Lucene search
K
PacketstormMost viewed

50748 matches found

Packet Storm
Packet Storm
•added 2022/01/21 12:0 a.m.•373 views

Banco Guayaquil 8.0.0 Cross Site Scripting

Document Title: =============== Banco Guayaquil Versión 8.0.0 IOS - Cross Site Scripting Stored Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.com Vendor Homepage: https://apps.apple.com/ec/app/banco-guayaquil/id624963066 =============== Release...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/12/23 12:0 a.m.•373 views

Accu-Time Systems MAXIMUS 1.0 Buffer Overflow / Denial Of Service

Exploit Title: Accu-Time Systems MAXIMUS 1.0 Telnet Remote Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2021-12-22 Vendor Homepage: https://www.accu-time.com/ Software Link : https://www.accu-time.com/maximus-employee-time-clock-3/ Tested Version: 1.0 Vulnerability Type: Buffer...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/11/20 12:0 a.m.•373 views

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. The proId parameter on the /action.php page does not sanitize the user input, an attacker can extract...

5CVSS7.5AI score0.10013EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/11/01 12:0 a.m.•373 views

Backdoor.Win32.Agent.sah Heap Corruption

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3ee7a90b5fc3f2b7ba68911e8220df17.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.sah Vulnerability: Heap Corruption Description: The malware listens on TCP port...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/10/17 12:0 a.m.•373 views

Worm.Win32.Fasong.c Unquoted Service Path

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bc6f4a283b6b8308c60bb70cc81edfd8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Worm.Win32.Fasong.c Vulnerability: Insecure Service Path Description: The malware creates a service...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/07/21 12:0 a.m.•373 views

CSZ CMS 1.2.9 Arbitrary File Deletion

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/06/01 12:0 a.m.•373 views

LogonTracer 1.2.0 Remote Code Execution

Exploit Title: LogonTracer 1.2.0 - Remote Code Execution Unauthenticated Date: 29/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.jpcert.or.jp/ Software Link: https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.0 Version: 1.2.0 and earlier Tested on: Version 1.2.0 on Debian...

10CVSS0.1AI score0.74745EPSS
Exploits3
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•373 views

WordPress Stop Spammers 2021.8 Cross Site Scripting

Exploit Title: WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting XSS Date: 04/08/2021 Exploit Author: Hosein Vita Vendor Homepage: https://wordpress.org/plugins/stop-spammer-registrations-plugin/ Software Link:...

4.3CVSS6.3AI score0.05721EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/03/22 12:0 a.m.•373 views

Trojan-Dropper.Win32.Delf.da Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2f1adfd7a35fd0e0207a24be169b4c1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.da Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description:...

1.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/02/19 12:0 a.m.•373 views

Backdoor.Win32.DarkKomet.apcc Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.apcc Vulnerability: Insecure Permissions Description: DarkKomet.apcc create...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/01/15 12:0 a.m.•373 views

PHP-Fusion 9.03.90 Cross Site Request Forgery

Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery Delete admin shoutbox message Date: 2020-12-21 Exploit Author: Mohamed Oosman B S Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.90 and below Tested...

0.5AI score0.01365EPSS
Exploits3
Packet Storm
Packet Storm
•added 2020/08/28 12:0 a.m.•373 views

TP-Link WDR4300 Remote Code Execution

!/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using CVE-2017-13772. Tested on Firmware versions 3.13.33, Build 130618 and 3.14.3 Build 150518, hardware WDR4300 v1 Usage: 1...

9CVSS8.8AI score0.52559EPSS
Exploits8
Packet Storm
Packet Storm
•added 2020/03/15 12:0 a.m.•373 views

Microsoft Windows SMB 3.1.1 Remote Code Execution

Exploit Title: Windows SMBv3 Client/Server Remote Code Execution Vulnerability - remote Author: nu11secur1ty Date: 2020-03-14 Vendor: https://smb.wsu.edu/ Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-0796 CVE: CVE-2020-0796 + Credits: Ventsislav Varbanovs...

7.5CVSS9.2AI score0.9981EPSS
Exploits125
Packet Storm
Packet Storm
•added 2020/03/02 12:0 a.m.•373 views

Netis WF2419 2.2.36123 Remote Code Execution

Exploit Title: Netis WF2419 2.2.36123 - Remote Code Execution Exploit Author: Elias Issa Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/75 Date: 2020-02-11 Version: WF2419 V2.2.36123 = V2.2.36123 Tested on: NETIS WF2419...

8.5CVSS0.1AI score0.27962EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/10/30 12:0 a.m.•372 views

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/20 12:0 a.m.•372 views

Event Registration and Attendance System 1.0 Code Injection

============================================================================================================================================= | Title : Event Registration and Attendance System 1.0 wysiwyg code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / brows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/07/22 12:0 a.m.•372 views

Ghostscript Command Execution / Format String

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ghostscript Command Execution via Format String', 'Description' = %q This module exploits a format string vulnerability in Ghostscript versions...

6.3CVSS7.4AI score0.27992EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/07/17 12:0 a.m.•372 views

Bonjour Service 3,0,0,10 Unquoted Service Path

Exploit Title: Bonjour Service - 'mDNSResponder.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2024-15-07 Vendor Homepage: https://developer.apple.com/bonjour/ Tested Version: 3,0,0,10 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Home Step to discove...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/04/15 12:0 a.m.•372 views

Jenkins 2.441 Local File Inclusion

Exploit Title: Jenkins 2.441 - Local File Inclusion Date: 14/04/2024 Exploit Author: Matisse Beckandt Backendt Vendor Homepage: https://www.jenkins.io/ Software Link: https://github.com/jenkinsci/jenkins/archive/refs/tags/jenkins-2.441.zip Version: 2.441 Tested on: Debian 12 Bookworm CVE:...

9.8CVSS7.4AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
•added 2024/01/16 12:0 a.m.•372 views

LightFTP 1.1 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: LightFTP 1.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 15 january 2024 Vendor Homepage: N/A Notification vendor: No reported Tested Version: LightFTP 1.1 Tested on: Window XP Professional - Service Pack 2 and 3 - English...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/15 12:0 a.m.•372 views

Taokeyun SQL Injection

!/bin/bash Variables url="http://example.com/path/to/taokeyun/application/index/controller/m/Drs.php" cid="1' UNION SELECT 1,2,3,4,5,6,7,8,9,email FROM users-- -" Construct the request request="POST $url HTTP/1.1\r\n" request+="Content-Type: application/x-www-form-urlencoded\r\n"...

9.8CVSS7.4AI score0.00792EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•372 views

PHPJabbers Time Slots Booking Calendar 4.0 HTML Injection

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - HTML Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on:...

7.4AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/05/19 12:0 a.m.•372 views

CiviCRM 5.59.alpha1 Cross Site Scripting

Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Date: 2023-02-02 Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Deskt...

7.1AI score0.02537EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/05/15 12:0 a.m.•372 views

FLEX Denial Of Service

Exploit Title: FLEX 1080 1085 Web 1.6.0 - Denial of Service Date: 2023-05-06 Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android CVE ID: CVE-2022-2591 !/usr/bin/env python3 import request...

7.5CVSS7.1AI score0.0667EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/03/23 12:0 a.m.•372 views

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS

Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected Versions: = 3.3.9 CVE ID: CVE-2023-0968 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Marco Wotschka Fully Patched Version: 3.3.9.1 Description:...

6.1CVSS6.7AI score0.0126EPSS
Exploits5
Packet Storm
Packet Storm
•added 2022/09/20 12:0 a.m.•372 views

ProcessMaker Privilege Escalation

Exploit Title: ProcessMaker - User Profile Privilege Escalation Description: ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. Date: 20220822 Exploit Author: Sornram...

0.8AI score0.01664EPSS
Exploits4
Packet Storm
Packet Storm
•added 2022/08/10 12:0 a.m.•372 views

Zimbra zmslapd Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra zmslapd arbitrary module load', 'Description' = %q This module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo...

0.7AI score0.01683EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/04/01 12:0 a.m.•372 views

Trojan-Downloader.Win32.Delf.ur Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5b63a6e730f094d182c9030e3a57bcb8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Delf.ur Vulnerability: Insecure Permissions Description: Win32.Delf.ur creat...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/01/05 12:0 a.m.•372 views

Responsive ELearning System 1.0 SQL Injection

Exploit Title: Responsive E-Learning System 1.0 – 'id' Sql Injection Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/11/04 12:0 a.m.•372 views

PDW File Browser 1.3 Shell Upload

Exploit Title: PDW File Browser 1.3 - Remote Code Execution Date: 24-10-2020 Exploit Author: David Bimmel Researchers: David Bimmel, Joost Vondeling, Ramòn Janssen Vendor Homepage: n/a Software Link: https://github.com/GuidoNeele/PDW-File-Browser Version: … ? Once you have uploaded your webshell...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2016/06/09 12:0 a.m.•372 views

IPFire Bash Environment Variable Injection (Shellshock)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire Bash Environment Variable Injection Shellshock', 'Description' = %q IPFire, a free linux based open source firewall...

10CVSS0.9AI score0.99999EPSS
Exploits131
Packet Storm
Packet Storm
•added 2025/08/07 12:0 a.m.•371 views

📄 Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution

This Metasploit module exploits the authentication bypass vulnerabilities CVE-2025-49706 and CVE-2025-53771, and an unsafe deserialization vulnerability CVE-2025-49704, to achieve unauthenticated RCE against a vulnerable Microsoft SharePoint Server. The vulnerability CVE-2025-53770 was disclosed ...

9.8CVSS7.8AI score0.99982EPSS
Exploits41
Packet Storm
Packet Storm
•added 2025/02/05 12:0 a.m.•371 views

PHPJabbers Cinema Booking System 2.0 Cross Site Scripting

PHPJabbers Cinema Booking System version 2.0 suffers from both reflective and persistent cross site scripting vulnerabilities. CVE-2024-57428 A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg,...

6.8AI score0.0073EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/09/01 12:0 a.m.•371 views

Apache Reverse Proxy Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Reverse Proxy Bypass Vulnerability Scanner', 'Description' = %q Scan for poorly configured reverse proxy servers. By default, this module...

5CVSS7.3AI score0.90734EPSS
Exploits12
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•371 views

VMware vCenter Server vmdir Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from the...

9.8CVSS9.6AI score0.90384EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•371 views

LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'rex/zip' class MetasploitModule 'LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator', 'Description' = 'Generates a Maliciou...

7.5CVSS6.9AI score0.78683EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•371 views

Ruby On Rails Devise Authentication Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/element' class MetasploitModule 'Ruby on Rails Devise Authentication Password Reset', 'Description' = %q The Devise authentication gem for Ruby on Rails i...

6.8CVSS7AI score0.14126EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/04/29 12:0 a.m.•371 views

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 17.1.11.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-04-27 Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor : https://www.eset.com Version : 17.1.11.0 Tested on OS: Microsoft Windo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/02/21 12:0 a.m.•371 views

ITFlow Cross Site Request Forgery

CVE: CVE-2024-25344 CWE: CWE-352 Vendor: ITFlow.org Affected product: ITFlow - Before commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 Discoverer: stehled, WP-Pomoc.cz Attack-Type: Remote AV: Admin user has to open a page, provided by an attacker, which will then perform malicious request changing...

7.4AI score0.00741EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/02/02 12:0 a.m.•371 views

Juniper SRX Firewall / EX Switch Remote Code Execution

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

9.8CVSS7.4AI score0.93546EPSS
Exploits25
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•371 views

PHPJabbers Event Booking Calendar 4.0 CSV Injection

Exploit Title: PHPJabbers Event Booking Calendar v4.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Version: v4.0 Tested on:...

7.4AI score0.0037EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/06/01 12:0 a.m.•371 views

Online Security Guards Hiring System 1.0 Cross Site Scripting

Exploit Title: Online Security Guards Hiring System 1.0 – REFLECTED XSS Google Dork : NA Date: 23-01-2023 Exploit Author : AFFAN AHMED Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/projects/Online-Security-Guard-Hiring-SystemPHP.zip Version: 1.0 Tested on: Windows ...

6.1CVSS7.1AI score0.06169EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/06/01 12:0 a.m.•371 views

Menorah Restaurant 1.0.0 Insecure Settings

==================================================================================================================================== | Title : Menorah Restaurant - Restaurant Food Ordering System Reinstall script Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/04/18 12:0 a.m.•371 views

SecurePoint UTM 12.x Memory Leak

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable CWE-457 Date found: 2023-01-05 Date published: 2023-04-12 CVSSv3 Scor...

6.6AI score0.04074EPSS
Exploits4
Packet Storm
Packet Storm
•added 2022/10/27 12:0 a.m.•371 views

Vagrant Synced Folder Vagrantfile Breakout

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vagrant Synced Folder Vagrantfile Breakout', 'Description' = %q This module exploits a default Vagrant synced folder shared folder to append a Ru...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/08/15 12:0 a.m.•371 views

Gigaland NFT Marketplace 1.9 Shell Upload / Key Disclosure

Exploit Title: Gigaland NFT marketplace Shell upload and ETH private key leak Google Dork: N/A Date: 14/8/2022 Exploit Author: Sohel Yousef https://www.linkedin.com/in/sohel-yousef-50a905189/ Software Link: https://gigaland.io/ Version: 1.9 Category: webapps 1. Sell Upload after connectiong your...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/08/08 12:0 a.m.•371 views

ManageEngine ADAudit Plus Path Traversal / XML Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus CVE-2022-28219', 'Description' = %q This module exploits CVE-2022-28219, which is a pair of vulnerabilities in...

9.8CVSS0.2AI score0.97011EPSS
Exploits6
Packet Storm
Packet Storm
•added 2022/08/01 12:0 a.m.•371 views

NanoCMS 0.4 Remote Code Execution

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

Exploits0
Packet Storm
Packet Storm
•added 2022/07/13 12:0 a.m.•371 views

Sourcegraph gitserver sshCommand Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sourcegraph gitserver sshCommand RCE', 'Description' = %q A vulnerability exists within Sourcegraph's gitserver component that allows a remote...

8.8CVSS0.3AI score0.7431EPSS
Exploits8
Packet Storm
Packet Storm
•added 2022/01/05 12:0 a.m.•371 views

RiteCMS 3.1.0 Shell Upload / Remote Code Execution

Exploit Title: RiteCMS 3.1.0 - Remote Code Execution RCE Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

0.1AI score
Exploits0
Total number of security vulnerabilities5000