Lucene search
K
PacketstormMost viewed

50773 matches found

Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.393 views

Evento Multivendor Event Ticket Booking 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/05/08 12:0 a.m.393 views

Rollout::UI 0.5 Cross Site Scripting

ADVISORY INFORMATION ======================= Exploit Title: Rollout::UI v0.5 Cross-site scripting Date: 2023-05-05 Exploit Author: Eduardo José de Borba Vendor Homepage: https://github.com/fetlife Software Link: https://github.com/fetlife/rollout-ui Type: Cross-Site Scripting CWE-79 Tested on:...

7.1AI score0.00697EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.393 views

Ivanti Cloud Services Appliance (CSA) Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Cloud Services Appliance CSA Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Ivanti...

9.8CVSS0.7AI score0.99105EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.393 views

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubuntu Enlightenment Mount Priv Esc', 'Description' = %q This module exploits a command injection within Enlightenment's enlightenmentsys binary...

0.8AI score0.05486EPSS
Exploits15
Packet Storm
Packet Storm
added 2022/07/01 12:0 a.m.393 views

PHP Library Remote Code Execution

JAHx221 - RCE in copy/pasted PHP compat libraries, jsondecode function =============================================================================== Several PHP compatability libraries contain a potential remote code execution flaw in their jsondecode function based on having copy pasted existi...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/01 12:0 a.m.393 views

MilleGPG5 5.7.2 Luglio 2021 Privilege Escalation

Exploit Title: MilleGPG5 5.7.2 Luglio 2021 x64 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it/ Software Link: https://www.millegpg.it/download/MilleGPGInstall.exe Version: 5.7.2 Test...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.393 views

Email-Worm.Win32.Plexus.b Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee8990b5d076a7ed601a30eb677cc9be.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Plexus.b Vulnerability: Unauthenticated Remote Code Execution Description: The...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/29 12:0 a.m.393 views

WordPress Select All Categories And Taxonomies 1.3.1 Cross Site Scripting

Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Date: 2/15/2021 Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested...

6.1CVSS0.10358EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/03/02 12:0 a.m.393 views

CASAP Automated Enrollment System 1.1 SQL Injection

Exploit Title: CASAP Automated Enrollment System 1.1 - Authentication Bypass cookie session Exploit Author: @nu11secur1ty Date: 03.02.2021 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...

7.5CVSS0.7AI score0.02179EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.393 views

Online News Portal System 1.0 Cross Site Scripting

Exploit Title: Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting Date: 24-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/php/14600/online-news-portal-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/22 12:0 a.m.393 views

Mac OS X Feedback Assistant Race Condition

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X Feedback Assistant Race Condition', 'Description' = %q This module exploits a race condition vulnerability in Mac's Feedback Assistant. ...

7.1AI score0.13512EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/04/20 12:0 a.m.393 views

RingsDB Software 1.0.0 Database Disclosure

Exploit Title : RingsDB Software 1.0.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/04/2019 Vendor Homepage : ringsdb.com Software Download Link : github.com/Sydtrack/ringsdb/archive/1.0.0.zip Software Information Link : ringsdb.com/abo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/27 12:0 a.m.393 views

phpMyAdmin 4.8.1 Authenticated Local File Inclusion

Exploit Title: phpMyAdmin 4.8.1 - Authenticated Local File Inclusion Date: 27-11-2018 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.phpmyadmin.net/ Software Link:...

6.5CVSS0.5AI score0.98391EPSS
Exploits20
Packet Storm
Packet Storm
added 2017/05/25 12:0 a.m.393 views

Samba 3.5.0 Remote Code Execution

! /usr/bin/env python Title : ETERNALRED Date: 05/24/2017 Exploit Author: steelo Vendor Homepage: https://www.samba.org Samba 3.5.0 - 4.5.4/4.5.10/4.4.14 CVE-2017-7494 import argparse import os.path import sys import tempfile import time from smb.SMBConnection import SMBConnection from smb import...

0.99448EPSS
Exploits24
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.392 views

Veritas Backup Exec Server Registry Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Server Registry Access', 'Description' = %q This modules exploits a remote registry access flaw in the BackupExec Windows...

10CVSS7AI score0.54155EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/11/17 12:0 a.m.392 views

Magento 2.4.6 XSLT Server Side Injection / Command Execution

Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Date: 2023-11-17 Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: https://github.com/magento/magento2/archive/refs/tags/2.4.6-p3.zip Version: 2.4.6 Tested on: 2.4.6 POC: 1 Enter with adm...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.392 views

Backdoor.Win32.Burbul.b Anonymous Login

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3ee4cb2e06eb1f7fe54c89db903f3e7a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Burbul.b Vulnerability: Anonymous Logon Description: Backdoor Burbul.b listens on TCP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.392 views

ChurchCRM 4.2.1 Cross Site Scripting

Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site ScriptingXSS Date: 2020- 10- 29 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM Version: 4.2.1 Tested on: Kali Linux 2020.3 Proof Of Concept: ChurchCRM application allo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.392 views

Nagios XI 5.7.3 Remote Command Injection

Exploit Title: Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection Authenticated Date: 10-27-2020 Vulnerability Discovery: Chris Lyne Vulnerability Details: https://www.tenable.com/security/research/tra-2020-58 Exploit Author: Matthew Aberegg Vendor Homepage:...

9CVSS0.78632EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.391 views

📄 motionEye 0.43.1b4 Remote Command Injection

A remote command injection vulnerability exists in motionEye versions up to and including 0.43.1b4. The issue arises from improper validation and sanitization of user‑supplied input within camera configuration parameters. Under certain conditions, authenticated users can inject crafted input that...

7.2CVSS6.1AI score0.18993EPSS
Exploits16
Packet Storm
Packet Storm
added 2024/09/20 12:0 a.m.391 views

BlackNET 3.7.0.0 Missing Authentication / File Deletion / Traversal

Exploit Title: BlackNET - Multiple Vulnerabilities Exploit Author: bRpsd Date: 20/09/2024 Vendor Homepage: https://github.com/AndroVirus Software Link: https://github.com/AndroVirus/BlackNET/ Version: v3.7.0.0 Tested on: MacOS - Xampp CVE: NA import requests Define the target URL for the POST...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/08 12:0 a.m.391 views

KiTTY 0.76.1.13 Command Injection

!/usr/bin/python ---------------------------------------------------------------------------------------- Exploit: KiTTY ≤ 0.76.1.13 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input CVE-2024-23749 OS: Microsoft Windows 11/10/8/7/XP Author: DEFCESCO Austin A. DeFrancesco...

7.4AI score0.04692EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/09/19 12:0 a.m.391 views

Lacabane 1.0 SQL Injection

==================================================================================================================================== | Title : lacabane v1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/13 12:0 a.m.391 views

PHP Shopping Cart 4.2 SQL Injection

Title: PHP Shopping Cart-4.2 Multiple-SQLi Author: nu11secur1ty Date: 09/13/2023 Vendor: https://www.phpjabbers.com/ Software:https://www.phpjabbers.com/php-shopping-cart-script/sectionPricing Reference: https://portswigger.net/web-security/sql-injection Description: The id parameter appears to b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/30 12:0 a.m.391 views

Ancillary Function Driver (AFD) For Winsock Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ancillary Function Driver AFD for WinSock Elevation of Privilege', 'Description' = %q A vulnerability exists in the Windows Ancillary Function...

7.8CVSS7.8AI score0.65417EPSS
Exploits13
Packet Storm
Packet Storm
added 2023/02/28 12:0 a.m.391 views

WordPress Real Estate 7 Theme 3.3.4 Abuse Of Functionality

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Abuse of Functionality Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz https://fearzzzz.ru Component...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/09 12:0 a.m.391 views

PAN-OS 10.0 Remote Code Execution

Exploit Title: PAN-OS 10.0 - Remote Code Execution RCE Authenticated Date: 2022-08-13 Exploit Author: UnD3sc0n0c1d0 Software Link: https://security.paloaltonetworks.com/CVE-2020-2038 Category: Web Application Version: 10.0.1, 9.1.4 and 9.0.10 Tested on: PAN-OS 10.0 - Parrot OS CVE : CVE-2020-2038...

9CVSS7AI score0.86086EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.391 views

FusionPBX 4.5.29 Remote Code Execution

Exploit Title: FusionPBX 4.5.29 - Remote Code Execution RCE Authenticated Date: 11/08/2021 Exploit Author: Luska Vendor Homepage: https://www.fusionpbx.com/ Software Link: https://github.com/fusionpbx/fusionpbx Version: 4.5.30 Tested on: Debian CVE : CVE-2021-43405 !/usr/bin/python3 import reques...

8.7AI score0.35628EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/08/23 12:0 a.m.391 views

Online Traffic Offense Management System 1.0 Remote Code Execution

Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/04/01 12:0 a.m.391 views

Company Crime Tracking Software 1.0 Cross Site Scripting

Exploit Title: Company Crime Tracknig Software | 'fname,surname,email' Stored Cross Site Scripting Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12644/company-crime-tracking-system.html Version: 1....

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/04 12:0 a.m.391 views

e107 CMS 2.3.0 Cross Site Request Forgery

Exploit Title: e107 CMS 2.3.0 - CSRF Date: 04/03/2021 Exploit Author: Tadjmen Vendor Homepage: https://e107.org Software Link: https://e107.org/download Version: 2.3.0 Tested on: Windows 10 CVE : CVE-2021-27885 CSRF vulnerability on e107 CMS Bug Description Hi. I found a CSRF on the e107 CMS...

0.5AI score0.03207EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/02/26 12:0 a.m.391 views

WordPress Under Construction, Coming Soon, And Maintenance Mode 1.1.1 SSRF / XSS

There are SSRF and RXSS vulnerabilities in the WordPress plugin Under Construction, Coming Soon & Maintenance Mode version 1.1.1. Both vulnerabilities are fixed in version 1.1.2: https://wordpress.org/plugins/under-construction-maintenance-mode/developers 1 SSRF Here is the relevant code from fil...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.391 views

Backdoor.Win32.DarkKomet.irv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.irv Vulnerability: Insecure Permissions Description: DarkKomet.irv creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.391 views

Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 LFI

Exploit Title: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion Date: 2020-10-27 Exploit Author: Ivo Palazzolo @palaziv Reference: https://www.oracle.com/security-alerts/cpuoct2020.html Vendor Homepage...

7.8CVSS0.97233EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/10/12 12:0 a.m.391 views

Kentico CMS 9.0-12.0.49 Cross Site Scripting

Exploit Title: Kentico CMS 9.0-12.0.49 - Persistent Cross Site Scripting Exploit Author: Ataberk YAVUZER CVE: CVE-2019-19493 Type: Webapps Vendor Homepage: https://www.kentico.com/ Version: 9.0-12.0.49 Date: 29-11-2019 CVE Details: https://nvd.nist.gov/vuln/detail/CVE-2019-19493 Details Persisten...

4.3CVSS5.6AI score0.02023EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/10/05 12:0 a.m.391 views

GitLab Omnibus 12.2.1 Logrotate Privilege Escalation

Privilege Escalation via Logrotate in Gitlab Omnibus Overview Identifier: AIT-SA-20190930-01 Target: GitLab Omnibus Vendor: GitLab Version: 7.4 through 12.2.1 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: CVE-2019-15741 Accessibility: Local Severity: Low Author: Wolfgang Hotwagner AIT Austrian...

7.5CVSS0.8AI score0.03073EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/02/16 12:0 a.m.391 views

Listing Hub CMS 1.0 SQL Injection

Exploit Title: Listing Hub CMS 1.0 - 'pages.php id' SQL Injection Google Dork: inurl:"pages.php?title=privacy-policy" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://themerig.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/09/15 12:0 a.m.391 views

Watchguard AP100/AP102/AP200 1.2.9.15 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watchguard AP Backdoor Shell', 'Description' = 'Watchguard AP's have a backdoor account with known credentials. This can be used to gain a valid...

9CVSS8.2AI score0.08671EPSS
Exploits5
Packet Storm
Packet Storm
added 2011/10/06 12:0 a.m.391 views

Apache Reverse Proxy Bypass

===============================ADVISORY============================== Systems Affected: Apache httpd Severity: High Category: Proxy Bypass Author: Context Information Security Ltd Reported to vendor: 16th November 2011 Advisory Issued: 5th October 2011 Reference: CVE-2011-3368...

5CVSS9AI score0.90734EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/05/21 12:0 a.m.390 views

Joomla 4.2.8 Information Disclosure

!/bin/bash Exploit Title: Joomla! \n" exit 1 else echo -e "\n Joomla! out.tmp echo -e "\ni Database info:\n" echo -e "+ DB Type: $sed -E 's/."dbtype":"^"+"./\1/' out.tmp" echo -e "+ DB Host: $sed -E 's/."host":"^"+"./\1/' out.tmp" echo -e "\e92m+ DB User: $sed -E 's/."user":"^"+"./\1/' out.tmp\e0...

5CVSS7.4AI score0.99827EPSS
Exploits43
Packet Storm
Packet Storm
added 2024/05/01 12:0 a.m.390 views

Online Tours And Travels Management System 1.0 SQL Injection

Titles: Travel-Manager-OTMSP-1.0 Multiple SQLi Author: nu11secur1ty Date: 05/01/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Reference: https://portswigger.net/web-security/sql-injectio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/07 12:0 a.m.390 views

NDtaskmatic 1.0 SQL Injection

Title: NDtaskmatic-1.0-by-Mayuri.K Multiple-SQLi Author: nu11secur1ty Date: 03/07/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Reference: https://portswigger.net/web-security/sql-injection...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/01 12:0 a.m.390 views

STARFACE 7.3.0.10 Broken Authentication

Advisory: STARFACE: Authentication with Password Hash Possible RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext...

7.1AI score0.04421EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/11/15 12:0 a.m.390 views

WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: BeCustom Wordpress Plugin Vendor URL: https://muffingroup.com/betheme/features/be-custom/ Type: Cross-Site Request Forgery CWE-253 Date found: 2021-10-28 Date published: 2022-11-10 CVSSv3...

7.1AI score0.00781EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.390 views

Transposh WordPress Translation 1.0.8.1 SQL Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Improper Authorization CWE-285 Date found: 2022-02-21 Date...

0.2AI score0.01202EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.390 views

Backdoor.Win32.Hupigon.afjk Directory Traversal

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/80b0fc8c0657c0ae7971f09af45c706b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.afjk Vulnerability: Directory Traversal Description: The malware deploys a We...

Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.390 views

WordPress Media-Tags 3.2.0.2 Cross Site Scripting

Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/08/06 12:0 a.m.390 views

Trojan-Dropper.Win32.Small.fp Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/07122dd3b069bbbb445e060c1249d5a2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Small.fp Vulnerability: Unauthenticated Open Proxy Description: The malware...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/15 12:0 a.m.390 views

Windows Server 2012 SrClient DLL Hijacking

class MetasploitModule 'Windows Server 2012 SrClient DLL hijacking', 'Description' = %q All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/08 12:0 a.m.390 views

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Stack Buffer Overflow Description: The specimen drop...

0.7AI score
Exploits0
Total number of security vulnerabilities5000