Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
added 2020/12/05 12:0 a.m.486 views

Rumble Mail Server 0.51.3135 Unquoted Service Path

Exploit Title: Rumble Mail Server 0.51.3135 - 'rumblewin32.exe' Unquoted Service Path Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.486 views

Infor Storefront B2B 1.0 SQL Injection

Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2017/05/12 12:0 a.m.486 views

Linux Kernel SO_SNDBUFFORCE / SO_RCVBUFFORCE Local Privilege Escalation

// CAPNETADMIN - root LPE exploit for CVE-2016-9793 // No KASLR, SMEP or SMAP bypass included // Affected kernels: 3.11 - 4.8 // Tested in QEMU only // https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793 // // Usage: // gcc -pthread exploit.c -o exploit // chown guest:guest exploit...

7.2CVSS0.8AI score0.01566EPSS
Exploits8
Packet Storm
Packet Storm
added 2025/02/11 12:0 a.m.485 views

NetAlertX 24.9.12 Command Injection

An attacker can update NetAlertX settings with no authentication, which results in command injection. Versions 23.01.14 through 24.9.12 are affected. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.3AI score0.62307EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.485 views

SugarCRM 12.2.0 PHP Object Injection

------------------------------------------------------------------------------- SugarCRM = 12.2.0 DocusignGlobalSettings PHP Object Injection Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions...

7.2CVSS7.1AI score0.01222EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/11/29 12:0 a.m.485 views

Remote Control Collection Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Control Collection RCE', 'Description' = %q This module utilizes the Remote Control Server's, part of the Remote Control Collection by...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/09 12:0 a.m.485 views

Prestashop Blockwishlist 2.1.0 SQL Injection

Exploit Title: Prestashop blockwishlist module 2.1.0 - SQLi Date: 29/07/22 Exploit Author: Karthik UJ @5up3r541y4n Vendor Homepage: https://www.prestashop.com/en Software Link blockwishlist: https://github.com/PrestaShop/blockwishlist/releases/tag/v2.1.0 Software Link prestashop:...

8.8CVSS0.1AI score0.24146EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/03/15 12:0 a.m.485 views

SonLogger 4.2.3.3 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...

7.5CVSS9.7AI score0.46021EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/12/18 12:0 a.m.485 views

Jenkins 2.251 / LTS 2.235.3 Cross Site Scripting

Exploit Title: Jenkins Stored XSS vulnerability in 'Trigger builds remotely' Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: '. To understand how remote build trigger works, have a look at this post...

3.5CVSS5.8AI score0.05298EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/09 12:0 a.m.485 views

Task Management System 1.0 Cross Site Scripting

Exploit Title: Task Management System 1.0 - 'First Name and Last Name' Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/04 12:0 a.m.485 views

Noise-Java AESGCMOnCtrCipherState.encryptWithAd() Insufficient Boundary Checks

Vulnerability title: Noise-Java AESGCMOnCtrCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25023 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is currentl...

6.8CVSS6.5AI score0.02553EPSS
Exploits11
Packet Storm
Packet Storm
added 2016/12/29 12:0 a.m.485 views

PHPMailer Remote Code Execution

Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full Advisory:...

0.1AI score0.99714EPSS
Exploits58
Packet Storm
Packet Storm
added 2010/01/11 12:0 a.m.485 views

Nginx, Varnish, Cherokee, etc Log Injection

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Name Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection Systems Affected nginx 0.7.64 Varnish 2.0.6 Cherokee 0.99.30...

5CVSS0.4AI score0.27008EPSS
Exploits18
Packet Storm
Packet Storm
added 2024/03/20 12:0 a.m.484 views

Teacher Subject Allocation Management System 1.0 SQL Injection

Exploit Title: Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://phpgurukul.com/teacher-subject-allocation-system-using-php-and-mysql Software Link:...

7.5CVSS7.4AI score0.01079EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/08 12:0 a.m.484 views

io_uring __io_uaddr_map() Dangerous Multi-Page Handling

iouring: iouaddrmap handles multi-page region dangerously iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. A comment in iouaddrmap explains that the imported...

5.5CVSS7.4AI score0.00282EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/09/18 12:0 a.m.484 views

Razer Synapse Race Condition / DLL Hijacking

Advisory ID: SYSS-2023-002 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.8.0428.042117 20230601 Tested Versions: 3.8.0228.022313 20230315 under Windows 10 Pro 10.0.19044 under Windows 11 Home 10.0.22621 Vulnerability Type: Improper Privilege Management CWE-2...

7.8CVSS7.1AI score0.00889EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/09/14 12:0 a.m.484 views

Windows Common Log File System Driver (clfs.sys) Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Common Log File System Driver clfs.sys Elevation of Privilege Vulnerability', 'Description' = %q A privilege escalation vulnerability...

7.8CVSS7.1AI score0.48973EPSS
Exploits10
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.484 views

PostgreSQL 9.6.1 Remote Code Execution

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Date: 2023-02-01 Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 ...

9CVSS7AI score0.91877EPSS
Exploits17
Packet Storm
Packet Storm
added 2021/10/26 12:0 a.m.484 views

Simplephpscripts Simple CMS 2.1 Cross Site Scripting

Document Title: =============== Simplephpscripts Simple CMS v2.1 - XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2301 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID: ====================================...

Exploits0
Packet Storm
Packet Storm
added 2019/06/11 12:0 a.m.484 views

Webmin 1.910 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin Package Updates Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in Webmin...

9CVSS0.77813EPSS
Exploits9
Packet Storm
Packet Storm
added 2010/05/28 12:0 a.m.484 views

Nginx 0.6.36 Path Traversal

Exploit Title: nginx engine x http server Software Link: http://nginx.org/ Version: = 0.6.36 Tested on: Win32 Path Traversal: A Path Traversal attack aims to access files and directories that are stored outside the web root folder. By browsing the application, the attacker looks for absolute link...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/14 12:0 a.m.483 views

InvoiceShelf 1.3.0 Remote Code Execution

This Metasploit module exploits a PHP deserialization vulnerability in InvoiceShelf versions 1.3.0 and below that results in remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModul...

9.8CVSS7.9AI score0.4356EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/11/12 12:0 a.m.483 views

WordPress WP Symposium Pro 2021.10 Cross Site Scripting

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/27 12:0 a.m.483 views

Apache Druid 0.20.0 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Druid 0.20.0 Remote Command Execution', 'Description' = %q Apache Druid includes the ability to execute user-provided JavaScript code...

9CVSS0.3AI score0.99217EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/03/31 12:0 a.m.483 views

IRC-Worm.Win32.Silentium.a Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7a3c4ec00ba952207f25d1189c86ce22.txt Contact: [email protected] Media: twitter.com/malvuln Threat: IRC-Worm.Win32.Silentium.a Vulnerability: Insecure Permissions Description: Silentium.a creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/24 12:0 a.m.483 views

VMware vCenter 6.5 / 7.0 Remote Code Execution Proof Of Concept

-- coding:utf-8 -- banner = """ 888888ba dP 88 8b 88 a88aaaa8P' .d8888b. d8888P .d8888b. dP dP 88 8b. 88' 88 88 Y8ooooo. 88 88 88 .88 88. .88 88 88 88. .88 88888888P 88888P8 dP 88888P' 88888P' ooooooooooooooooooooooooooooooooooooooooooooooooooooo @time:2021/02/24 CVE-2021-21972.py C0de by...

0.5AI score0.9957EPSS
Exploits47
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.483 views

Cisco UCS Director Cloupia Script Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS...

7.5CVSS0.88374EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.482 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.482 views

Zyxel zysh Format String Proof Of Concept

!/usr/bin/expect -f raptorzyshfhtagn.exp - zysh format string PoC exploit Copyright c 2022 Marco Ivaldi "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far." -- H. P. Lovecraft, The Call of Cthulhu "Multiple improper inpu...

7.8CVSS7.4AI score0.05805EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/11/05 12:0 a.m.482 views

Pentaho Business Analytics / Pentaho Business Server 9.1 User Enumeration

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Jackrabbit User Enumeration Solution Status: Fix Released on public GitHub repository Manufacturer Notification: 8th February 2021 Solution Date: Wont...

5.8AI score0.00951EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/10/16 12:0 a.m.482 views

CS-Cart 1.3.3 Local File Inclusion

Exploit Title: CS-Cart unauthenticated LFI Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.4 Vulnerability Type: unauthenticated LFI...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/02 12:0 a.m.482 views

Platinum Mobile 1.0.4.850 Authorization Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken Access Control product: Platinum Mobile vulnerable version: 1.0.4.850 fixed version: 1.0.4.851 CVE number: - impact: critical homepage:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.482 views

Wing FTP Server 6.3.8 Remote Code Execution

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/06/21 12:0 a.m.482 views

Apache CouchDB Remote Code Execution

Title: Apache CouchDB 2.1.0 - Remote Code Execution Author: Cody Zacharias Shodan Dork: port:5984 Vendor Homepage: http://couchdb.apache.org/ Software Link: http://archive.apache.org/dist/couchdb/source/1.6.0/ Version: = 1.7.0 and 2.x - 2.1.0 Tested on: Debian CVE : CVE-2017-12636 References:...

10CVSS0.3AI score0.99838EPSS
Exploits21
Packet Storm
Packet Storm
added 2007/03/14 12:0 a.m.482 views

Core Security Technologies Advisory 2007.0219

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ OpenBSD's IPv6 mbufs remote kernel buffer overflow Date Published: 2007-03-13 Last Update: 2007-03-13 Advisory ID: CORE-2007-0219 Bugtraq ID: None currently assigned...

10CVSS0.6AI score0.1779EPSS
Exploits1
Packet Storm
Packet Storm
added 2022/03/15 12:0 a.m.481 views

Laravel Media Library Pro 2.1.6 Shell Upload

Exploit Title: Laravel Media Library Pro Vendor Homepage: https://spatie.be/ Software Link: https://spatie.be/products/media-library-pro Version: =1.17.10 & =2.1.6 Tested on: Laradock PHP 8.0 inside Ubuntu 20.04 CVE : CVE-2021-45040 Description: The Spatie media-library-pro library through 1.17.1...

0.4AI score0.03106EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/02/17 12:0 a.m.481 views

Vicidial 2.14-783a SQL Injection

Document Title: =============== Vicidial v2.14-783a - DB SQL Injection Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2312 Release Date: ============= 2022-02-17 Vulnerability Laboratory ID VL-ID: ====================================...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/11 12:0 a.m.481 views

Courier Management System 1.0 Cross Site Scripting

Exploit Title: Courier Management System 1.0 - 'First Name' Stored XSS Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.481 views

INNEO Startup TOOLS 2018 M040 13.0.70.3804 Remote Code Execution

Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Date: 2020-07-23 Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory: SYSS-2020-028...

0.2AI score0.16585EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/06/12 12:0 a.m.481 views

OX Guard 2.10.3 Cross Site Scripting / Server-Side Request Forgery

Product: OX Guard Vendor: OX Software GmbH Internal reference: GUARD-179 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 2.10.3 Vulnerable component: guard Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.10.2-rev9, 2.10.3-rev4 Vendor notification...

0.6AI score0.0118EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/01/24 12:0 a.m.481 views

Realtek SDK Information Disclosure / Code Execution

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ MULTIPLE VULNERABILITIES IN SEVERAL SERIES OF REALTEK SDK BASED ROUTERS TOTOLINK AND MANY OTHER Blazej Adamczyk br0x [email protected] https://sploit.tech/ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 11.12.2019 1 Sensitive data...

8.2AI score0.29557EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/06/28 12:0 a.m.481 views

Cisco Adaptive Security Appliance Path Traversal

''' Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques. Vulnerable Products This vulnerability affects Cisco ASA...

0.3AI score0.99903EPSS
Exploits18
Packet Storm
Packet Storm
added 2017/04/10 12:0 a.m.481 views

WebKit Synchronous Page Load UXSS

WebKit: UXSS via a synchronous page load CVE-2017-2480 Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed. bool SubframeLoader::requestFrameHTMLFrameOwnerElement& ownerElement, const String& urlString, const AtomicString&...

4.3CVSS7.5AI score0.04314EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/10/14 12:0 a.m.480 views

Peel Shopping 2.x Cross Site Scripting / SQL Injection

Exploit Title: Peel Shopping "catid=" SQL injection Google Dork: inurl:/lire/index.php?rubid= Date: 2024-10-02 Exploit Author: Emiliano Febbi Vendor Homepage: https://www.peel-shopping.com/ Software Link: https://github.com/advisto/peel-shopping Version: 2.x Peel Shopping 2.x Peel Shopping 2.x 3....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/24 12:0 a.m.480 views

Netman 204 4.05 SQL Injection / Unauthenticated Password Reset

CyberDanube Security Research 20240919-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Netman 204 vulnerable version| 4.05 fixed version| - CVE number| CVE-2024-8877, CVE-2024-8878 impact| High homepage|...

7.4AI score0.7703EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/08/25 12:0 a.m.480 views

PrestaShop Ap Pagebuilder 2.4.4 SQL Injection

Exploit Title: AP PAGEBUILDER Prestashop module = 2.4.4 'productalloneimg' , 'imageproduct' Blind SQL Injection Date: 24-08-2022 Exploit Author: Mohamed Ali Hammami Vendor Homepage: https://apollotheme.com/ Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module Version:...

0.5AI score0.10814EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/17 12:0 a.m.480 views

Online Tours And Travels Management System 1.0 SQL Injection

Exploit Title: Online Tours & Travels Management System 1.0 - "id" SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Software...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/03 12:0 a.m.480 views

EgavilanMedia Address Book 1.0 SQL Injection

Exploit Title: EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass Date: 02-12-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/egm-address-book/ Version: 1.0 Tested on: PopOS Attack Vector: An attacker can gain...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.480 views

Web Based Online Hotel Booking System 0.1.0 SQL Injection

Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/16 12:0 a.m.480 views

Citrix ADC / Gateway Path Traversal

Exploit Title: Path Traversal in Citrix Application Delivery Controller ADC and Gateway. Date: 17-12-2019 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor Homepag...

7.5CVSS10AI score0.99999EPSS
Exploits48
Total number of security vulnerabilities5000