Lucene search
K
PacketstormMost viewed

50784 matches found

Packet Storm
Packet Storm
added 2021/11/12 12:0 a.m.481 views

Mumara Classic 2.93 SQL Injection

Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection Unauthenticated Date: 2021-11-11 Exploit Author: v0yager Shain Lakin Vendor Homepage: https://mumara.com Version: = 2.93 Tested on: CentOS 7 -==== Vulnerability ====- An SQL injection vulnerability in licenseupdate.php in Mumara Classic...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/20 12:0 a.m.481 views

Macro Expert 4.7 Unquoted Service Path

Exploit Title: Macro Expert 4.7 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 3.11.8 Date: 20.10.2021 Vendor Homepage: http://www.macro-expert.com/ Tested on: Windows 10 C:\Users\Mertsc qc "Macro Expert" SC QueryServiceConfig SUCCESS SERVICENAME: Macro Expert TYPE : 10 WIN32OWNPROCESS...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.481 views

Pandora FMS 7.0 NG 750 SQL Injection

Exploit Title: Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection Authenticated Date: 12-21-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/d08e60f13a858fbd22ce6b83fa8ca391c608ec5c Software...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/17 12:0 a.m.481 views

Online Tours And Travels Management System 1.0 SQL Injection

Exploit Title: Online Tours & Travels Management System 1.0 - "id" SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Software...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/03 12:0 a.m.481 views

EgavilanMedia Address Book 1.0 SQL Injection

Exploit Title: EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass Date: 02-12-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/egm-address-book/ Version: 1.0 Tested on: PopOS Attack Vector: An attacker can gain...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.481 views

INNEO Startup TOOLS 2018 M040 13.0.70.3804 Remote Code Execution

Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Date: 2020-07-23 Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory: SYSS-2020-028...

0.2AI score0.16585EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.481 views

Web Based Online Hotel Booking System 0.1.0 SQL Injection

Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/12 12:0 a.m.481 views

OX Guard 2.10.3 Cross Site Scripting / Server-Side Request Forgery

Product: OX Guard Vendor: OX Software GmbH Internal reference: GUARD-179 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 2.10.3 Vulnerable component: guard Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.10.2-rev9, 2.10.3-rev4 Vendor notification...

0.6AI score0.0118EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/01/24 12:0 a.m.481 views

Realtek SDK Information Disclosure / Code Execution

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ MULTIPLE VULNERABILITIES IN SEVERAL SERIES OF REALTEK SDK BASED ROUTERS TOTOLINK AND MANY OTHER Blazej Adamczyk br0x [email protected] https://sploit.tech/ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 11.12.2019 1 Sensitive data...

8.2AI score0.29557EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/01/16 12:0 a.m.481 views

Citrix ADC / Gateway Path Traversal

Exploit Title: Path Traversal in Citrix Application Delivery Controller ADC and Gateway. Date: 17-12-2019 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor Homepag...

7.5CVSS10AI score0.99999EPSS
Exploits48
Packet Storm
Packet Storm
added 2017/04/10 12:0 a.m.481 views

WebKit Synchronous Page Load UXSS

WebKit: UXSS via a synchronous page load CVE-2017-2480 Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed. bool SubframeLoader::requestFrameHTMLFrameOwnerElement& ownerElement, const String& urlString, const AtomicString&...

4.3CVSS7.5AI score0.04314EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/12/15 12:0 a.m.480 views

SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection

SEC Consult Vulnerability Lab Security Advisory ============================================================================== title: Remote ADBC SQL Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver vulnerable version: see vulnerable/tested versions section below fixed version: se...

9.1CVSS0.2AI score0.02011EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.480 views

Hostel Management System 2.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: PHPGurukul Hostel Management System 2.1 - Cross-site request forgery CSRF to Cross-site Scripting XSS Date: 2021-10-27 Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Vulnerable...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/11 12:0 a.m.479 views

Kafka UI 0.7.1 Code Injection

============================================================================================================================================= | Title : Kafka UI 0.7.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/18 12:0 a.m.479 views

Membership Management System 1.1 SQL Injection

==================================================================================================================================== | Title : Membership Management System 1.1 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.480 views

TVT NVMS-1000 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TVT NVMS-1000 Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability which exists in...

7.5CVSS7AI score0.96071EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/03/28 12:0 a.m.479 views

Asterisk AMI 18.20.0 File Content / Path Disclosure

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.4AI score0.4557EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.479 views

WordPress Workreap 2.2.2 Shell Upload

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...

9.8CVSS7.1AI score0.60113EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/12/20 12:0 a.m.479 views

Alfa Team Shell Tesla 4.1 Remote Code Execution

Exploit Title: ALFA TEAM SHELL TESLA 4.1 - 'cmd' Remote Code Execution Unauthenticated Google Dork: inurl:/alfacgiapi intext:alfa Date: 2021-12-19 Exploit Author: Aryan Chehreghani Vendor Homepage: http://solevisible.com Software Link: https://phpshells.com/alfa-tesla-v4-1-shell Version: v4.1...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/11 12:0 a.m.479 views

Aviatrix Controller 6.x Path Traversal / Code Execution

!/usr/bin/env python3 import requests from requests.structures import CaseInsensitiveDict from colorama import Fore, Style import argparse from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning printf""" ░█▀▀█ ░█──░█...

7.5CVSS1.2AI score0.93019EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/08/13 12:0 a.m.479 views

Easy-Mock 1.6.0 Remote Code Execution

Exploit Title: easy-mock 1.6.0 - Remote Code Execution RCE Authenticated Date: 12/08/2021 Exploit Author: LionTree Vendor Homepage: https://github.com/easy-mock Software Link: https://github.com/easy-mock/easy-mock Version: 1.5.0-1.6.0 Tested on: windows 10node v8.17.0 import requests import json...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/01 12:0 a.m.479 views

VMware vCenter Server 7.0 Arbitrary File Upload

Exploit Title: VMware vCenter Server 7.0 - Unauthenticated File Upload Date: 2021-02-27 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2021-0002.html Version: vCenter Server 6.5 7515524. File name CVE-2021-21972.py written by tijldotdeneutathowestdotb...

0.3AI score0.9957EPSS
Exploits47
Packet Storm
Packet Storm
added 2020/10/29 12:0 a.m.479 views

Mailman 2.1.23 Cross Site Scripting

Title: Mailman 1.x 2.1.23 - Cross Site Scripting XSS Type: Reflected XSS Software: Mailman Version: =1.x = 2.1.23 Vendor Homepage: https://www.list.org Original link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5950 POC Author: Valerio Alessandroni Date: 28/10/2020 Description:...

4.3CVSS6.7AI score0.04569EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/08/19 12:0 a.m.479 views

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/fortigate/fortios.html...

5CVSS10AI score0.99999EPSS
Exploits22
Packet Storm
Packet Storm
added 2017/05/12 12:0 a.m.479 views

miniupnpc 2.0.20170421 Denial Of Service

Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas Bernard References: http://miniupnp.free.fr/ 1 Version:...

0.3AI score0.24027EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/01/27 12:0 a.m.478 views

SpagoBI 3.5.1 Command Injection

SpagoBI versions 3.5.1 and below suffer from a command injection vulnerability. CVE-2024-54794 Severity : Critical 9.1 CVSS score : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by Command Injection vulnerability in the...

9.1CVSS9.7AI score0.12829EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/04/08 12:0 a.m.478 views

E-Commerce Website 1.1.0 Shell Upload

Full-Ecommece-Website-Slides-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Description = Upload web shell at Slides in admin panel Step to Reproduct Login to admin - Slides - upload web shell - Submit Exploit Upload web shell at Slides When upload success access...

8.9AI score0.02539EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/11/25 12:0 a.m.478 views

Bagisto 1.3.3 Client-Side Template Injection

Exploit Title: Bagisto 1.3.3 - Client-Side Template Injection Date: 11-25-2021 Exploit Author: Mohamed Abdellatif Jaber Vendor Homepage: https://bagisto.com/en/ Software Link: https://github.com/bagisto/bagisto Version: v1.3.3 Tested on: windows | chrome | firefox Exploit :. 1- register an accoun...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/12 12:0 a.m.478 views

HEUR.Backdoor.Win32.Agent.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/db0b3f4aeccb8d26f14b915a9e2529b4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Agent.gen Vulnerability: Insecure Permissions Description: The malware creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/16 12:0 a.m.478 views

Piwigo 2.10.1 Cross Site Scripting

Exploit Title: Piwigo 2.10.1 - Cross Site Scripting POC by: Iridium Software Homepage: http://www.piwigo.org Version : 2.10.1 Tested on: Linux & Windows Category: webapps Google Dork: intext: "Powered by Piwigo" CVE : CVE-2020-9467 Description Piwigo 2.10.1 has stored XSS via the file parameter i...

3.5CVSS5.5AI score0.23822EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/07/20 12:0 a.m.478 views

Daily Expense Tracker 1.0 SQL Injection

Exploit Title: Daily Expense Tracker 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/daily-expense-tracker-using-php-and-mysql/ Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/23 12:0 a.m.477 views

📄 Zyxel uOS 1.31 Privilege Escalation

The USG FLEX H Series with the operating system Zyxel uOS version 1.31 suffers from a local privilege escalation vulnerability via the setuid binary fermion-wrapper. -- HNS-2025-10 - HN Security Advisory - https://security.humanativaspa.it/ Title: Local privilege escalation via Zyxel...

7.8CVSS6.8AI score0.0093EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/01/22 12:0 a.m.477 views

Ivanti Connect Secure Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Connect Secure Unauthenticated Remote Code Execution', 'Description' = %q This module chains an authentication bypass vulnerability...

9.1CVSS7.4AI score0.99999EPSS
Exploits23
Packet Storm
Packet Storm
added 2023/12/21 12:0 a.m.477 views

Vinchin Backup And Recovery Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vinchin Backup and Recovery Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Vinchin Backup &...

9.8CVSS7.4AI score0.20477EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/02/07 12:0 a.m.477 views

Material Dashboard 2 SQL Injection

==================================================================================================================================== | Title : Material Dashboard 2 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : https://www.creative-tim.com...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.477 views

FreeSWITCH 1.10.6 SIP Flooding Denial Of Service

FreeSWITCH susceptible to Denial of Service via SIP flooding - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-06-freeswitch-flood-dos - Vendor Security Advisory:...

0.3AI score0.01598EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/04/08 12:0 a.m.477 views

Trojan-Downloader.Win32.Genome.omht Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/01055838361f534ab596b56a19c70fef.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.omht Vulnerability: Insecure Permissions Description: Genome.omht...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/05/19 12:0 a.m.477 views

Open-Xchange Dovecot 2.3.10 Null Pointer Dereference / Denial Of Service

------------------ Open-Xchange Security Advisory 2020-05-18 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOV-3784 Vulnerability type: NULL pointer dereference CWE-476 Vulnerable version: 2.3.0 - 2.3.10 Vulnerable component: submission, lmtp Report confidence: Confirmed Solution...

0.2AI score0.08153EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/10/03 12:0 a.m.476 views

📄 ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting

ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 — Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 📌 Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...

5.4CVSS6.4AI score0.00382EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.476 views

SPIP 4.2.5 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.5 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/06/18 12:0 a.m.476 views

Apache OFBiz Forgot Password Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache OFBiz Forgot Password Directory Traversal', 'Description' = %q Apache OFBiz versions prior to 18.12.13 are vulnerable to a path traversal...

7.1AI score0.99442EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.476 views

BoidCMS 2.0.1 Cross Site Scripting

Exploit Title: BoidCMS v2.0.1 - Multiple Stored XSS Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://boidcms.github.io// Software Link: https://github.com/BoidCMS/BoidCMS/archive/refs/tags/v2.0.1.zip Version: v2.0.1 Tested on: Windows 10, PHP...

7.4AI score0.00464EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/10/26 12:0 a.m.476 views

SPA Cart CMS 2021 SQL Injection

Document Title: =============== SPA Cart CMS - Multiple SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2304 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID: ====================================...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/07 12:0 a.m.476 views

vBulletin 5.6.3 Cross Site Scripting

Exploit Title: vBulletin 5.6.3 - 'group' Cross Site Scripting Date: 05.09.2020 Author: Vincent666 ibn Winnie Software Link: https://www.vbulletin.com/en/features/ Tested on: Windows 10 Web Browser: Mozilla Firefox & Opera Google Dorks: "Powered by vBulletin® Version 5.6.3" Go to the "Admin CP" -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.476 views

CSE Bookstore 1.0 SQL Injection

Exploit Title: CSE Bookstore Authentication Bypass Date: 27/10/2020 Exploit Author: Alper Basaran Vendor Homepage: https://projectworlds.in/ Software Link: https://github.com/projectworlds32/online-book-store-project-in-php/archive/master.zip Version: 1.0 Tested on: Windows 10 Enterprise 1909 CSE...

Exploits0
Packet Storm
Packet Storm
added 2020/09/03 12:0 a.m.476 views

SiteMagic CMS 4.4.2 Shell Upload

Exploit Title: SiteMagic CMS 4.4.2 - Arbitrary File Upload Authenticated Date: 2020-09-02 Exploit Author: v1n1v131r4 Vendor Homepage: https://sitemagic.org/ Software Link: https://sitemagic.org/Download.html Version: 4.4.2 Tested on: Ubuntu 18.04 CVE : N/A PoC:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/08/27 12:0 a.m.476 views

Tableau XML Injection

Exploit Title: Tableau XXE Google Dork: N/A Date: Reported to vendor July 2019, fix released August 2019. Exploit Author: Jarad Kopf Vendor Homepage: https://www.tableau.com/ Software Link: Tableau Desktop downloads: https://www.tableau.com/products/desktop/download Version/Products: See Tableau...

6.7AI score0.14314EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/10/01 12:0 a.m.475 views

VICIdial Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent" can execute...

9.8CVSS7AI score0.80023EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.476 views

Amazon AWS Glue Database Password Disclosure

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Database Passwords in Server Response product: Amazon AWS Glue vulnerable version: until 2024-02-23 fixed version: as of 2024-02-23 CVE number: - impact: medium homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/06 12:0 a.m.475 views

Artica Proxy 4.50 Loopback Service Disclosure

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...

7.4AI score0.16711EPSS
Exploits3
Total number of security vulnerabilities5000