Lucene search
K
PacketstormMost viewed

50748 matches found

Packet Storm
Packet Storm
added 2020/02/10 12:0 a.m.743 views

QuickDate 1.3.2 SQL Injection

Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/02 12:0 a.m.740 views

MySQL / MariaDB / PerconaDB Privilege Escalation / Race Condition

============================================= - Release date: 01.11.2016 - Discovered by: Dawid Golunski - Severity: Critical - CVE-2016-6663 / OCVE-2016-5616 - http://legalhackers.com ============================================= I. VULNERABILITY ------------------------- MySQL / MariaDB /...

10CVSS0.8AI score0.6773EPSS
Exploits21
Packet Storm
Packet Storm
added 2020/11/25 12:0 a.m.739 views

osCommerce 2.3.4.1 Cross Site Scripting

Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/15 12:0 a.m.739 views

GOG GalaxyClientService Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/services' require 'openssl' class MetasploitModule 'GOG GalaxyClientService Privilege Escalation', 'Description' = %q This module will sen...

1AI score0.03778EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/10/13 12:0 a.m.738 views

Apache HTTP Server 2.4.50 Path Traversal / Code Execution

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if...

0.3AI score0.99964EPSS
Exploits62
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.737 views

Taskcafe 0.1.0 / 0.1.1 Cross Origin Resource Sharing

Exploit Title: Taskcafé 0.1.0 and 0.1.1- Cross-Origin Resource Sharing Date: 2020- 09- 02 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://github.com/JordanKnott/ Software Link: https://github.com/JordanKnott/taskcafe Version: 0.1.0 and 0.1.1 Tested on: Kali Linux 2020.3 POC: The web...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/04 12:0 a.m.737 views

SMB DOUBLEPULSAR Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB DOUBLEPULSAR Remote Code Execution', 'Description' = %q This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR...

9.3CVSS0.4AI score0.99693EPSS
Exploits93
Packet Storm
Packet Storm
added 2020/10/30 12:0 a.m.736 views

Wondershare Dr.Fone 3.0.0 Unquoted Service Path

Exploit Title: Wondershare Dr.Fone DriverInstall.exe - "WsDrvInst" Unquoted Service Path Date: 2020-10-29 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.wondershare.com Software Link: https://drfone.wondershare.com/ Version: 3.0.0 Tested on: Microsoft Windows 7sp2 x86/x64 CVE :...

0.3AI score0.00421EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/10/21 12:0 a.m.736 views

School Faculty Scheduling System 1.0 SQL Injection

Exploit Title: School Faculty Scheduling System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2020/10/21 12:0 a.m.735 views

School Faculty Scheduling System 1.0 Cross Site Scripting

Exploit Title: School Faculty Scheduling System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/08 12:0 a.m.736 views

D-Link DSR-250N Denial Of Service

Advisory: Denial of Service in D-Link DSR-250N RedTeam Pentesting discovered a Denial-of-Service vulnerability in the D-Link DSR-250N device which allows unauthenticated attackers in the same local network to execute a CGI script which reboots the device. Details ======= Product: D-Link DSR-250N...

5.6AI score0.17176EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/04/30 12:0 a.m.734 views

Microsoft Windows UAC Privilege Escalation

Hi @ll, Microsoft still ships Windows with and lets it create user-writable directories below the "Windows" directory %SystemRoot%\ -- despite that, with exception of %SystemRoot%\Temp, they are all used to store DATA and SHOULD have been placed below %ProgramData% alias %SystemDrive%\ProgramData...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/26 12:0 a.m.734 views

Squid 4.14 / 5.0.5 Code Execution / Double Free

A Double-Free bug was found in Squid versions 4.14 and 5.0.5 when processing the "acl" directive on configuration files, more specifically the first and second addresses. This may allow arbitrary code execution on a Squid deployment on where the configuration files may be processed from untrusted...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/11 12:0 a.m.734 views

DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/compiler/windows' class MetasploitModule 'DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation', 'Description' = %q This module...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.733 views

WordPress Adning Advertising 1.5.5 Shell Upload

Exploit Title: WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/angwp Date: 23/12/2020 Exploit Author: spacehen Vendor Homepage: http://adning.com/ Version: spacehen www.lunar.sh" def printusage: print"Usage: python3 exploit.py target url ph...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/11/14 12:0 a.m.731 views

MagnusBilling Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'MagnusBilling application unauthenticated Remote Command Execution.', 'Description' = %q A Command Injection vulnerabilit...

9.8CVSS6.9AI score0.9425EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.731 views

Symmetricom SyncServer Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Symmetricom SyncServer Unauthenticated Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection...

9.8CVSS7.1AI score0.92472EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/07/23 12:0 a.m.731 views

ElasticSearch 7.13.3 Memory Disclosure

Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...

6.8AI score0.76249EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.732 views

ERPNext 12.18.0 / 13.0.0 SQL Injection

Trovent Security Advisory 2103-01 Authenticated SQL injection in ERPNext 13.0.0/12.18.0 Overview Advisory ID: TRSA-2103-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2103-01 Affected product: ERPNext Tested versions: 12.18.0 and 13.0.0 beta...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.731 views

Win32k ConsoleControl Offset Confusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Win32k ConsoleControl Offset Confusion', 'Description' = %q A vulnerability exists within win32k that can be leveraged by an attacker to escalate...

7.2CVSS0.80968EPSS
Exploits40
Packet Storm
Packet Storm
added 2020/10/15 12:0 a.m.731 views

Simple Grocery Store Sales And Inventory System 1.0 SQL Injection

Exploit Title: Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass Date: 24/09/2020 Exploit Author: Saurav Shukla & Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14461/simple-grocery-store-sales-and-inventory-system-using-phpmysql-source-code.html...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/31 12:0 a.m.730 views

China Electronic WebSolutions Cnzz.Com 1.0 SQL Injection

Exploit Title : China Electronic WebSolutions Cnzz.Com 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : Cnzz.Com Google Dork : inurl:''/productlist.php?cate='' Tested On : Windows and Linux Category : WebApps Exploit Risk : Medium Version Information : 1...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/14 12:0 a.m.729 views

Sysax MultiServer 6.90 Cross Site Scripting

Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting Google Dork: n.d. Date: 2020-06-02 Exploit Author: Luca Epifanio wrongsid3 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htm Version: MultiServer 6.90 Tested on: Windows 10 x64 CVE :...

4.3CVSS6.4AI score0.03075EPSS
Exploits4
Packet Storm
Packet Storm
added 2013/07/25 12:0 a.m.729 views

Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache Struts 2...

9.3CVSS0.7AI score0.99998EPSS
Exploits18
Packet Storm
Packet Storm
added 2021/12/09 12:0 a.m.728 views

Grafana 8.3.0 Directory Traversal / Arbitrary File Read

Exploit Title: Grafana 8.3.0 - Directory Traversal and Arbitrary File Read Date: 08/12/2021 Exploit Author: s1gh Vendor Homepage: https://grafana.com/ Vulnerability Details: https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p Version: V8.0.0-beta1 through V8.3.0 Description...

7.5CVSS0.1AI score0.88849EPSS
Exploits44
Packet Storm
Packet Storm
added 2020/11/20 12:0 a.m.728 views

Barco wePresent Admin Credential Exposure

KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text Title: Barco wePresent Admin Credentials Exposed In Plain-text Advisory ID: KL-001-2020-005 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt 1. Vulnerability Detai...

8.1AI score0.01543EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/04/14 12:0 a.m.727 views

Trojan.Win32.Jorik.qje Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Jorik.qje Vulnerability: Insecure Permissions Description: Jorik.qje creates an insecur...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.727 views

xuucms 3 SQL Injection

Exploit Title: xuucms 3 - 'keywords' SQL Injection Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.cxuu.top/ Software Link: https://github.com/cbkhwx/cxuucmsv3 Version: cxuucms - v3 CVE : CVE-2020-28091 SQL injection exists in search.php. For details, please refer to:...

0.03751EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/12/28 12:0 a.m.726 views

Microsoft Windows Explorer Preview Pane Security Bypass

Exploit Title: Windows Explorer Preview Pane WMV/WMA media Automatic URI Opening Vulnerability Google Dork: n/a Date: December 25th, 2021 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7, 8.1, 10, 11 x86/x64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.726 views

Sokrates SOWA SowaSQL Cross Site Scripting

Title: SOWA.OPAC Reflected Cross Site Scripting Vulnerability Type: Cross Site Scripting XSS Attack Type: Account Hijacking, Credential Theft, Data Leakage Author: Marek Holka Date: 2020-11-08 Vendor: SOKRATES-software Software Link: https://www.demo.sowwwa.pl/sowacgi.php Version: SOWA.OPAC all...

0.2AI score0.0066EPSS
Exploits2
Packet Storm
Packet Storm
added 2019/08/30 12:0 a.m.726 views

SQL Server Password Changer 1.90 Denial Of Service

Exploit Title: SQL Server Password Changer v1.90 Denial of Service Exploit Date: 29.08.2019 Vendor Homepage:https://www.top-password.com/ Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam TwinTech Solutions Tested Version: v2.10 Tested on: Windows 8 x64 Windows 7 x64 1.- Run python code...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.725 views

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GiveWP Unauthenticated Donation Process Exploit', 'Description' = %q The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress in...

10CVSS7.1AI score0.74283EPSS
Exploits11
Packet Storm
Packet Storm
added 2020/10/21 12:0 a.m.725 views

GOautodial 4.0 Shell Upload

Exploit Title: GOautodial 4.0 - Authenticated Shell Upload Author: Balzabu Discovery Date: 07-23-2020 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Tested on OS: CentOS 7...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.724 views

Internet Download Manager 6.38.12 Buffer Overflow

Exploit Title: Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow PoC Date: November 18, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: http://www.internetdownloadmanager.com/ Software Link: http://www.internetdownloadmanager.com/download.html Version:...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/20 12:0 a.m.724 views

Visitor Management System In PHP 1.0 SQL Injection

Title: Visitor Management System in PHP 1.0 - Authenticated SQL Injection Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On: Windo...

6.5CVSS0.7AI score0.02169EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.723 views

SugarCRM 6.5.18 Cross Site Scripting

Document Title: =============== SugarCRM v6.5.18 - Employees Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2257 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/07/22 12:0 a.m.723 views

Apache 2.4.x mod_proxy Denial Of Service

::: ::::::::: ::: :::::::: ::: ::::::::::::: ::: :::::::::::::::::::::::::::::::::: ::::::::: :+: :+: :+: :+: :+: :+: :+: :+::+: :+::+: :+: :+: :+: :+: :+: :+::+: :+: +:+ +:+ +:+ +:++:+ +:+ +:+ +:+ +:++:+ +:+ +:+ +:+ +:+ +:+ +:++:+ +:+ +++:++++:+++:++++++:++++:++ +++:+++++++:++ +++:++++ ++ ++...

4.3CVSS7.7AI score0.35543EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/04/15 12:0 a.m.722 views

Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Missing Authentication at File Download & Denial of Service product: Siemens A8000 CP-8050/CP-8031 SICAM WEB vulnerable version: SICAM WEB Version 05.80 / Firmware Packag...

7.5CVSS0.5AI score0.02446EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/03/26 12:0 a.m.722 views

Development Kamel KCFinder 1.7 Shell Upload

Exploit Title : Development Kamel - KCFinder Shell Upload Vulnerability + Date : 25/03/2021 + Exploit Author : RAYAN ALi + Home : http://kamel.tech/ + Discovered By : RAYAN + Vendor Homepage : http://kamel.tech/ + Exploit: + http://localhost/resources/admin/Editor/kcfinder/browse.php?type=files +...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/14 12:0 a.m.722 views

Mikrotik RouterOS Telnet Arbitrary Root File Creation

Mikrotik RouterOS telnet arbitrary root file creation 0day ========================================================== This weakness occurs "post-authentication" and can be used to escape the restricted shell on Mikrotik devices and escalate "readonly" privileges. Mikrotik contains a hidden "devel...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/02 12:0 a.m.720 views

Creative Commons Attribution 3.0 SQL Injection

==================================================================================================================================== | Title : Creative Commons Attribution v3.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.718 views

Aerospike Database 5.1.0.3 Remote Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

10CVSS0.3AI score0.86749EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/11/25 12:0 a.m.717 views

SyncBreeze 10.0.28 Remote Buffer Overflow

Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/14 12:0 a.m.717 views

Rapid7 Nexpose Installer 6.6.39 Unquoted Service Path

Exploit Title: Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path Date: 2020-08-31 Exploit Author: Angelo D'Amato Vendor Homepage: https://www.rapid7.com Version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME: nexposeengine TYPE : 10 WIN32OWNPROCESS STARTTYPE ...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/26 12:0 a.m.717 views

e107mygal-download.txt

e107 MyGallery Plugin Arbitrary File Download Vulnerability Release Date: 2008-03-25 Critical: Moderately critical Impact: Exposure of system information, Exposure of sensitive information Where: From remote Solution Status: Unpatched Software: MyGallery v2.3 plugin for e107 Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/01 12:0 a.m.716 views

F5 iControl Server-Side Request Forgery / Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 iControl REST Unauthenticated SSRF Token Generation RCE', 'Description' = %q This module exploits a pre-auth SSRF in the F5 iControl REST API'...

0.5AI score0.99898EPSS
Exploits20
Packet Storm
Packet Storm
added 2021/02/08 12:0 a.m.716 views

Microsoft Internet Explorer 11 Use-After-Free

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Date: 2021-02-05 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7...

7.6CVSS8.1AI score0.86863EPSS
Exploits17
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.716 views

Car Rental Management System 1.0 Shell Upload

Exploit Title: Car Rental Management System 1.0 - Remote Code Execution Authenticated Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/21 12:0 a.m.717 views

Hrsale 2.0.0 Local File Inclusion

Exploit Title: Hrsale 2.0.0 - Local File Inclusion Date: 10/21/2020 Exploit Author: Sosecure Vendor Homepage: https://hrsale.com/index.php Version: version 2.0.0 Description: This exploit allow you to download any readable file from server with out permission and login session. Payload :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/20 12:0 a.m.716 views

Hostel Management System 2.1 Cross Site Scripting

Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City Google Dork: N/A Date: 2020-10-08 Exploit Author: Kokn3t Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/hostel-management-syste...

3.5CVSS5.6AI score0.03185EPSS
Exploits3
Total number of security vulnerabilities5000