Packet Storm

Daily Habit Tracker version 1.0 suffers from a remote SQL injection vulnerability.

Daily Habit Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.

Employee Management System version 1.0 suffers from additional remote SQL injection vulnerabilities. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.

WordPress Simple Backup plugin versions prior to 2.7.10 suffer from file download and path traversal vulnerabilities.

OpenCart Core version 4.0.2.3 suffers from a remote SQL injection vulnerability.

Online Hotel Booking in PHP version 1.0 suffers from a remote blind SQL injection vulnerability.

ASUS Control Center Express version 01.06.15 suffers from an unquoted service path vulnerability.

Microsoft Windows version 10.0.17763.5458 kernel IOCTL privilege escalation exploit.

This archive contains all of the 137 exploits added to Packet Storm in March, 2024.

Debian Linux Security Advisory 5651-1 - Two security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or denial of service.