Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
•added 2019/05/30 12:0 a.m.•438 views

Serv-U FTP Server 15.1.6.25 Local Privilege Escalation

Issue: Local Privilege Escalation CVE: CVE-2018-19999 Security researcher: Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.6.25 current as of Dec 2018 Fixed in: 15.1.7 Overview The Serv-U FTP Server is vulnerable to authentication bypass...

0.5AI score0.00605EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/11/01 12:0 a.m.•437 views

ABB Cylon Aspect 3.08.01 File Upload MD5 Checksum Bypass

ABB Cylon Aspect 3.08.01 badassMode File Upload MD5 Checksum Bypass Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy managemen...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/04/05 12:0 a.m.•437 views

Visual Planning 8 Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-49232 Link ====...

6.8AI score0.01525EPSS
Exploits1
Packet Storm
Packet Storm
•added 2021/11/08 12:0 a.m.•437 views

Backdoor.Win32.Pahador.aj Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f393943eb6a80c8321f31c4543ba0bcf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Pahador.aj Vulnerability: Authentication Bypass RCE Description: The malware listens ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/08/06 12:0 a.m.•437 views

Backdoor.Win32.Zdemon.126 Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/cedc886b593f013133df39bb6b43a762.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zdemon.126 Vulnerability: Unauthenticated Remote Command Execution Description: Zdemo...

Exploits0
Packet Storm
Packet Storm
•added 2021/06/04 12:0 a.m.•437 views

Monstra CMS 3.0.4 Remote Code Execution

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Date: 03.06.2021 Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...

6.5CVSS0.3AI score0.63355EPSS
Exploits8
Packet Storm
Packet Storm
•added 2021/04/21 12:0 a.m.•437 views

Fast PHP Chat 1.3 SQL Injection

Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Date: 15/04/2021 Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/10/19 12:0 a.m.•437 views

Jenkins 2.63 Sandbox Bypass

Exploit Title: Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in Date: 8th October 2020 Exploit Author: dmw0ng Vendor Homepage: https://www.jenkins.io Software Link: http://archives.jenkins-ci.org/windows/jenkins-2.63.zip Version: Jenkins 2.63 Tested on: Ubuntu 18.04 / 20.04 CVE :...

6.5CVSS9.6AI score0.75594EPSS
Exploits3
Packet Storm
Packet Storm
•added 2019/09/02 12:0 a.m.•437 views

Cisco RV110W / RV130(W) / RV215W Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...

10CVSS0.95707EPSS
Exploits15
Packet Storm
Packet Storm
•added 2024/10/15 12:0 a.m.•436 views

Dolibarr 20.0.1 SQL Injection

Titles: dolibarr 20.0.1 Multiple security token SQLi Author: nu11secur1ty Date: 10/15/2024 Vendor: https://www.dolibarr.org/ Software: https://www.dolibarr.org/downloads.php Reference: https://portswigger.net/web-security/sql-injection Description: The socid parameter appears to be vulnerable to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/08 12:0 a.m.•436 views

Windows Firewall Control 6.11.0 Unquoted Service Path

Exploit Title: Microsoft Windows Firewall Control 6.11.0 - Unquoted Service Path Date: 2024-08-06 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/03/14 12:0 a.m.•436 views

Honeywell PM43 Remote Code Execution

Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...

9.9CVSS7.4AI score0.33094EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/03/30 12:0 a.m.•436 views

CrowdStrike Falcon Agent 6.44.15806 Uninstall Issue

Exploit Title: CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Date: 30/11/2022 Exploit Author: Walter Oberacher, Raffaele Nacca, Davide Bianchin, Fortunato Lodari, Luca Bernardi Deda Cloud Cybersecurity Team Vendor Homepage: https://www.crowdstrike.com/ Author Homepage...

2.7CVSS4.5AI score0.03672EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/11/05 12:0 a.m.•436 views

Pentaho Business Analytics / Pentaho Business Server 9.1 Authentication Bypass

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: sec:intercept-url pattern="\A/api/.require-js-cfg.js.\Z" access="Anonymous,...

8.3AI score0.51653EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/04/14 12:0 a.m.•436 views

Digital Crime Report Management System 1.0 SQL Injection

Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/03/09 12:0 a.m.•436 views

Froala 3.2.6-1 Cross Site Scripting

Exploit Title: Stored XSS and Html Code Injection Editor Froala Version 3.2.6-1 Date:06.03.2021 Author: Vincent666 ibn Winnie Software Link: https://froala.com/wysiwyg-editor/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/08/27 12:0 a.m.•436 views

Eikon Thomson Reuters 4.0.42144 File Permissions

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Extensive file permissions on service executable product: Eikon Thomson Reuters vulnerable version: 4.0.42144 fixed version: - CVE number: CVE-2019-10679 impact: High...

7.8AI score0.00478EPSS
Exploits3
Packet Storm
Packet Storm
•added 2020/07/27 12:0 a.m.•436 views

Socusoft Photo To Video Converter Professional 8.07 Buffer Overflow

Exploit Title: Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow SEH Egghunter Date: 2020-07-23 Exploit Author: MasterVlad Vendor Homepage: http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/11/14 12:0 a.m.•435 views

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

Hej, Let's keep it short ... ===== Intro ===== A "sudo make me a sandwich" security issue has been identified in the TX Text Control .NET Server for ASP.NET1. According to the vendor2, "the most powerful, MS Word compatible document editor that runs in all browsers". Likely all versions are...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/09/01 12:0 a.m.•435 views

Cassandra Web File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cassandra Web File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Cassandra...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•435 views

CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure', 'Description' = %q This module sends a query to the port 264/TCP on...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/05/23 12:0 a.m.•435 views

FleetCart 4.1.1 Information Disclosure

Exploit Title: FleetCart 4.1.1 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 13/05/2024 Vendor: EnvaySoft Vendor Homepage: https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826 Software Demo Link: https://demo.fleetcart.envaysoft.com/en Tested on: Window...

5CVSS7.2AI score0.18768EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/10/27 12:0 a.m.•435 views

SugarCRM 13.0.1 Server-Side Template Injection

---------------------------------------------------------------------------- SugarCRM = 13.0.1 GetControl Server-Side Template Injection Vulnerability ---------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Versio...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/04/06 12:0 a.m.•435 views

GNU screen 4.9.0 Privilege Escalation

Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...

6.5AI score0.0054EPSS
Exploits3
Packet Storm
Packet Storm
•added 2022/08/01 12:0 a.m.•435 views

Wavlink WN530HG4 Password Disclosure

Exploit Title: Wavlink WN530HG4 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M30HG4.V5030.191116 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34047 Tested on: Windows Exploit...

7.5CVSS7.6AI score0.17444EPSS
Exploits4
Packet Storm
Packet Storm
•added 2022/04/19 12:0 a.m.•435 views

HackTool.Win32.Delf.vs Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/92f7f9495ffd56d05a5acf395c9e0097.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.Delf.vs Vulnerability: Insecure Credential Storage Description: The malware credentia...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/01/05 12:0 a.m.•435 views

openSIS Student Information System 8.0 SQL Injection

Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/12/10 12:0 a.m.•435 views

Free School Management Software 1.0 Shell Upload

Exploit Title: Free School Management Software 1.0 - Remote Code Execution RCE Exploit Author: fuuzap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...

Exploits0
Packet Storm
Packet Storm
•added 2021/12/03 12:0 a.m.•435 views

WordPress DZS Zoomsounds 6.45 Arbitrary File Read

Exploit Title: WordPress Plugin DZS Zoomsounds 6.45 - Arbitrary File Read Unauthenticated Google Dork: inurl:/wp-content/plugins/dzs-zoomsounds/ Date: 2/12/2021 Exploit Author: Uriel Yochpaz Vendor Homepage: https://digitalzoomstudio.net/docs/wpzoomsounds/ Software Link: Version: 1.10, 1.20, 1.30...

7.5CVSS7.7AI score0.66543EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/02/18 12:0 a.m.•435 views

Gitea 1.12.5 Remote Code Execution

Exploit Title: Gitea 1.12.5 - Remote Code Execution Authenticated Date: 17 Feb 2020 Exploit Author: Podalirius PoC demonstration article: https://podalirius.net/articles/exploiting-cve-2020-14144-gitea-authenticated-remote-code-execution/ Vendor Homepage: https://gitea.io/ Software Link:...

6.5CVSS0.3AI score0.93691EPSS
Exploits12
Packet Storm
Packet Storm
•added 2020/09/21 12:0 a.m.•435 views

Online Shop Project 1.0 SQL Injection

Exploit Title: Online Shop Project 1.0 - 'p' SQL Injection Date: 2020-09-20 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14448/online-shop-project-using-phpmysql.html Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/08/27 12:0 a.m.•435 views

ASX To MP3 Converter 3.1.3.7.2010.11.05 Buffer Overflow

Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow DEP,ASLR Bypass PoC Software Link Download: https://github.com/x00x00x00x00/ASXtoMP3Converter3.1.3.7.2010.11.05/blob/master/ASXtoMP3Converter3.1.3.7.2010.11.05.exe?raw=true Exploit Author: Paras Bhatia Discovery...

0.9AI score
Exploits0
Packet Storm
Packet Storm
•added 2019/10/03 12:0 a.m.•435 views

Anchor CMS 0.12.3a Information Disclosure

Exploit Title: Information disclosure MySQL password in error log Date: 2/10/2019 Exploit Author: Tijme Gommers https://twitter.com/finnwea/ Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/releases Version: 0.12.3a Tested on: Linux CVE : CVE-2018-725...

5CVSS9.6AI score0.72272EPSS
Exploits4
Packet Storm
Packet Storm
•added 2014/10/09 12:0 a.m.•435 views

Aardvark Topsites PHP 5.2 Cross Site Scripting / Local File Inclusion

Aardvark Topsites PHP 5.2 Multi Vulnerability ============================================= Author : indoushka Vondor : www.p30vel.ir http://www.aardvarktopsitesphp.com/ http://www.avatic.com/ Dork : My Topsites List - Powered by Aardvark Topsites PHP 5.2.1 ======================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/07 12:0 a.m.•434 views

WordPress PayPlus Payment Gateway SQL Injection

!/usr/bin/env python3.11 import requests import time def exploiturl: payload = "wc-api": "payplusgateway&statuscode=true&moreinfo=selectfromselectsleep5a" start = time.time with requests.Session as session: session.headers.update 'User-Agent': 'Mozilla/5.0 Windows NT 10.0; Win64; x64...

9.8CVSS7AI score0.04168EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/11/08 12:0 a.m.•434 views

WordPress Backup And Restore 1.0.3 Arbitrary File Deletion

Exploit Title: WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion Date: 11/07/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.miniorange.com/ Software Link: https://wordpress.org/plugins/backup-and-restore-for-wp/ Version: 1.0.3 Tested on : Window...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/11/08 12:0 a.m.•434 views

Trojan.Win32.SkynetRef.y Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e2d249f86890d290bb8af599ea0367f3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SkynetRef.y Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/03/28 12:0 a.m.•433 views

RouterOS 6.44 / 6.49.10 Denial Of Service

Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Google Dork: N/A Date: 03/04/2024 Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10...

7.4AI score0.00591EPSS
Exploits7
Packet Storm
Packet Storm
•added 2023/07/07 12:0 a.m.•433 views

Lost And Found Information System 1.0 SQL Injection

Exploit Title: Lost and Found Information System v1.0 - SQL Injection Date: 2023-06-30 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /php-lfis/admin/?page=systeminfo/contactinformation Tested on: Windows/Linux CVE : CVE-2023-33592 import requests URL of the...

7.1AI score0.02519EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/11/11 12:0 a.m.•433 views

YeaLink SIP-TXXXP 53.84.0.15 Command Injection

Exploit Title: YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection Authenticated Date: 11-10-2021 Exploit Author: tahaafarooq Vendor Homepage: https://www.yealink.com/ Version: 53.84.0.15 Tested on: YeaLink IP Phone SIP-T19P Hadrware VOIP Phone Description: Using Diagnostic tool from the...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/23 12:0 a.m.•433 views

Sipwise C5 NGCP CSC Cross Site Request Forgery

Sipwise C5 NGCP CSC CSRF Click2Dial Exploit Vendor: Sipwise GmbH Product web page: https://www.sipwise.com Affected version: =CEm39.3.1 NGCP wwwadmin version 3.6.7 Summary: Sipwise C5 also known as NGCP - the Next Generation Communication Platform is a SIP-based Open Source Class 5 VoIP soft-swit...

0.2AI score0.00926EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/04/22 12:0 a.m.•433 views

Packed.Win32.Black.d Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/17e3836682ffb0913459ece7c3f0786d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Packed.Win32.Black.d Vulnerability: Unauthenticated Open Proxy Description: The malware listens on T...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/08/21 12:0 a.m.•433 views

OX App Suite / OX Documents XSS / SSRF / Bypass

Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...

3.5CVSS0.1AI score0.01206EPSS
Exploits3
Packet Storm
Packet Storm
•added 2019/08/30 12:0 a.m.•433 views

Zyxel USG/UAG/ATP/VPN/NXC External DNS Requests

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: External DNS Requests product: Zyxel USG/UAG/ATP/VPN/NXC series vulnerable version: see "Vulnerable / tested version" fixed version: see "Solution" CVE number: - impact:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2019/07/23 12:0 a.m.•433 views

Axway SecureTransport 5 XML Injection

| | | | | / \ '/ \ | |/ | | / / / | | || | | | /|| |/|| https://zero.lol zero days 4 days ATTENTION: this is a friendly neighborhood zeroday drop Title: Axway SecureTransport 5 Unauthenticated XML Injection / XXE Google Dork: intitle:"Axway SecureTransport" "Login" Date: July 20th 2019 Author:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2025/12/16 12:0 a.m.•432 views

šŸ“„ Bitrix24 25.100.300 Remote Code Execution

Bitrix24 versions 25.100.300 and below have a vulnerability that is located within the Translate Module, which allows users to upload and extract archive files into a temporary directory. However, the application fails to properly verify the contents of these archives before extracting them. This...

7.7AI score0.01028EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/10/15 12:0 a.m.•432 views

ABB Cylon Aspect 3.08.00 sslCertAjax.php Remote Command Execution

ABB Cylon Aspect 3.08.00 sslCertAjax.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/09/23 12:0 a.m.•432 views

Linux i915 PTE Use-After-Free

I found a bug in the i915 code that allows a process with access to a render node /dev/dri/renderD128 to corrupt kernel memory. This bug is subject to a 90-day disclosure deadline. If a fix for this issue is made available to users before the end of the 90-day deadline, this bug report will becom...

5.5CVSS7AI score0.00256EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/05/14 12:0 a.m.•432 views

Backdoor.Win32.AsyncRat MVID-2024-0683 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AsyncRat Vulnerability: Arbitrary Code Execution Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/07/31 12:0 a.m.•433 views

WordPress AN_Gradebook 5.0.1 SQL Injection

!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...

8.8CVSS7.1AI score0.03246EPSS
Exploits5
Total number of security vulnerabilities5000