. The crashes are triggering in multiple different ways (two examples attached).
The included proof of concept crashes Windows 7 with special pool enabled on win32k.sys. The crash is due to accessing memory past the end of a buffer.
There is a use-after-free in URLStream.readObject in Adobe Flash. If the object read is a registered class, the constructor will get invoked to create the object. If the constructor calls…