Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
added 2021/10/22 12:0 a.m.427 views

Online Course Registration 1.0 SQL Injection

Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Date: 2021-10-21 Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.427 views

WordPress Events Made Easy 2.0.68 Database Disclosure

Exploit Title : WordPress Events Made Easy Plugins 2.0.68 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/events-made-easy/ Software Download Link :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/02/28 12:0 a.m.426 views

Gitea 1.24.0+dev HTML Injection / Cross Site Scripting

Gitea version 1.24.0+dev suffers from an html injection vulnerability that can allow for cross site scripting. Title: Gitea 1.24.0+dev HTML Injection Vulnerability Description: Gitea version 1.24.0+dev-355-g74c8e95e87 is vulnerable to an HTML Injection vulnerability. The issue arises due to...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/01/29 12:0 a.m.426 views

NEXT-EMP 1.0 Shell Upload

NEXT-EMP version 1.0 suffers from a remote shell upload vulnerability. Titles: NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/29/2025 Vendor: https://www.mayurik.com/ Software:...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/30 12:0 a.m.426 views

AMSS++ 4.2 Insecure Settings

=================================================================== | Title : AMSS++ v 4.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on: windows 8.1 Français V.Pro | | Vendor : http://amssplus.ubn4.go.th/amssplusdownload/ | | Dork : Education Area Management Support System...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/07 12:0 a.m.426 views

WordPress Ad Inserter Cross Site Scripting

Tittle: WordPress Plugin Ad Inserter Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba...

6.3AI score0.03557EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/25 12:0 a.m.426 views

Seeddms 5.1.10 Remote Command Execution

Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...

6CVSS7.5AI score0.11696EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.426 views

ScadaBR 1.0 / 1.1CE Windows Shell Upload

!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Google Dork: N/A Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for...

8.8AI score0.39096EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/02/10 12:0 a.m.426 views

b2evolution CMS 6.11.6 Open Redirection

Exploit Title: Open redirect in b2evolution CMS 6.11.6 redirectto parameter in emailpassthrough.php Google Dork: N/A Date: 10/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405...

6.3AI score0.13817EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/01/15 12:0 a.m.426 views

Online Hotel Reservation System 1.0 SQL Injection

Exploit Title: Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/06 12:0 a.m.426 views

WordPress WP24 Domain Check 1.6.2 Cross Site Scripting

Exploit Title: WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting Date: 2021-01-03 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://wordpress.org/plugins/wp24-domain-check/ Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2024/07/11 12:0 a.m.425 views

WordPress Poll Maker 5.3.2 SQL Injection

Exploit Title: WordPress Poll Maker Plugin SQL Injection Date: 2024-07-11 Exploit Author: tmrswrr Category : Webapps Vendor: https://ays-pro.com/wordpress/poll-maker Version 5.3.2 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to Poll Maker Results...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/02/24 12:0 a.m.425 views

Music Gallery Site 1.0 SQL Injection

Music Gallery Site - SQL Injection on page musiclist.php and parameter cid is vulnerable, application url is ?page=musiclist&cid=?. Any remote attacker can access this page to exploit the vulnerbility. Date: 21 February 2023 CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad...

0.4AI score0.01883EPSS
Exploits11
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.425 views

Zstore 6.5.4 Cross Site Scripting

Title: zstore-6.5.4 - XSS-Reflected Development: nu11secur1ty Date: 01.18.2023 Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.425 views

Backdoor.Win32.GateHell.21 Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55dB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GateHell.21 Vulnerability: Port Bounce Scan Description: The malware runs an FTP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/10 12:0 a.m.425 views

OpenCATS 0.9.4 Remote Code Execution

Exploit Title: OpenCATS 0.9.4 - Remote Code Execution RCE Google Dork: intext:"Current Available Openings, Recently Posted Jobs" Date: 21/09/2021 Exploit Author: Nicholas Ferreira - https://github.com/Nickguitar Vendor Homepage: https://www.opencats.org/ Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/14 12:0 a.m.425 views

HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Hoax.Win32.FrauDrop.gen Vulnerability: Insecure Permissions Description: FrauDrop.gen creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/05/21 12:0 a.m.425 views

WebLogic Server Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE - BadAttributeValueExpException', 'Description' = %q There exists a Java object deserialization vulnerability...

7.5CVSS0.4AI score0.97116EPSS
Exploits26
Packet Storm
Packet Storm
added 2020/02/05 12:0 a.m.425 views

HiSilicon DVR/NVR hi3520d Firmware Backdoor Account

Exploit Title: HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account Dork: N/A Date: 2020-02-03 Exploit Author: Snawoot Vendor Homepage: http://www.hisilicon.com Product Link: http://www.hisilicon.com/en/Products Version: hi3520d Tested on: Linux CVE: N/A References:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/14 12:0 a.m.425 views

FusionPBX Operator Panel exec.php Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...

6.5CVSS8.8AI score0.8748EPSS
Exploits9
Packet Storm
Packet Storm
added 2019/09/20 12:0 a.m.425 views

LayerBB 1.1.3 Cross Site Request Forgery

Exploit Title: LayerBB 1.1.3 - Multiple CSRF Date: 4/7/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1. Description: LayerBB is a free open-source forum...

0.6AI score0.02549EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/02/05 12:0 a.m.426 views

Joomla Jumi 3.0.5 Database Disclosure / SQL Injection

Exploit Title : Joomla Jumi Components 3.0.5 SQL Injection / Database Disclosure / Remote File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/02/2019 Vendor Homepage : 2glux.com Software Download Link :...

7.5CVSS6.7AI score0.02043EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/03 12:0 a.m.424 views

📄 Tomcat Partial PUT Java Deserialization

This Metasploit module exploits a Java deserialization vulnerability in Apache Tomcats session restoration functionality that can be exploited with a partial HTTP PUT request to place an attacker controlled deserialization payload in the tomcatrootdir/webapps/ROOT/ directory. For the exploit to...

9.8CVSS9AI score0.99945EPSS
Exploits46
Packet Storm
Packet Storm
added 2024/11/07 12:0 a.m.424 views

CyberPanel upgrademysqlstatus Arbitrary Command Execution

import httpx import sys def getCSRFtokenclient: resp = client.get"/" return resp.cookies'csrftoken' def pwnclient, CSRFtoken, cmd: headers = "X-CSRFToken": CSRFtoken, "Content-Type":"application/json", "Referer": strclient.baseurl payload = '"statusfile":"/dev/null; %s; ","csrftoken":"%s"' % cmd,...

10CVSS7.1AI score0.86725EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.424 views

WordPress Simple Backup File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple Backup File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.425 views

Allegro Software RomPager Misfortune Cookie (CVE-2014-9222) Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Allegro Software RomPager 'Misfortune Cookie' CVE-2014-9222 Scanner", 'Description' = %q This module scans for HTTP servers that appear to be...

10CVSS7AI score0.63748EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.424 views

vTiger CRM 7.4.0 Cross Site Scripting

CVE-ID:CVE-2024-44778 ------------------------------------------ Suggested description:A reflected cross-site scripting XSS vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a...

7.4AI score0.00726EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/03/06 12:0 a.m.424 views

Artica Proxy 4.50 Unauthenticated PHP Deserialization

KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID: KL-001-2024-002 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt 1...

7.4AI score0.8126EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/11/20 12:0 a.m.424 views

Shuttle Booking Software 2.0 Cross Site Scripting

Exploit Title: Shuttle Booking Software v2.0 - Multiple Stored Cross-Site Scripting Authenticated Date: 09/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/shuttle-booking-software/ Software Link:...

7.5AI score0.00721EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/10/13 12:0 a.m.424 views

PyTorch Model Server Registration / Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'PyTorch Model Server Registration and Deserialization RCE', 'Description' = %q The PyTorch model server contains multiple...

10CVSS9.2AI score0.99615EPSS
Exploits10
Packet Storm
Packet Storm
added 2023/03/01 12:0 a.m.425 views

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Oracle E-Business Suite EBS Unauthenticated Arbitrary File Upload', 'Description' = %q This module exploits an unauthenticated...

9.8CVSS0.2AI score0.98342EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/12/09 12:0 a.m.424 views

Raspberry Pi 5.10 Default Credentials

Exploit Title: Raspberry Pi 5.10 - Default Credentials Date: 08/12/2021 Exploit Author: netspooky Vendor Homepage: https://www.raspberrypi.com/ Software Link: https://www.raspberrypi.com/software/operating-systems/ Version: Raspberry Pi OS = 5.10 Tested on: Raspberry Pi OS 5.10 CVE : CVE-2021-387...

0.2AI score0.15666EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.424 views

Avaya IP Office 11 Insecure Transit / Password Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-IP-OFFICE-INSECURE-TRANSIT-PASSWORD-DISCLOSURE.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.avaya.com Product Avaya IP Office v9.1.8.0 - 11 IP Office...

2.1CVSS0.01EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/05/19 12:0 a.m.424 views

PHP-Fusion 9.03.50 SQL Injection

Exploit Title: php-fusion 9.03.50 - 'ctype' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Date: 2020-05-19 Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.50 Tested On: Windows 10 + XAMPP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/06/29 12:0 a.m.424 views

Apache ActiveMQ 5.x Web Shell Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...

7.5CVSS9.8AI score0.98518EPSS
Exploits19
Packet Storm
Packet Storm
added 2025/12/04 12:0 a.m.423 views

📄 Microsoft Windows 11 Administrator Protection UAC Bypass / Privilege Escalation

A privilege escalation vulnerability exists in Windows 11 Insider Preview Build 10.0.27919.1000 due to improper handling of user‑controlled environment variables by the Unified Background Process Manager UBPM when launching elevated scheduled tasks under Administrator Protection. Proof of concept...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/16 12:0 a.m.423 views

Online Job Recruitment Portal Project 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Online Job Recruitment Portal project v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/15 12:0 a.m.423 views

Zope 5.9 Command Injection

Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.423 views

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0...

7.4AI score0.00339EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.423 views

Instagram App 287.0.0.22.85 Denial Of Service

Exploit Title: Instagram App 287.0.0.22.85 - Denial of Service PoC Date: 2023-06-13 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.instagram.com Software Link: https://play.google.com/store/apps/details?id=com.instagram.android Version: 287.0.0.22.85 Tested on: Android 12 About Ap...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/02/07 12:0 a.m.423 views

Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ServiceDesk Plus Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerability...

9.8CVSS0.5AI score0.99753EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/01/27 12:0 a.m.423 views

Razer Synapse 3.7.0731.072516 Local Privilege Escalation

Advisory ID: SYSS-2022-047 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.7.0830.081906 Tested Versions: 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02...

7.3CVSS0.4AI score0.00889EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/03/17 12:0 a.m.423 views

BuilderTorCTPHPRAT.b Shell Upload

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BuilderTorCTPHPRAT.b Vulnerability: Arbitrary File Upload - RCE Family: TorCTPHPRAT Type: WebUI MD5...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/03 12:0 a.m.423 views

Online Pre-Owned / Used Car Showroom Management System 1.0 SQL Injection

Exploit Title: Online Pre-owned/Used Car Showroom Management System 1.0 - SQLi Authentication Bypass Date: 01-12-2021 Exploit Author: Mohamed habib Smidi Craniums Vendor Homepage: https://www.sourcecodester.com/php/15067/online-pre-ownedused-car-showroom-management-system-php-free-source-code.htm...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/26 12:0 a.m.423 views

Pluck CMS 4.7.13 Remote Shell Upload

Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution Authenticated Date: 25.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck/releases/tag/4.7.13 Version: 4.7.13 Tested on Xubuntu 20.0...

6.5CVSS0.2AI score0.33428EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/04/21 12:0 a.m.423 views

Hasura GraphQL 1.3.3 Arbitrary File Read

Exploit Title: Hasura GraphQL 1.3.3 - Local File Read Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19./2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPO...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/19 12:0 a.m.423 views

Trojan.Win32.NanoBot.onh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.NanoBot.onh Vulnerability: Insecure Permissions Description: NanoBot.onh creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/14 12:0 a.m.423 views

Trojan.Win32.Agent.zfgh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.zfgh Vulnerability: Insecure Permissions Description: Agent.zfgh creates an hidde...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/26 12:0 a.m.423 views

SAP Solution Manager 7.2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...

7.5CVSS0.1AI score0.98376EPSS
Exploits7
Packet Storm
Packet Storm
added 2020/08/31 12:0 a.m.423 views

Fuel CMS 1.4.8 SQL Injection

Exploit Title: Fuel CMS 1.4.8 - 'fuelreplaceid' SQL Injection Authenticated Date: 2020-08-19 Exploit Author: c0mpu7er(@ymbank.cn) Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.8.zip Version: 1.4.7 Tested on: PHP 5.4.45, Apache...

0.3AI score
Exploits0
Total number of security vulnerabilities5000