Lucene search
K
PacketstormMost viewed

50773 matches found

Packet Storm
Packet Storm
added 2020/12/07 12:0 a.m.407 views

Cyber Cafe Management System 1.0 Cross Site Scripting

Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - Persistent Cross-Site Scripting Date: 04-12-2020 Exploit Author: Pruthvi Nekkanti Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: Kali...

Exploits0
Packet Storm
Packet Storm
added 2020/11/26 12:0 a.m.407 views

Foxit Reader 9.0.1.1049 Arbitrary Code Execution

Exploit Title: Foxit Reader 9.0.1.1049 - Arbitrary Code Execution Date: August 29, 2020 Exploit Author: CrossWire Vendor Homepage: https://www.foxitsoftware.com/ Software Link:...

6.8CVSS0.9AI score0.63313EPSS
Exploits13
Packet Storm
Packet Storm
added 2020/09/03 12:0 a.m.407 views

Noise-Java AESGCMFallbackCipherState.encryptWithAd() Insufficient Boundary Checks

Vulnerability title: Noise-Java AESGCMFallbackCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25022 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is...

6.8CVSS0.02553EPSS
Exploits11
Packet Storm
Packet Storm
added 2019/08/23 12:0 a.m.407 views

Exim 4.91 Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'expect' class MetasploitModule 'Exim 4.87 - 4.91 Local Privilege Escalation', 'Description' = %q This module exploits a flaw in Exim versions 4.87 to 4.91...

7.5CVSS0.6AI score0.99961EPSS
Exploits27
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.406 views

needrestart Local Privilege Escalation

Qualys Security Advisory LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary...

7.8CVSS6.9AI score0.19924EPSS
Exploits16
Packet Storm
Packet Storm
added 2024/01/24 12:0 a.m.406 views

Employee Management System 1.0 SQL Injection

Exploit Title: Employee Management System - SQLi Date: 23/03/2024 Exploit Author: Özlem Balcı Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Software Download:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.406 views

Jedox 2020.2.5 Cross Site Scripting

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...

7.1AI score0.02631EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/01/06 12:0 a.m.406 views

Backdoor.Win32.SubSeven.c Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bc7f4c4689f1b8ad395404d1e75c776f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SubSeven.c Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/01/06 12:0 a.m.406 views

Simple Music Cloud Community System 1.0 SQL Injection

Title: Simple Music Cloud Community System 1.0 SQL - Injections Author: nu11secur1ty Date: 01.05.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14605/simple-music-cloud-community-system-using-phpmysqli-source-code.html Description: The email...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/09 12:0 a.m.406 views

WordPress Catch Themes Demo Import 1.6.1 Shell Upload

Exploit Title: Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution RCE Authenticated Date 07.12.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wordpress.org/plugins/catch-themes-demo-import/ Software Link:...

7.2CVSS7.2AI score0.55729EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/11/22 12:0 a.m.406 views

Wipro Holmes Orchestrator 20.4.1 Report Disclosure

Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Excel Report Download Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38147 In the Wipro Holmes Orchestrator 20.4.1...

7.5AI score0.53008EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/04/01 12:0 a.m.406 views

School Registration And Fee System 1.0 Cross Site Scripting

Exploit Title: School Registration and Fee System | Multiple Stored Cross Site Scripting Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/18 12:0 a.m.406 views

D-Link DGS-1210-28 Denial Of Service

Exploit Title: D-Link DGS-1210-28 Denial of Service Date: 18 Sep 2020 Exploit Author: Saeed Reza Zamanian Product : D-Link DGS-1210-28 Vendor Homepage: https://www.dlink.com/ Product Link: https://www.dlink.com/en/products/dgs-1210-28-28-port-gigabit-smart-managed-switch Version : DGS-1210-28...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/18 12:0 a.m.406 views

SpamTitan 7.07 Remote Code Execution

Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...

7.6AI score0.09644EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/11/21 12:0 a.m.406 views

WebOfisi E-Ticaret 4 SQL Injection

Exploit Title: WebOfisi E-Ticaret V4 - 'urun' SQL Injection Date: 2018-11-21 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.web-ofisi.com Software Demo: http://demobul.net/eticaretv4/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/11 12:0 a.m.406 views

Xoops 2.5.4 Blind SQL Injection

------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: "Powered by XOOPS 2.5.4" Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom Tested on: Freebsd 8 and Debian...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/02/28 12:0 a.m.405 views

BeyondTrust 24.3.1 Code Execution

BeyondTrust version 24.3.1 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : BeyondTrust v24.3.1 PHP Code Injection Vulnerability | | Author : indoush...

7.9AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.405 views

Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump', 'Description' = %q This module uses a blind SQL injection CVE-2020-572...

9.8CVSS7AI score0.11875EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.405 views

PHPJabbers Meeting Room Booking System 1.0 Cross Site Scripting

Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1....

7.4AI score0.00264EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/12/20 12:0 a.m.405 views

MajorDoMo Remote Code Execution

Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...

9.8CVSS7.2AI score0.38263EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/09/29 12:0 a.m.405 views

JetBrains TeamCity Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JetBrains TeamCity Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability to...

9.8CVSS9.3AI score0.99979EPSS
Exploits17
Packet Storm
Packet Storm
added 2023/06/08 12:0 a.m.405 views

Delta Electronics InfraSuite Device Master Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics InfraSuite Device Master Deserialization', 'Description' = %q Delta Electronics InfraSuite Device Master versions below v1.0.5...

9.8CVSS7.1AI score0.5005EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/01 12:0 a.m.405 views

Bumsys Business Management System 1.0.3-beta Shell Upload

Exploit Title: - unilogies/bumsys v1.0.3-beta - Unrestricted File Upload Google Dork : NA Date: 19-01-2023 Exploit Author: AFFAN AHMED Vendor Homepage: https://github.com/unilogies/bumsys Software Link: https://github.com/unilogies/bumsys/archive/refs/tags/v1.0.3-beta.zip Version: 1.0.3-beta Test...

8.8CVSS7.1AI score0.05748EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/11/23 12:0 a.m.405 views

Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f312e3a436995b86b205a1a37b1bf10f.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Backdoor.Win32.Serman.a Vulnerability:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/08 12:0 a.m.405 views

Reprise License Manager 14.2 Buffer Overflow

Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44154 Vulnerability Title: Authenticated Buffer Overflow Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...

0.6AI score0.0185EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.405 views

HCL Lotus Notes 12 Unquoted Service Path

Exploit Title: HCL Lotus Notes V12- Unquoted Service Path Exploit Author: Mert DAŞ Version: V12 Date: 01/12/2021 Vendor Homepage: https://www.hcltechsw.com/domino/download Tested on: Windows 10 ProcessId : 3860 Name : LNSUSvc DisplayName : HCL Notes Smart Upgrade Hizmeti PathName :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.405 views

Auerswald COMpact 8.0B Arbitrary File Disclosure

Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...

0.6AI score0.02394EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/10/13 12:0 a.m.405 views

Keycloak 12.0.1 Server-Side Request Forgery

Exploit Title: Keycloak 12.0.1 - 'requesturi ' Blind Server-Side Request Forgery SSRF Unauthenticated Date: 2021-10-13 Exploit Author: Mayank Deshmukh Author Twitter: ColdFusionX Vendor Homepage: https://www.keycloak.org/ Software Link: https://www.keycloak.org/archive/downloads-12.0.1.html...

5.3CVSS0.7AI score0.69724EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/08/12 12:0 a.m.405 views

Lexmark Driver Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Driver Privilege Escalation', 'Description' = %q Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileg...

7.2CVSS1.1AI score0.01413EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.405 views

Baby Care System 1.0 SQL Injection

Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/11 12:0 a.m.404 views

📄 WordPress LearnPress 4.2.7 SQL Injection

WordPress LearnPress plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability. My name: Francisco Moraga BTshell @BTshell https://www.linkedin.com/in/btshell/ Exploit Title: LearnPress WordPress LMS Plugin = 4.2.7 - Unauthenticated SQL Injection via 'conlyfields' Google...

10CVSS9AI score0.63134EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.404 views

DiCal-RED 4009 Weak Hashing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-037 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash With Insufficient Computational Effort CWE-916 Risk Level: Medium Solution...

6.8CVSS7.1AI score0.00292EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.404 views

Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERVBSCRIPTTROJANMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Vulnerability Type...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/02 12:0 a.m.404 views

Oracle RMAN Missing Auditing

Title: CVE-2021-2207 - RMAN Controlfile Operation Not Audited Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: low Score: 2.3 Solution Status: Fixed CVE Reference: CVE-2021-2207 Author of Advisory: Emad Al-Mousa Overview: Audi...

2.3CVSS7.1AI score0.00643EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/08/22 12:0 a.m.404 views

TSPlus 16.0.2.14 Insecure Permissions

Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...

7.1AI score0.02884EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.404 views

Blackboard 2.0.2 Database Disclosure

==================================================================================================================================== | Title : blackboard v 2.0.2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/18 12:0 a.m.404 views

Mware Workspace ONE Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access VMSA-2022-0011 exploit chain', 'Description' = %q This module combines two vulnerabilities in order achieve remote co...

9.8CVSS8.4AI score0.50694EPSS
Exploits13
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.404 views

Backdoor.Win32.Destrukor.20 MVID-2022-0627 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Unauthenticated Remote Command Execution...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.404 views

phpMyAdmin 4.8.1 Remote Code Execution

Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Date: 17/08/2021 Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested o...

8.8CVSS0.98391EPSS
Exploits20
Packet Storm
Packet Storm
added 2020/04/14 12:0 a.m.404 views

ThinkPHP 5.0.23 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinkPHP Multiple PHP Injection RCEs', 'Description' = %q This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web...

10CVSS9.5AI score0.9953EPSS
Exploits9
Packet Storm
Packet Storm
added 2019/09/03 12:0 a.m.404 views

Microsoft Outlook Web Access 14.3.224.2 Header Injection

!/usr/bin/perl -w Microsoft Outlook Web Access build:14.3.224.2 Remote Header 'Host' Injection Copyright 2019 c Todor Donev I suspect "Web Cache Poison" but I'm not sure, so test ; Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/17 12:0 a.m.403 views

SofaWiki 3.9.2 Shell Upload

Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/24 12:0 a.m.403 views

ABB Cylon Aspect 3.08.01 Remote Code Execution

ABB Cylon Aspect 3.08.01 bigUpload.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

10CVSS7.1AI score0.1901EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/03/14 12:0 a.m.403 views

Backdoor.Win32.Emegrab.b MVID-2024-0675 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/19a14d0414aec62ef38378de2e8b259d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Emegrab.b Vulnerability: Remote Stack Buffer Overflow SEH Family: Emegrab...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.403 views

CMS Made Simple 2.2.19 Server-Side Template Injection

Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/12/15 12:0 a.m.403 views

osCommerce 4.13-60075 Shell Upload

Title: osCommerce 4.13-60075 File-Upload-RCE Author: nu11secur1ty Date: 12/14/2023 Vendor: https://www.oscommerce.com/ Software: https://www.oscommerce.com/download-file Reference: https://portswigger.net/web-security/file-upload Description: The parameter "icon-pencil" in the upload-file...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/10/03 12:0 a.m.403 views

SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/09 12:0 a.m.403 views

Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a remote unauthenticated command injecti...

9.8CVSS7.1AI score0.99284EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/05/11 12:0 a.m.403 views

Pentaho Business Server Authentication Bypass / SSTI / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pentaho Business Server Auth Bypass and Server Side Template Injection RCE', 'Description' = %q Hitachi Vantara Pentaho Business Analytics Server...

9.8CVSS8.5AI score0.9767EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/04/21 12:0 a.m.403 views

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...

0.6AI score
Exploits0
Total number of security vulnerabilities5000