Lucene search
K
PacketstormMost viewed

50773 matches found

Packet Storm
Packet Storm
•added 2021/02/10 12:0 a.m.•505 views

Online Car Rental 1.0 Shell Upload

Exploit Title: Online Car Rental 1.0 | Arbitrary file upload Exploit Author: Richard Jones Date: 2021/09/02 Vendor Homepage: https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/10/28 12:0 a.m.•505 views

Gym Management System 1.0 SQL Injection

Exploit Title: Gym Management System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
•added 2020/07/27 12:0 a.m.•505 views

Port Forwarding Wizard 4.8.0 Buffer Overflow

Exploit Title: Port Forwarding Wizard 4.8.0 - Buffer Overflow SEH Exploit Author: Sarang Tumne Date: 2020-07-18 CVE ID: N/A Confirmed on release 4.8.0 and 4.5.0 Vendor: http://www.port-forwarding.net/ Tested on OS- Windows Vista Buffer overflow in upRedSun Port Forwarding Wizard 4.8.0 and earlier...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/04/15 12:0 a.m.•504 views

Django REST Framework SimpleJWT 5.3.1 Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

7.4AI score0.00804EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/03/28 12:0 a.m.•504 views

util-linux wall Escape Sequence Injection

Wall-Escape CVE-2024-28085 Skyler Ferrante: Escape sequence injection in util-linux wall ================================================================= Summary ================================================================= The util-linux wall command does not filter escape sequences from...

7.4AI score0.02242EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/07/11 12:0 a.m.•504 views

Microsoft 365 MSO 2306 Build 16.0.16529.20100 Remote Code Execution

Title: Microsoft Outlook ®Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit RCE Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference: https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/...

8.8CVSS7.1AI score0.05718EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/01/10 12:0 a.m.•504 views

WordPress Slider Revolution 4.6.5 Shell Upload

==================================================================================================================================== | Title : WordPress - Slider Revolution 4.6.5 WordPress - Slider Revolution 4.6.5 shell upload 0-day exploit | | Author : indoushka | | Tested on : windows 10...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/07/01 12:0 a.m.•504 views

BigBlueButton 2.3 / 2.4.7 Cross Site Scripting

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References -----------------...

5.7AI score0.01179EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/11/28 12:0 a.m.•504 views

Nextar C472 POS DLL Hijacking

/ Description: A vulnerability exists in windows that allows other applications dynamic link libraries to execute malicious code without the users consent, in the privelage context of the targeted application. Exploit Title: Nextar C472 POS DLL Hijacking Exploit nxmm.dll - mdmdregistration.dll...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/30 12:0 a.m.•504 views

Micro Focus Operations Bridge Reporter Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Reporter Unauthenticated Command Injection', 'Description' = %q This module exploits a command injection...

10CVSS0.4AI score0.9674EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/03/08 12:0 a.m.•504 views

Joomla JCK Editor 6.4.4 SQL Injection

Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...

7.5CVSS0.3AI score0.82976EPSS
Exploits5
Packet Storm
Packet Storm
•added 2020/07/22 12:0 a.m.•504 views

Docsify.js 4.11.4 Cross Site Scripting

Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...

6.6AI score0.045EPSS
Exploits5
Packet Storm
Packet Storm
•added 2020/05/20 12:0 a.m.•504 views

CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow

Exploit Title: CloudMe 1.11.2 - SEH/DEP/ASLR Buffer Overflow Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...

0.5AI score
Exploits0
Packet Storm
Packet Storm
•added 2025/04/23 12:0 a.m.•503 views

📄 BentoML Runner Server Remote Code Execution

There was an insecure deserialization in BentoML's runner server prior to version 1.4.8. By setting specific headers and parameters in the POST request, it is possible to execute unauthorized arbitrary code in the context of the user running the server, which will grant initial access and...

9.8CVSS9.2AI score0.45773EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/12/06 12:0 a.m.•503 views

CE Phoenixcart 1.0.8.20 Shell Upload

Title: PhoenixCart-1.0.8.20-File-Upload-Bypass-override-htaccess-security-RCE Author: nu11secur1ty Date: 12/06/2023 Vendor: https://phoenixcart.org/index.php Software: https://github.com/CE-PhoenixCart/PhoenixCart/archive/master.zip Reference: https://portswigger.net/web-security/file-upload,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/12/19 12:0 a.m.•503 views

Senayan Library Management System 9.2.0 SQL Injection

Title: Senayan Library Management System v9.2.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.19.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.0 Reference:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/28 12:0 a.m.•503 views

Trojan-Dropper.Win32.Injector.aobl Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/842f6f21a2a83792e98900df90c9340b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Injector.aobl Vulnerability: Insecure Permissions Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•503 views

Webmail Edition 5.2.22 XSS / Remote Code Execution

Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...

4.3CVSS6.2AI score0.04944EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•502 views

Microsoft Exchange ProxyLogon Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q This module exploit a vulnerability on Microsoft Exchange Serv...

9.8CVSS7.6AI score0.99999EPSS
Exploits63
Packet Storm
Packet Storm
•added 2023/01/12 12:0 a.m.•502 views

Online Food Ordering System 2.0 SQL Injection

Exploit Title: Online Food Ordering System v2 - Sql Injection Time-Based Blind Date: 01/11/2023 Exploit Author: Hasan Baskın Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/01/27 12:0 a.m.•502 views

Oracle WebLogic Server 14.1.1.0.0 Local File Inclusion

Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...

7.5CVSS7.7AI score0.92331EPSS
Exploits6
Packet Storm
Packet Storm
•added 2021/04/28 12:0 a.m.•502 views

Backdoor.Win32.Agent.afq Heap Corruption

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/853754de6b8ffbe1321a8c91aab5c232C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.afq Vulnerability: Remote Heap Corruption Description: The malwares built-in...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/03/22 12:0 a.m.•502 views

Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure

Advisory ID: SYSS-2020-044 Product: Zoom Manufacturer: Zoom Video Communications, Inc. Affected Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Tested Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Vulnerability Type: Exposure of Resource to Wrong Sphere CWE-668 Risk Level: Medium Solution Status: Open...

4.8AI score0.16289EPSS
Exploits2
Packet Storm
Packet Storm
•added 2020/12/02 12:0 a.m.•502 views

Simple College Website 1.0 Local File Inclusion

Exploit Title: Simple College Website 1.0 - 'page' Local File Inclusion Date: 30-10-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2011/04/28 12:0 a.m.•502 views

ClanSphere 2011.0 Shell Upload / Local File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/11/28 12:0 a.m.•501 views

SmartNode SN200 3.21.2-23021 OS Command Injection

Advisory ID: SYSS-2023-019 Product: SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway Manufacturer: Patton LLC Affected Versions: = 3.21.2-23021 Tested Versions: 2.21.1-22041, 3.21.2-23021, 3.22.0-23083 Vulnerability Type: OS Command Injection CWE-78 Vulnerability Type: Improper Access...

9.8CVSS7.4AI score0.64113EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/08/25 12:0 a.m.•501 views

HP OfficeJet 4630/7110 MYM1FN2025AR 2117A Cross Site Scripting

Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Date: 01/08/2021 Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...

Exploits0
Packet Storm
Packet Storm
•added 2021/05/27 12:0 a.m.•501 views

CommScope Ruckus IoT Controller 1.7.1.0 Web Application Arbitrary Read/Write

KL-001-2021-006: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write Title: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write Advisory ID: KL-001-2021-006 Publication Date: 2021.05.26 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-006.t...

0.7AI score0.02304EPSS
Exploits8
Packet Storm
Packet Storm
•added 2020/12/25 12:0 a.m.•501 views

URVE Software Build 24.03.2020 Authentication Bypass / Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-040 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High...

10CVSS0.8AI score0.04818EPSS
Exploits2
Packet Storm
Packet Storm
•added 2020/08/25 12:0 a.m.•501 views

Chrome NewFixedArray Missing Array Size Check

Chrome: Missing array size check in NewFixedArray VULNERABILITY DETAILS V8 caps the number of elements a fixed array can contain1. Most of the code that needs to create or resize a fast JS array i.e. one that's backed by a fixed array rather than a dictionary ends up calling either the regular C+...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/09/04 12:0 a.m.•500 views

ManageEngine Applications Manager Authenticated Remote Code Execution

!/usr/bin/python3 Exploit Title: ManageEngine Applications Manager - Authenticated RCE via Java class reflection in Weblogic server test credential API Google Dork: None Date: 04-09-2020 Exploit Author: Hodorsec Vendor Homepage: https://manageengine.co.uk Vendor Vulnerability Description:...

0.7AI score0.35773EPSS
Exploits4
Packet Storm
Packet Storm
•added 2018/08/29 12:0 a.m.•501 views

Argus Surveillance DVR 4.0.0.0 SYSTEM Privilege Escalation

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-SYSTEM-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Greetz: Greetz: indoushka | Eduardo | GGA Vendor www.argussurveillance.com Product Argus...

0.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/05 12:0 a.m.•499 views

Easy Chat Server 3.1 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: Easy Chat Server 3.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 05 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1ZbfeaWSEKlpvCG1eUtD0vNnfkNz8PlE/view Notification vendor: No reported...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/08/28 12:0 a.m.•499 views

Nagios Log Server 2.1.6 Cross Site Scripting

Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...

3.5CVSS5.6AI score0.14414EPSS
Exploits3
Packet Storm
Packet Storm
•added 2020/08/28 12:0 a.m.•499 views

SUPERAntiSpyware Professional X Trial Privilege Escalation

Exploit Title: SUPERAntiSpyware Professional X Trial 10.0.1206 Local Privilege Escalation Date: 2020-08-28 Exploit Author: b1nary Vendor Homepage: https://www.superantispyware.com/ Software Link: https://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWARE Version: 10.0.1206 lowe...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2011/06/25 12:0 a.m.•499 views

eHub SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•498 views

PHPJabbers Availability Booking Calendar 5.0 HTML Injection

Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - HTML Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0...

7.4AI score0.00453EPSS
Exploits2
Packet Storm
Packet Storm
•added 2022/01/05 12:0 a.m.•498 views

RiteCMS 3.1.0 Arbitrary File Overwrite

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Overwrite Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: Browse...

0.5AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/12/24 12:0 a.m.•498 views

GitLab 11.4.7 Remote Code Execution

Exploit Title: GitLab 11.4.7 - RCE Authenticated Date: 24th December 2020 Exploit Author: Sam Redmond Software Link: https://gitlab.com/ Environment: GitLab 11.4.7, community edition CVE: CVE-2018-19571 + CVE-2018-19585 Version: 11.4.7 !/usr/bin/python3 import requests from bs4 import BeautifulSo...

5CVSS7.5AI score0.27983EPSS
Exploits5
Packet Storm
Packet Storm
•added 2020/12/01 12:0 a.m.•498 views

SciKit-Learn 0.23.2 Denial Of Service

Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence technique with a large value in the nsuppo...

7.5AI score0.03429EPSS
Exploits3
Packet Storm
Packet Storm
•added 2020/09/17 12:0 a.m.•498 views

Microsoft Spooler Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Spooler Local Privilege Elevation Vulnerability', 'Description' = %q This exploit leverages a file write vulnerability in the print...

7.2CVSS0.5AI score0.16502EPSS
Exploits10
Packet Storm
Packet Storm
•added 2020/08/28 12:0 a.m.•498 views

Symphony CMS 3.0.0 Cross Site Scripting

Exploit Title: SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2020-08-28 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.getsymphony.com/ Software Link: https://www.getsymphony.com/ Version: 3.0.0 Tested on: Windows CVE : N/A...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2019/08/23 12:0 a.m.•498 views

Webmin 1.920 password_change.cgi Backdoor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin passwordchange.cgi Backdoor', 'Description' = %q This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the...

0.1AI score0.99766EPSS
Exploits37
Packet Storm
Packet Storm
•added 2019/02/02 12:0 a.m.•498 views

SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting

Issue: Reflected Cross-Site Scripting CVE: CVE-2018-19934 Security researcher: Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.6.25 current as of Dec 2018 Fixed in: Serv-U 15.1.6 hotfix 3 Overview The Serv-U FTP Server is vulnerable to a...

5.3AI score0.05525EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/19 12:0 a.m.•497 views

Ewon Cosy+ Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-017 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Cleartext Storage of Sensitive Information...

8.5CVSS7.4AI score0.03249EPSS
Exploits7
Packet Storm
Packet Storm
•added 2023/04/17 12:0 a.m.•497 views

GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal

Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...

7.6AI score0.60793EPSS
Exploits4
Packet Storm
Packet Storm
•added 2022/08/12 12:0 a.m.•497 views

Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow

Windows: Heap buffer overflow in sxs!CNodeFactory::XMLParserElementdocassemblyassemblyIdentity SUMMARY A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges. VULNERABILITY DETAILS In 2020, Proje...

8.8CVSS0.7AI score0.04447EPSS
Exploits2
Packet Storm
Packet Storm
•added 2017/10/02 12:0 a.m.•497 views

Dnsmasq 2-Byte Heap-Based Overflow

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open three terminals docker build -t dnsmasq . docker run --rm -t -i...

0.84925EPSS
Exploits6
Packet Storm
Packet Storm
•added 2023/12/22 12:0 a.m.•496 views

Hospital Management System 4.0 XSS / Shell Upload / SQL Injection

Description: Mutiple vulnerabilties were discovered in Hospital Management System Affected CMS: Hospital Management System Affected Version: unread query - type something in admin remark e.g test and submit Step 3. Replace the POST body to below payload and server will respond after 5 second...

7.4AI score0.01181EPSS
Exploits6
Packet Storm
Packet Storm
•added 2023/08/25 12:0 a.m.•496 views

Business Directory Script 3.2 SQL Injection

Title: Business-Directory-Script-3.2 SQLi Author: nu11secur1ty Date: 08/25/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/business-directory-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The column parameter appears to...

7.1AI score
Exploits0
Total number of security vulnerabilities5000