Lucene search
K
PacketstormMost viewed

50786 matches found

Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.380 views

Microsoft OneNote 2305 Build 16.0.16501.20074 Spoofing

Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Vulnerability Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...

6.5CVSS7.1AI score0.01649EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/24 12:0 a.m.380 views

PaperCut NG/MG 22.0.4 Remote Code Execution

Exploit Title: PaperCut NG/MG 22.0.4 - Remote Code Execution RCE Date: 13 May 2023 Exploit Author: Mohin Paramasivam Shad0wQu35t and MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests import argparse Grouppayload =...

9.8CVSS7.1AI score0.99999EPSS
Exploits24
Packet Storm
Packet Storm
added 2023/05/04 12:0 a.m.380 views

Shannon Baseband fmtp SDP Attribute Memory Corruption

Shannon Baseband: Memory corruption when processing fmtp SDP attribute There is a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffe...

9.8CVSS6.9AI score0.0347EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.380 views

Apache Tomcat 10.1 Denial Of Service

Exploit Title: Apache Tomcat 10.1 - Denial Of Service Google Dork: N/A Date: 13/07/2022 Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE :...

7.5CVSS7.7AI score0.73139EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/10/31 12:0 a.m.380 views

Train Scheduler App 1.0 Insecure Direct Object Reference

Exploit Title: Train Scheduler App v1.0 - Insecure Direct Object Reference IDOR to "delete user id " Exploit Author: Rohit Sharma Vendor Name: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/15720/train-scheduler-app-using-php-oop-and-mysql-database-free-download.html Software Link:...

7.7AI score0.01134EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.380 views

Backdoor.Win32.BluanWeb Remote Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/30903ccbc6747c0da5a2775884b78def.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BluanWeb Vulnerability: Unauthenticated Remote Code Execution Description: The malwar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.380 views

pfSense 2.5.2 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense Diag Routes Web Shell Upload', 'Description' = %q This module exploits an arbitrary file creation vulnerability in the pfSense HTTP...

8.8AI score0.87113EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/12/01 12:0 a.m.380 views

Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting

Exploit Title: Online Enrollment Management System in PHP and PayPal 1.0 - 'UNAME' Stored Cross-Site Scripting Date: 2021-08-31 Exploit Author: Tushar Jadhav Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

5.4CVSS0.2AI score0.01635EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/11/22 12:0 a.m.380 views

Backdoor.Win32.BlueAdept.02.a Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/694d21679cc212c59515584d1b65dc84.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BlueAdept.02.a Vulnerability: Remote Buffer Overflow Description: The malware listens...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.380 views

Trojan.Win32.SkynetRef.x Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/339ec4617eababfd46006f2219e68cb8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SkynetRef.x Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.380 views

Build Smart ERP 21.0817 SQL Injection

Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Date: 24/10/2021 Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/09 12:0 a.m.380 views

Church Management System 1.0 Shell Upload / SQL Injection

Exploit Title: Church Management System 1.0 - SQL Injection Authentication Bypass + Arbitrary File Upload + RCE Date: 05-07-2021 Exploit Author: Eleonora Guardini eleguardini93 at gmail dot com or eleonora.guardini at dedagroup dot com Vendor Homepage: https://www.sourcecodester.com Software Link...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/01 12:0 a.m.380 views

Trojan-Spy.Win32.Stealer.osh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d58b1c2f540268bd9dd920455568d45f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Stealer.osh Vulnerability: Insecure Permissions Description: The malware creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/14 12:0 a.m.380 views

MiniWeb HTTP Server 0.8.19 Buffer Overflow

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/21 12:0 a.m.380 views

Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover

!/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ develop advertising platform for out of home media in that ti...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/03 12:0 a.m.380 views

FileThingie 2.5.7 Remote Shell Upload

Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Discovery Date: 2019-09-03 Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS: CentOS 7 CVE: N/A Intro: Easy arbitrary file...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.379 views

WyreStorm Apollo VX20 Credential Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

7.4AI score0.50622EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/16 12:0 a.m.379 views

MailCarrier 2.51 Denial Of Service

!/usr/bin/perl use IO::Socket::INET Exploit Title: MailCarrier 2.51 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 16 january 2024 Tested Version: MailCarrier 2.51 Tested on: Window XP Professional - Service Pack 2 and 3 - English Vulnerability Type: Denial of Service DoS ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/15 12:0 a.m.379 views

RaspAP 2.8.7 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RaspAP Unauthenticated Command Injection', 'Description' = %q RaspAP is feature-rich wireless router software that just works on many popular...

9.8CVSS7.1AI score0.98725EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/03/15 12:0 a.m.379 views

Fortinet FortiNAC keyUpload.jsp Arbitrary File Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiNAC keyUpload.jsp arbitrary file write', 'Description' = %q This module uploads a payload to the /tmp directory in addition to a cr...

9.8CVSS0.5AI score0.99815EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/04/08 12:0 a.m.379 views

School Club Application System 1.0 Local File Inclusion

Title: School Club Application System 1.0 LFI To RCE Author: Hejap Zairy Date: 08.04.2022 Vendor: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scas0.zip Referenc...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/03 12:0 a.m.379 views

Backdoor.Win32.WinShell.50 Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0faecbdfccf3144d487971ed47f3665c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.50 Vulnerability: Weak Hardcoded Password Description: The malware listens o...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.379 views

OpenClinic GA 5.194.18 Privilege Escalation

Exploit Title: OpenClinic GA 5.194.18 - Local Privilege Escalation Date: 2021-07-24 Author: Alessandro Salzano Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Homepage: https://sourceforge.net/projects/open-clinic/ Software Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/07 12:0 a.m.379 views

Online Covid Vaccination Scheduler System 1.0 SQL Injection

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection Date: 2021-07-07 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/30 12:0 a.m.379 views

OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting

Product: OX App Suite / OX Guard Vendor: OX Software GmbH Affected product: OX App Suite Internal reference: OXUIB-481 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.4 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendo...

0.0157EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.379 views

Advantech iView Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Advantech iView Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated configuration change combined...

7.5CVSS1.1AI score0.36845EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/02/11 12:0 a.m.379 views

Backdoor.Win32.BackAttack.18 Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c806d23f4343ab40cf897e9c38b5c1c3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BackAttack.18 Vulnerability: Multiple Vulnerabilities Description: BackAttack.18 v1.8...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/29 12:0 a.m.379 views

GFI Kerio Control 9.3.0 Cross Site Scripting

/ - DOM based XSS in Kerio Control Firewalls v9.3.0 - CVE-2019-16414 - Finder: Michael Eissele - Description: character encoding i.e. quote, \x22 allows to bypass input filter, opening up for DOM based XSS. - PoC Link to include exploit:...

0.1AI score0.01566EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.378 views

Korenix JetPort 5601 1.2 Path Traversal

St. Pölten UAS 20241118-1 ------------------------------------------------------------------------------- title| Path Traversal product| Korenix JetPort 5601 vulnerable version| 1.2 fixed version| - CVE number| CVE-2024-11303 impact| High homepage| https://www.korenix.com/ found| 2024-05-24 by| P...

8.7CVSS7.1AI score0.0181EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.378 views

DiCal-RED 4009 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Risk Level: Medium Solution...

5.4CVSS7.1AI score0.00337EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.378 views

Gambio Online Webshop 4.9.2.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gambio onli...

9.8CVSS9.7AI score0.47829EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.378 views

Cacti pollers.php SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti RCE via SQLi in pollers.php', 'Description' = %q This exploit module leverages a SQLi CVE-2023-49085 and a LFI CVE-2023-49084 vulnerability...

8.8CVSS7.4AI score0.84628EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.378 views

fastCMS Blogging 3.1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/31 12:0 a.m.378 views

Control Web Panel Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'CWP login.php Unauthenticated RCE', 'Description' = %q Control Web Panel versions 'Spencer McIntyre', metasploit module...

9.8CVSS0.6AI score0.99995EPSS
Exploits12
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.378 views

Canteen Management 1.0-2022 Cross Site Scripting

Title: Canteen-Management-1.0-2022 suffers from XSS-Reflected Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

Exploits0
Packet Storm
Packet Storm
added 2022/08/05 12:0 a.m.378 views

WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery

Description: Cross-Site Request Forgery to Settings/Options Update Affected Plugin: Ecwid Ecommerce Shopping Cart Plugin Slug: ecwid-shopping-cart Affected Versions: = 6.10.23 CVE ID: CVE-2022-2432 CVSS Score: 8.8 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Researcher/s: Marco...

5.2AI score0.00482EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/01/17 12:0 a.m.379 views

SB Admin Cross Site Request Forgery / SQL Injection

$$$$$$$\ $$ $$\ $$ | $$ |$$\ $$\ $$\ $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$ |$$ | $$ | $$ |$$ $$\ $$ $$\ $$ | $$ / $$ | $$ | $$ |$$ | $$ | $$$$$$$$ |$$ / $$ | $$ | $$ | $$ |$$ | $$ | $$ |$$ | $$ | $$$$$$$$$ |$$ | $$ |$$\$$$$$$$\ $$$$$$$\ | \/ | ||| | Offensive Security Community Ecuador...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/20 12:0 a.m.378 views

Apache MyFaces 2.x Cross Site Request Forgery

Ceritude Securiy Advisory - CSA-2021-001 PRODUCT : Apache MyFaces VENDOR : The Apache Software Foundation SEVERITY : High AFFECTED VERSION : =2.2.13, =2.3.7, =2.3-next-M4, =2.1 branches IDENTIFIERS : CVE-2021-26296 PATCH VERSION : 2.2.14, 2.3.8, 2.3-next-M5, 3.0.0 FOUND BY : Wolfgang Ettlinger,...

0.7AI score0.03026EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/21 12:0 a.m.378 views

Stratodesk NoTouch Center Privilege Escalation

Stratodesk NoTouch Center Virtual Appliance is a portal for managing NoTouch clients. It appears that Stratodesk has a partnership with ViewSonic and produced these appliances to support some of their hardware devices as well. - https://www.stratodesk.com/products/notouch-desktop/virtual-applianc...

0.5AI score0.01241EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/09 12:0 a.m.378 views

Dup Scout Enterprise 10.0.18 Buffer Overflow

Exploit Title: Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow SEH Date: 2020-12-08 Exploit Author: Andrés Roldán Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/downloads.html Version: 10.0.18 Tested on: Windows 10 Pro x64 !/usr/bin/env python3 import...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/11 12:0 a.m.377 views

Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read

Exploit Title: File Read Arbitrary Exploit for CVE-2023-26360 Google Dork: not Date: 12/28/2023 Exploit Author: Youssef Muhammad Vendor Homepage: https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html Software Link: https://drive.google.com/drive/folders/17ryBnFhswxiE1sHrNByxMVPKfUnwqmp0...

9.8CVSS7.4AI score0.97339EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.377 views

WyreStorm Apollo VX20 Account Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20ACCOUNTENUMERATIONCVE-2024-25734.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability Type...

7.4AI score0.04051EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.377 views

PHPJabbers Restaurant Booking System 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Restaurant Booking System v3.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/restaurant-booking-system/sectionDemo Version: v3.0 Tested o...

7.4AI score0.00679EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/11/25 12:0 a.m.377 views

CSZ CMS 1.3.0 Shell Upload

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 23/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.377 views

GLPI 10.0.2 SQL Injection / Remote Code Execution

ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Date of found: 11 Jun 2022 Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

9.8CVSS9.4AI score0.0858EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/02/22 12:0 a.m.377 views

pyLoad js2py Python Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'pyLoad js2py Python Execution', 'Description' = %q pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code...

9.8CVSS9.6AI score0.95845EPSS
Exploits13
Packet Storm
Packet Storm
added 2023/02/08 12:0 a.m.377 views

ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADSelfService Plus Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerabilit...

9.8CVSS0.7AI score0.99753EPSS
Exploits15
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.377 views

TP-Link AX50 Remote Code Execution

Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Date: 2022-06-08 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability...

8.8CVSS8.8AI score0.32355EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/12/21 12:0 a.m.377 views

WBCE CMS 1.5.1 Admin Password Reset

Exploit Title: WBCE CMS 1.5.1 - Admin Password Reset Google Dork: intext: "Way Better Content Editing" Date: 20/12/2021 Exploit Author: citril or https://github.com/maxway2021 Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: = 1.5.1 Tested on: Linux CVE :...

9.8CVSS0.2AI score0.37824EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/12/14 12:0 a.m.377 views

AbanteCart Arbitrary File Upload / Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: AbanteCart e-commerce platform vulnerable version: 1.3.2 fixed version: 1.3.2 CVE number: CVE-2021-42050, CVE-2021-42051 impact: Medium...

0.3AI score0.00924EPSS
Exploits3
Total number of security vulnerabilities5000