Lucene search
K

11 matches found

Patchstack
Patchstack
added 2024/05/31 2:40 a.m.12 views

WordPress HTML5 Video Player plugin < 2.5.27 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Mayank Deshmukh in WordPress Plugin Flash & HTML5 Video versions 2.5.27...

6.5CVSS7AI score0.02639EPSS
Exploits6References1Affected Software1
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.293 views

Control Web Panel 7 (CWP7) 0.9.8.1147 Remote Code Execution

// Exploit Title: Control Web Panel 7 CWP7 v0.9.8.1147 - Remote Code Execution RCE // Date: 2023-02-02 // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://centos-webpanel.com/ // Affected Versions: version 0.9.8.1147 // Tested on: Kali Linux // CVE : CVE-2022-44877 // Github POC:...

9.8CVSS9.4AI score0.99995EPSS
Exploits12
0day.today
0day.today
added 2023/04/05 12:0 a.m.305 views

Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution Exploit

// Exploit Title: Control Web Panel 7 CWP7 v0.9.8.1147 - Remote Code Execution RCE // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://centos-webpanel.com/ // Affected Versions: version 0.9.8.1147 // Tested on: Kali Linux // CVE : CVE-2022-44877 // Github POC:...

9.8CVSS9.2AI score0.99995EPSS
Exploits12
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.240 views

Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution (RCE)

// Exploit Title: Control Web Panel 7 CWP7 v0.9.8.1147 - Remote Code Execution RCE // Date: 2023-02-02 // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://centos-webpanel.com/ // Affected Versions: version 0.9.8.1147 // Tested on: Kali Linux // CVE : CVE-2022-44877 // Github POC:...

9.8CVSS9.6AI score0.99995EPSS
Exploits12
0day.today
0day.today
added 2022/02/28 12:0 a.m.710 views

Casdoor 1.13.0 - SQL Injection (Unauthenticated) Vulnerability

// Exploit Title: Casdoor 1.13.0 - SQL Injection Unauthenticated // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://casdoor.org/ // Software Link: https://github.com/casdoor/casdoor/releases/tag/v1.13.0 // Version: version 1.13.1 // Security Advisory:...

7.5CVSS0.8AI score0.58927EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/02/28 12:0 a.m.228 views

Casdoor 1.13.0 SQL Injection

// Exploit Title: Casdoor 1.13.0 SQL Injection Unauthenticated // Date: 2022-02-25 // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://casdoor.org/ // Software Link: https://github.com/casdoor/casdoor/releases/tag/v1.13.0 // Version: version 1.13.1 // Security Advisory:...

7.5CVSS0.58927EPSS
Exploits9
0day.today
0day.today
added 2021/10/05 12:0 a.m.367 views

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Vulnerability

Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ version 7.12.3 Tested o...

5.3CVSS0.5AI score0.99937EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/10/05 12:0 a.m.363 views

Atlassian Jira Server/Data Center 8.4.0 File Read

Exploit Title: Atlassian Jira Server/Data Center 8.4.0 - Limited Remote File Read/Include Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤...

5CVSS0.3AI score0.99999EPSS
Exploits6
0day.today
0day.today
added 2021/05/31 12:0 a.m.30 views

PHP 8.1.0-dev Backdoor Remote Command Execution Exploit (2)

PHP version 8.1.0-dev unauthenticated remote command execution proof of concept exploit that leverages the backdoor. !/usr/bin/env python3 Exploit Title: PHP 8.1.0-dev WebShell RCE Unauthenticated Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.php.net/ Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2021/03/18 12:0 a.m.976 views

CuteNews 2.1.2 Shell Upload Exploit

CuteNews version 2.1.2 Avatar upload remote shell upload exploit. Original discovery of remote shell upload in this version is attributed to Ozkan Mustafa Akkus in April of 2019. ! /usr/bin/env python3 Exploit Title: CuteNews 2.1.2 - Avatar upload RCE Authenticated Exploit Author: Mayank Deshmukh...

8.8CVSS0.5AI score0.52901EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/03/17 12:0 a.m.995 views

CuteNews 2.1.2 Shell Upload

! /usr/bin/env python3 Exploit Title: CuteNews 2.1.2 - Avatar upload RCE Authenticated Exploit Author: Mayank Deshmukh Date: 2021-03-17 Vendor Homepage: https://cutephp.com/ Software Link: https://cutephp.com/click.php?cutenewslatest Version: 2.1.2 CVE: CVE-2019-11447 CVE Reference:...

6.5CVSS8.7AI score0.52901EPSS
Exploits10
Rows per page
Query Builder