Packet Storm's last 20 added files. Last Updated: Wed Oct 1 18:09:18 EDT 2008 [ linktrader-sql.txt ] 90b5497915eacb7c458513e8b769cd78 Link Trader suffers from a remote SQL injection vulnerability in ratelink.php. [ rportal-rfilfi.txt ] 31c9161796f35732821ab23bfba60a4a RPortal versions 1.1 and below suffer from remote and local file inclusion vulnerabilities. [ cracker-v2.0-1.3.zip ] 3be9f6e24799c5cd55004015bc988f3c This is a free Oracle password cracker written completely in PL/SQL. [ zfz20BETA.tar.gz ] b533d8929a93e66708fde27b7b26bc16 ZfZ stands for Zeroday fuZzer. ZfZ is a network fuzzer that supports many protocols and can do generic fuzzing as well. It is trivial to add protocols to fuzz, just copy and modify the protocols already implemented. [ bmforum-sql.txt ] 38210992f929e3cb2d8b1dbceac32846 BMForum version 5.6 suffers from a remote SQL injection vulnerability. [ discforums-sql.txt ] 65da34d2a679a7317dad2a2687f7b183 Discussion Forums 2k version 3.3 suffers from multiple remote SQL injection vulnerabilities. [ nonamecms-sql.txt ] 35fe59adf610e4331d98a0643f7795fe Noname CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities. [ mysqlquick-lfi.txt ] 83d60922e0c258d0a9ce32b89766478c MySQL Quick Admin versions 1.5.5 and below suffer from a local file inclusion vulnerability. [ celoxis-xss.txt ] 7c59f06267f9a6ced9652f57ec723e2a The web based project management tool Celoxis is susceptible to cross site scripting vulnerabilities. [ ecrater-xss.txt ] 6c69b029393e59c8cbc88a99d411062b eCRATER suffers from a cross site scripting vulnerability in cart.php. [ webshell431-xssxsrf.txt ] c89bd0bbed49467e0dd5def46832a511 Web Shell version 4.3.10 suffers from cross site scripting and cross site request forgery vulnerabilities. [ printlog-disclose.txt ] 6c2383ba3d61bfd5893e67d62d64f067 Printlog versions 0.4 and below suffer from a remote file disclosure vulnerability. [ fwknop-1.9.8.tar.gz ] 8dac0e2fc52ab4508563efe3617721f0 fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. [ phpscheduleit-exec.txt ] e78036b3e389c71d8e9ad9fcd07ba788 phpScheduleIt versions 1.2.10 and below remote code execution exploit that leverages reserve.php. [ cruxgallery-lfi.txt ] 836d49696bda021e8abb2f1d8ec7db14 Crux Gallery versions 1.32 and below suffer from a local file inclusion vulnerability in index.php. [ adnforum-sql.txt ] 5500a771af45bdd73c886285d803692b ADN Forum versions 1.0b and below blind SQL injection exploit. [ 0809-exploits.tgz ] 54bac55ec40e8fd5a7879702bc5be31b Packet Storm new exploits for September, 2008. [ bookmarksfav-sql.txt ] f84c9e7f0386b683d33c51cff9328044 BookMarks Favourites Script suffers from a remote SQL injection vulnerability in view_group.php. [ rianxosencabos-sql.txt ] f1464e4269a61d2f57c70ca5317a4938 Rianxosencabos CMS version 0.9 suffers from a remote blind SQL injection vulnerability. [ eset-poc.txt ] 07772681a4cb8af7b015a4ec2bc1bb97 ESET SysInpector version 1.1.0 proof of concept exploit that leverages esiadrv.sys version 3.0.65535.0.