Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
added 2024/08/19 12:0 a.m.450 views

Ewon Cosy+ / Talk2M Remote Access Solution Improper Authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-043 Product: Ewon Cosy+ / Talk2M Remote Access Solution Manufacturer: HMS Industrial Networks AB Affected Versions: N.A. Tested Versions: N.A. Vulnerability Type: Improper Authentication CWE-287 Risk Level: High Solution Statu...

9.1CVSS7.2AI score0.0066EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/07/04 12:0 a.m.450 views

SoftMaker Office / FreeOffice Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: SoftMaker Office / FreeOffice vulnerable version: SoftMaker Office 2024 / NX before revision 1214 FreeOffice 2021...

7.1AI score0.00322EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/05/22 12:0 a.m.450 views

NorthStar C2 Cross Site Scripting / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NorthStar C2 XSS to Agent RCE', 'Description' = %q NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the log...

7.4AI score0.78158EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/03/06 12:0 a.m.450 views

Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal

KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability Title: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability Advisory ID: KL-001-2024-001 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt 1...

7.4AI score0.44579EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/29 12:0 a.m.450 views

Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read

python poc.py usage: python poc.py http://127.0.0.1:8888/ /etc/passwd import threading import http.client import time import uuid import urllib.parse import sys if lensys.argv != 3: print' usage: python poc.py http://127.0.0.1:8888/ /etc/passwd' exit databytes =...

6.6AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.450 views

WordPress Seo By 10Web Cross Site Scripting

Tittle: WordPress Plugin Seo By 10Web 4. Save to trigger the XSS. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992...

4.8CVSS7.1AI score0.00909EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.450 views

CodeIgniter CMS 4.2.0 SQL Injection

+++++++++++++++++++++++++++++++++ + +Exploit Title : CodeIgniter CMS Version 4.2.0 Sql Injection Vulnerability + +Exploit Author : E1.Coders + +Vendor Homepage : https://www.codeigniter.com/ + +Google Dork ONE : searchResult/?title= + +Google Dork Two : Job/searchResult/?title= + +Date : 15 / 05 ...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/15 12:0 a.m.450 views

SAP Netweaver IUUC_GENERATE_ACPLAN_DELIMITER ABAP Code Injection

SEC Consult Vulnerability Lab Security Advisory ============================================================================== title: Remote ABAP Code Injection in IUUCGENERATEACPLANDELIMITER product: SAP Netweaver vulnerable version: SAP DMIS in at least 20111731 = SP 0013 fixed version: see...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/15 12:0 a.m.450 views

Fuel CMS 1.4.13 SQL Injection

Exploit Title: Fuel CMS 1.4.13 - 'col' Parameter Blind SQL Injection Authenticated Date: 2021-04-11 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.13.zip Version: 1.4.13 Tested on: Kali Linux, PHP...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/26 12:0 a.m.450 views

Codiad 2.8.4 Shell Upload

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 3 Date: 24.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://codiad.com/ Software Link: https://github.com/Codiad/Codiad/releases/tag/v.2.8.4 Version: 2.8.4 Tested on Xubuntu 20.04 CVE: CVE-2018-19423 '''...

6.5CVSS0.17984EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/04/21 12:0 a.m.450 views

OpenEMR 5.0.2.1 Remote Code Execution

Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/10 12:0 a.m.450 views

Mikrotik RouterOS Remote Root

/ Exploit Title: RouterOS Remote Rooting Date: 10/07/2018 Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on: RouterOS Various CVE : CVE-2018-14847 By...

5CVSS8.7AI score0.96087EPSS
Exploits23
Packet Storm
Packet Storm
added 2025/03/13 12:0 a.m.449 views

Apache NiFi 1.21.0 Remote Code Execution

Apache NiFi version 1.21.0 proof of concept remote code execution exploit that takes advantage of a flaw discovered in 2023. ============================================================================================================================================= | Title : Apache NiFi 1.21.0 R...

8.8CVSS9AI score0.63633EPSS
Exploits9
Packet Storm
Packet Storm
added 2025/03/06 12:0 a.m.450 views

Microsoft SRV2.SYS SMB 2 Denial of Service

Microsoft SRV2.SYS SMB version 2 remote denial of service exploit that leverages a flaw from 2009. ============================================================================================================================================= | Title : Microsoft SRV2.SYS SMB v2 Denial of Service...

10CVSS7.3AI score0.90121EPSS
Exploits20
Packet Storm
Packet Storm
added 2024/10/11 12:0 a.m.449 views

Gibbon School Platform 26.0.00 Code Injection

============================================================================================================================================= | Title : Gibbon School Platform 26.0.00 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/01/26 12:0 a.m.449 views

CloudLinux CageFS 7.0.8-2 Insufficiently Restricted Proxy Command

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CloudLinux CageFS Insufficiently Restricted Proxy Command Link: https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02CloudLinuxCageFSInsufficientlyRestrictedProxyCommands Vulnerability Overview CloudLinux CageFS 7.0.8-2 or...

7.4AI score0.00378EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/12/06 12:0 a.m.449 views

Winter CMS 1.2.2 Server-Side Template Injection

Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/07 12:0 a.m.449 views

ZwiiCMS 12.2.04 Remote Code Execution

Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager" 9.14.0 for its fil...

9.8CVSS9.7AI score0.1929EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/04/01 12:0 a.m.449 views

phpPgAdmin 7.13.0 Command Execution

Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Date: 29/03/2021 Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/16 12:0 a.m.449 views

Magic Home Pro 1.5.1 Authentication Bypass

Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...

0.5AI score0.02875EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/09/25 12:0 a.m.449 views

Anchor CMS 0.12.7 Cross Site Scripting

Exploit Title: Anchor CMS 0.12.7 - Persistent Cross-Site Scripting Authenticated Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://anchorcms.com/ Version: 0.12.7 Tested on: Windows & XAMPP == Tutorial http://HOST/admin/ 2- Login to admin panel. 3- Press "Posts" button. 4- Writ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/08/22 12:0 a.m.449 views

Endian Firewall 3.3.0 Cross Site Scripting

Exploit Title: Endian Firewall cross-site scripting XSS Date: 08/22/2019 Exploit Authors: Milad Soltanian + G0dfather @irpwn Vendor Homepage: https://www.endian.com Version : 3.3.0 An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.448 views

Journyx 11.5.4 XML Injection

KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection Title: Journyx Unauthenticated XML External Entities Injection Advisory ID: KL-001-2024-010 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt 1. Vulnerability Detail...

7.5CVSS7.1AI score0.32916EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.448 views

iboss Secure Web Gateway Cross Site Scripting

Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...

6.1CVSS7.4AI score0.22002EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.448 views

Gentics CMS 5.36.29 Cross Site Scripting / Deserialization

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable version: 5.36.29, see section below fixed version: 5.40.27, 5.41.15, 5.42.7,...

0.2AI score0.01132EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/03/01 12:0 a.m.448 views

Rufus 3.17.1846 DLL Hijacking

Hi all, I would like to disclose a vulnerability that I just found today. Details below: Vulnerable Software and Version: 1. Rufus 3.17.1846 executable 2. Rufus 3.17.1846 portable executable Vulnerable software download link: https://rufus.ie/en/ https://github.com/pbatard/rufus/releases/tag/v3.1...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/03 12:0 a.m.448 views

Noise-Java ChaChaPolyCipherState.encryptWithAd() Insufficient Boundary Checks

Vulnerability title: Noise-Java ChaChaPolyCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25021 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is currently...

6.8CVSS0.02553EPSS
Exploits11
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.448 views

WordPress Email Subscribers And Newsletters 4.2.2 File Disclosure

Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBA@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/ Softwar...

5CVSS5.5AI score0.71399EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/17 12:0 a.m.447 views

📄 Meshtastic Buffer Overflow

A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as...

9.4CVSS8.3AI score0.00747EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/21 12:0 a.m.447 views

WordPress iSpring Embedder 1.0 CSRF / Shell Upload

WordPress iSpring Embedder plugin versions 1.0 and below suffer from a cross site request forgery vulnerability that can be leveraged to upload a PHP web shell. CVE-2025-23922 - WordPress iSpring Embedder CSRF to Arbitrary File Upload 📌 CVE Details - CVE ID: CVE-2025-23922 - Published: 2025-01-16...

10CVSS6.8AI score0.01035EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/03/07 12:0 a.m.447 views

FullCourt Enterprise 8.2 Cross Site Scripting

Exploit Title: FullCourt enterprise XSS Date: 2023-28-12 Exploit Author: Omar Sabagh Author Linkedin: https://www.linkedin.com/in/omar-s-b937791a2/ Vendor Homepage: https://www.justicesystems.com Software Link: https://www.justicesystems.com/products/fullcourt-enterprise/ Version: FullCourt...

7.4AI score0.00571EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.447 views

Qognify VMS Client Viewer 7.1 DLL Hijacking

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via DLL Hijacking product: Qognify VMS Client Viewer vulnerable version: =7.1 fixed version: see solution CVE number: CVE-2023-49114 impact:...

7.4AI score0.00359EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.447 views

PHPJabbers Time Slots Booking Calendar 4.0 CSV Injection

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - CSV Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on:...

7.4AI score0.01201EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.447 views

WordPress Login Rebuilder Cross Site Scripting

Tittle: WordPress Plugin Login Rebuilder " 3. Save the changes to trigger XSS. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/7b356b82-5d03-4f70-b4ce-f1405304bb52...

4.8CVSS7.1AI score0.00552EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/07/04 12:0 a.m.447 views

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/38745539b71cf201bb502437f891d799.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom Lockbit 3.0 Vulnerability: Local Unicode Buffer Overflow SEH Description: The...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/25 12:0 a.m.447 views

Microsoft Exchange Server Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'Microsoft Exchange Server ChainedSerializationBinder Deny List Typo RCE', 'Description' = %q This vulnerability allows remote...

8.8CVSS0.1AI score0.90388EPSS
Exploits9
Packet Storm
Packet Storm
added 2020/08/21 12:0 a.m.447 views

Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure

Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ develop advertising platform for out of home media in that time the world called "Digital Signage". Because most business...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/12/13 12:0 a.m.447 views

Roxy Fileman 1.4.5 For .NET Directory Traversal

=========================== Exploit Title: Roxy Fileman 1.4.5 for .NET - Directory Traversal Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE number: CVE-2019-19731 Found: 2019-12-06 Tested on...

0.6AI score0.11617EPSS
Exploits5
Packet Storm
Packet Storm
added 2008/01/01 12:0 a.m.447 views

clipshare-sql.txt

video sharing www.clip-share.com Remote SQL Injection Exploit All Version AUTHOR :Krit webmaster of http://www.thaishadow.com HOME : http://www.thaishadow.com Download : http://www.clip-share.com/ DorKs :inurl:/uprofile.php?UID= or "Powered by clipshare" EXPLOIT :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.446 views

Fortra FileCatalyst Workflow SQL Injection

require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...

9.8CVSS7.1AI score0.90067EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.446 views

TerraMaster TOS 4.2.15 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'time' class MetasploitModule 'TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.', 'Description...

10CVSS7.1AI score0.15914EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.446 views

phpIPAM 1.4.5 Remote Code Execution

Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...

Exploits0
Packet Storm
Packet Storm
added 2022/04/15 12:0 a.m.446 views

Microsoft HTTP Protocol Stack Denial Of Service

!/usr/bin/env python3 -- coding: utf-8 -- Exploit developed by the polakow from the past @ltdominikow This exploit was made for testing own networks and patch affected systems. I'm not responsible if you do another thing with this exploit. As a drunk wise man said: "Please, don't be a 'culiao'!"...

10CVSS9.7AI score0.9279EPSS
Exploits21
Packet Storm
Packet Storm
added 2021/11/05 12:0 a.m.446 views

Khamenei.ir SQL Injection

Exploit Title : Khamenei.ir has SQL Inj vulnerabilities Author : E1.Coders Contact : E1.Coders at Mail dot RU Portal Link : khamenei.ir https://farsi.khamenei.ir Tested ON : Persian language version Host Security Risk : Critical Description : Description: All websites with this version used can b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/30 12:0 a.m.446 views

IRC-Worm.Win32.Jane.a Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2d1d6b0fd55eca12f58b8b6d80f8153f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: IRC-Worm.Win32.Jane.a Vulnerability: Authentication Bypass RCE Description: The backdoor FTP server...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/05/20 12:0 a.m.446 views

Microsoft Windows 7/2008 R2 x64 EternalBlue Remote Code Execution

!/usr/bin/python from impacket import smb from struct import pack import os import sys import socket ''' EternalBlue exploit for Windows 7/2008 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten Tested on: - Windows 7 SP1 x64 - Windows 2008 R2 x64 Referenc...

9.3CVSS0.2AI score0.9923EPSS
Exploits55
Packet Storm
Packet Storm
added 2021/03/15 12:0 a.m.445 views

VoIPmonitor WEB GUI 24.55 Cross Site Scripting

VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages - Fixed versions: VoIPmonitor WEB GUI 24.56 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-02-voipmonitor-gui-xss - VoIPmonitor Security Advisory: none, changelog references fixes ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.445 views

Nortek Linear eMerge E3 Access Controller 1.00-06 SSH/FTP Remote Root

!/usr/bin/env python Nortek Linear eMerge E3 Access Controller SSH/FTP Remote Root Affected version: \n' sys.exit ip = sys.argv1 rshell = ssh'root', ip, password='davestyle', port=22 rshell.interactive...

10CVSS0.3AI score0.23123EPSS
Exploits17
Packet Storm
Packet Storm
added 2025/01/24 12:0 a.m.444 views

DFG JIT Use-After-Free

DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...

8.8CVSS9.2AI score0.08287EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.444 views

Kortex 1.0 SQL Injection

Titles: KORTEX-1.0 SQLi Author: nu11secur1ty Date: 05/09/2024 Vendor: https://mayurik.com/ Software: https://www.mayurik.com/source-code/P5339/best-free-law-office-management-software Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...

7.4AI score
Exploits0
Total number of security vulnerabilities5000