Lucene search
K
PacketstormMost viewed

50773 matches found

Packet Storm
Packet Storm
added 2021/04/23 12:0 a.m.380 views

GetSimple CMS My SMTP Contact 1.1.1 CSRF/ XSS / Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to Stored XSS to RCE Exploit Author: Bobby Cooke boku Date: April 22nd, 2021 Vendor Homepage: http://get-simple.info & Software Link: http://get-simple.info/download/ Version: Exploit = v1.1.1 | Stored XSS = v1.1.2 Tested against...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/14 12:0 a.m.380 views

MiniWeb HTTP Server 0.8.19 Buffer Overflow

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/21 12:0 a.m.380 views

Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover

!/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ develop advertising platform for out of home media in that ti...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/03 12:0 a.m.380 views

FileThingie 2.5.7 Remote Shell Upload

Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Discovery Date: 2019-09-03 Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS: CentOS 7 CVE: N/A Intro: Easy arbitrary file...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/01/28 12:0 a.m.380 views

Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic wls-wsat Component Deserialization RCE', 'Description' = %q The Oracle WebLogic WLS WSAT Component is vulnerable to a XML...

5CVSS7.8AI score0.99993EPSS
Exploits45
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.379 views

WyreStorm Apollo VX20 Credential Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

7.4AI score0.50622EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/16 12:0 a.m.379 views

MailCarrier 2.51 Denial Of Service

!/usr/bin/perl use IO::Socket::INET Exploit Title: MailCarrier 2.51 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 16 january 2024 Tested Version: MailCarrier 2.51 Tested on: Window XP Professional - Service Pack 2 and 3 - English Vulnerability Type: Denial of Service DoS ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/15 12:0 a.m.379 views

Academy LMS 6.2 SQL Injection

Exploit Title: Academy LMS 6.2 - SQL Injection Exploit Author: CraCkEr Date: 29/08/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4974 CWE: CWE-89 / CWE-74 /...

7.1AI score0.04886EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/05/04 12:0 a.m.379 views

Shannon Baseband fmtp SDP Attribute Memory Corruption

Shannon Baseband: Memory corruption when processing fmtp SDP attribute There is a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffe...

9.8CVSS6.9AI score0.0347EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/03/15 12:0 a.m.379 views

Fortinet FortiNAC keyUpload.jsp Arbitrary File Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiNAC keyUpload.jsp arbitrary file write', 'Description' = %q This module uploads a payload to the /tmp directory in addition to a cr...

9.8CVSS0.5AI score0.99815EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/04/08 12:0 a.m.379 views

School Club Application System 1.0 Local File Inclusion

Title: School Club Application System 1.0 LFI To RCE Author: Hejap Zairy Date: 08.04.2022 Vendor: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scas0.zip Referenc...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.379 views

pfSense 2.5.2 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense Diag Routes Web Shell Upload', 'Description' = %q This module exploits an arbitrary file creation vulnerability in the pfSense HTTP...

8.8AI score0.87113EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/12/03 12:0 a.m.379 views

Backdoor.Win32.WinShell.50 Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0faecbdfccf3144d487971ed47f3665c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.50 Vulnerability: Weak Hardcoded Password Description: The malware listens o...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/01 12:0 a.m.379 views

Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting

Exploit Title: Online Enrollment Management System in PHP and PayPal 1.0 - 'UNAME' Stored Cross-Site Scripting Date: 2021-08-31 Exploit Author: Tushar Jadhav Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

5.4CVSS0.2AI score0.01635EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.379 views

Trojan.Win32.SkynetRef.x Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/339ec4617eababfd46006f2219e68cb8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SkynetRef.x Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/14 12:0 a.m.379 views

IFSC Code Finder Project 1.0 SQL Injection

Hello, dear friends. KR CVE-2021-42224 Vendor Description: - vulnerability: all or nothing SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. The searchifsccode parameter appears to be vulnerable to SQL injection attacks. The...

0.3AI score0.0219EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/10/05 12:0 a.m.379 views

Trojan-PSW.Win32.PdPinch.gen Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0e4fbfeb6f7a98e437a497013b285ffc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-PSW.Win32.PdPinch.gen Vulnerability: Remote Denial of Service Description: The malware listen...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/07 12:0 a.m.379 views

Online Covid Vaccination Scheduler System 1.0 SQL Injection

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection Date: 2021-07-07 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/30 12:0 a.m.379 views

OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting

Product: OX App Suite / OX Guard Vendor: OX Software GmbH Affected product: OX App Suite Internal reference: OXUIB-481 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.4 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendo...

0.0157EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/03/01 12:0 a.m.379 views

Trojan-Spy.Win32.Stealer.osh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d58b1c2f540268bd9dd920455568d45f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Stealer.osh Vulnerability: Insecure Permissions Description: The malware creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/11 12:0 a.m.379 views

Backdoor.Win32.BackAttack.18 Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c806d23f4343ab40cf897e9c38b5c1c3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BackAttack.18 Vulnerability: Multiple Vulnerabilities Description: BackAttack.18 v1.8...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/29 12:0 a.m.379 views

GFI Kerio Control 9.3.0 Cross Site Scripting

/ - DOM based XSS in Kerio Control Firewalls v9.3.0 - CVE-2019-16414 - Finder: Michael Eissele - Description: character encoding i.e. quote, \x22 allows to bypass input filter, opening up for DOM based XSS. - PoC Link to include exploit:...

0.1AI score0.01566EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/16 12:0 a.m.378 views

📄 HTTP/2 Rapid Reset DoS Tester

This is an HTTP/2 Rapid Reset denial of service testing tool. It provides a comprehensive method for testing CVE-2023-44487 with cross-system compatibility, improved user interface, and detailed reporting capabilities...

7.5CVSS7.4AI score0.99999EPSS
Exploits19
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.378 views

Korenix JetPort 5601 1.2 Path Traversal

St. Pölten UAS 20241118-1 ------------------------------------------------------------------------------- title| Path Traversal product| Korenix JetPort 5601 vulnerable version| 1.2 fixed version| - CVE number| CVE-2024-11303 impact| High homepage| https://www.korenix.com/ found| 2024-05-24 by| P...

8.7CVSS7.1AI score0.0181EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.378 views

HP ILO 4 1.00-2.50 Authentication Bypass Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation', 'Description' = %q This module exploits an authentication bypass in HP...

10CVSS7AI score0.99335EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.378 views

DiCal-RED 4009 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Risk Level: Medium Solution...

5.4CVSS7.1AI score0.00337EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.378 views

Cacti pollers.php SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti RCE via SQLi in pollers.php', 'Description' = %q This exploit module leverages a SQLi CVE-2023-49085 and a LFI CVE-2023-49084 vulnerability...

8.8CVSS7.4AI score0.84628EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.378 views

fastCMS Blogging 3.1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.378 views

Apache Tomcat 10.1 Denial Of Service

Exploit Title: Apache Tomcat 10.1 - Denial Of Service Google Dork: N/A Date: 13/07/2022 Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE :...

7.5CVSS7.7AI score0.73139EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/01/31 12:0 a.m.378 views

Control Web Panel Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'CWP login.php Unauthenticated RCE', 'Description' = %q Control Web Panel versions 'Spencer McIntyre', metasploit module...

9.8CVSS0.6AI score0.99995EPSS
Exploits12
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.378 views

Canteen Management 1.0-2022 Cross Site Scripting

Title: Canteen-Management-1.0-2022 suffers from XSS-Reflected Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

Exploits0
Packet Storm
Packet Storm
added 2022/08/05 12:0 a.m.378 views

WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery

Description: Cross-Site Request Forgery to Settings/Options Update Affected Plugin: Ecwid Ecommerce Shopping Cart Plugin Slug: ecwid-shopping-cart Affected Versions: = 6.10.23 CVE ID: CVE-2022-2432 CVSS Score: 8.8 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Researcher/s: Marco...

5.2AI score0.00454EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/01/17 12:0 a.m.379 views

SB Admin Cross Site Request Forgery / SQL Injection

$$$$$$$\ $$ $$\ $$ | $$ |$$\ $$\ $$\ $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$ |$$ | $$ | $$ |$$ $$\ $$ $$\ $$ | $$ / $$ | $$ | $$ |$$ | $$ | $$$$$$$$ |$$ / $$ | $$ | $$ | $$ |$$ | $$ | $$ |$$ | $$ | $$$$$$$$$ |$$ | $$ |$$\$$$$$$$\ $$$$$$$\ | \/ | ||| | Offensive Security Community Ecuador...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.378 views

OpenClinic GA 5.194.18 Privilege Escalation

Exploit Title: OpenClinic GA 5.194.18 - Local Privilege Escalation Date: 2021-07-24 Author: Alessandro Salzano Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Homepage: https://sourceforge.net/projects/open-clinic/ Software Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.378 views

Advantech iView Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Advantech iView Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated configuration change combined...

7.5CVSS1.1AI score0.36845EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/12/21 12:0 a.m.378 views

Stratodesk NoTouch Center Privilege Escalation

Stratodesk NoTouch Center Virtual Appliance is a portal for managing NoTouch clients. It appears that Stratodesk has a partnership with ViewSonic and produced these appliances to support some of their hardware devices as well. - https://www.stratodesk.com/products/notouch-desktop/virtual-applianc...

0.5AI score0.01241EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/09 12:0 a.m.378 views

Dup Scout Enterprise 10.0.18 Buffer Overflow

Exploit Title: Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow SEH Date: 2020-12-08 Exploit Author: Andrés Roldán Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/downloads.html Version: 10.0.18 Tested on: Windows 10 Pro x64 !/usr/bin/env python3 import...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.377 views

Gambio Online Webshop 4.9.2.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gambio onli...

9.8CVSS9.7AI score0.47829EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/03/11 12:0 a.m.377 views

Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read

Exploit Title: File Read Arbitrary Exploit for CVE-2023-26360 Google Dork: not Date: 12/28/2023 Exploit Author: Youssef Muhammad Vendor Homepage: https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html Software Link: https://drive.google.com/drive/folders/17ryBnFhswxiE1sHrNByxMVPKfUnwqmp0...

9.8CVSS7.4AI score0.97339EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.377 views

PHPJabbers Restaurant Booking System 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Restaurant Booking System v3.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/restaurant-booking-system/sectionDemo Version: v3.0 Tested o...

7.4AI score0.00679EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/11/25 12:0 a.m.377 views

CSZ CMS 1.3.0 Shell Upload

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 23/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/15 12:0 a.m.377 views

RaspAP 2.8.7 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RaspAP Unauthenticated Command Injection', 'Description' = %q RaspAP is feature-rich wireless router software that just works on many popular...

9.8CVSS7.1AI score0.98725EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/02/22 12:0 a.m.377 views

pyLoad js2py Python Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'pyLoad js2py Python Execution', 'Description' = %q pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code...

9.8CVSS9.6AI score0.96988EPSS
Exploits13
Packet Storm
Packet Storm
added 2023/02/08 12:0 a.m.377 views

ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADSelfService Plus Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerabilit...

9.8CVSS0.7AI score0.99753EPSS
Exploits15
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.377 views

TP-Link AX50 Remote Code Execution

Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Date: 2022-06-08 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability...

8.8CVSS8.8AI score0.37199EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/02/20 12:0 a.m.377 views

Apache MyFaces 2.x Cross Site Request Forgery

Ceritude Securiy Advisory - CSA-2021-001 PRODUCT : Apache MyFaces VENDOR : The Apache Software Foundation SEVERITY : High AFFECTED VERSION : =2.2.13, =2.3.7, =2.3-next-M4, =2.1 branches IDENTIFIERS : CVE-2021-26296 PATCH VERSION : 2.2.14, 2.3.8, 2.3-next-M5, 3.0.0 FOUND BY : Wolfgang Ettlinger,...

0.7AI score0.03026EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/11/29 12:0 a.m.377 views

YATinyWinFTP Denial Of Service

Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Date: 20.08.2020 Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/10 12:0 a.m.377 views

WordPress SlickQuiz 1.3.7.1 Cross Site Scripting

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SlickQuiz Vendor URL: https://wordpress.org/plugins/slickquiz/ Type: Cross-Site Scripting CWE-79 Date found: 2019-05-30 Date published: 2019-09-10 CVSSv3 Score: 6.1...

6.4AI score0.01248EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.377 views

Webmin 1.920 rpc.cgi Remote Root

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Webmin %q This exploit takes advantage of a code execution issue within the function unserialisevariable located in web-lib-funcs.pl, in order to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/02/14 12:0 a.m.377 views

RVSiteBuilder RVGlobalSoft CMS 7.0 Bypass / Disclosure / SQL Injection

Exploit Title : RVSiteBuilder RVGlobalSoft CMS 7.0 Multiple Vulnerabilities Vulnerabilities are = SQL Injection / File Upload / Authentication Bypass / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Team Date : 14/02/2019 Vendor Homepages :...

0.5AI score
Exploits0
Total number of security vulnerabilities5000