Lucene search
K
PacketstormMost viewed

50784 matches found

Packet Storm
Packet Storm
added 2022/08/15 12:0 a.m.371 views

Gigaland NFT Marketplace 1.9 Shell Upload / Key Disclosure

Exploit Title: Gigaland NFT marketplace Shell upload and ETH private key leak Google Dork: N/A Date: 14/8/2022 Exploit Author: Sohel Yousef https://www.linkedin.com/in/sohel-yousef-50a905189/ Software Link: https://gigaland.io/ Version: 1.9 Category: webapps 1. Sell Upload after connectiong your...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/08 12:0 a.m.371 views

ManageEngine ADAudit Plus Path Traversal / XML Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus CVE-2022-28219', 'Description' = %q This module exploits CVE-2022-28219, which is a pair of vulnerabilities in...

9.8CVSS0.2AI score0.97011EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.371 views

NanoCMS 0.4 Remote Code Execution

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

Exploits0
Packet Storm
Packet Storm
added 2022/07/13 12:0 a.m.371 views

Sourcegraph gitserver sshCommand Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sourcegraph gitserver sshCommand RCE', 'Description' = %q A vulnerability exists within Sourcegraph's gitserver component that allows a remote...

8.8CVSS0.3AI score0.7431EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/12/21 12:0 a.m.371 views

phpKF CMS 3.00 Beta y6 Remote Code Execution

Exploit Title: phpKF CMS 3.00 Beta y6 - Remote Code Execution RCE Unauthenticated Date: 18/12/2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.phpkf.com/ Software Link: https://www.phpkf.com/indirme.php Version: 3.00 Category: Webapps Tested on: Linux/Windows phpKF-CMS; It...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/22 12:0 a.m.371 views

OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure

Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev30, 7.10.4-rev2...

5.6AI score0.01444EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/11/02 12:0 a.m.371 views

Codiad 2.8.4 Shell Upload

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/07 12:0 a.m.371 views

Google SLO-Generator 2.0.0 Code Execution

Exploit Title: Google SLO-Generator 2.0.0 - Code Execution Date: 2021-09-28 Exploit Author: Kiran Ghimire Software Link: https://github.com/google/slo-generator/releases Version: = 2.0.0 Tested on: Linux CVE: CVE-2021-22557 Introduction: Is a tool to compute and export Service Level Objectives...

6.4AI score0.0158EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.371 views

Huawei DG8045 Authentication Bypass

Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/22 12:0 a.m.371 views

Backdoor.Win32.DarkKomet.artr Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d2ee6046fd47de321d1310dccacca92b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.artr Vulnerability: Insecure Permissions Description: The malware creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/22 12:0 a.m.371 views

HEUR.Trojan.Win32.Generic Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1a98a0a769e7351ba16e1b91e9f26692.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Permissions Description: The malware creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/19 12:0 a.m.371 views

Spiceworks 7.5 HTTP Header Injection

Exploit Title: Spiceworks 7.5 - HTTP Header Injection Google Dork: inurl:/prousers/login Discovered Date: 15/09/2020 Exploit Author: Ramikan Vendor Homepage: https://www.spiceworks.com Affected Version: 7.5.7.0 may be others. Tested On Version: 7.5.7.0 CVE : CVE-2020-25901 Vulnerability: Host...

0.1AI score0.0508EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/18 12:0 a.m.371 views

WordPress Yet Another Stars Rating PHP Object Injection

class MetasploitModule 'WordPress PHP Object Injection in Yet Another Stars Rating plugin %q This module exploits Wordpress PHP Object Injection in Yet Another Stars Rating plugin = 5.5.2, so the exploit only works for Wordpress versions 'Paul Dannewitz', Vulnerability Discovery 'gx1 ', Exploit...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/15 12:0 a.m.371 views

Microsoft Windows DrawIconEx Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/exploit/exe' require 'msf/core/post/windows/priv' class MetasploitModule 'Microsoft Windows DrawIconEx OOB Write Local...

7.2CVSS0.5AI score0.52778EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/12/15 12:0 a.m.371 views

Solaris SunSSH 11.0 x86 libpam Remote Root

Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root Exploit Author: Hacker Fantastic Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris11-overview.html Version: 11 Tested on: SunOS solaris 5.11 11.0 / SunSSH Solaris 10-11.0 x86 libpam remote root exploit CVE-2020-14871...

10CVSS0.5AI score0.80291EPSS
Exploits13
Packet Storm
Packet Storm
added 2020/12/08 12:0 a.m.372 views

Employee Performance Evaluation System 1.0 Cross Site Scripting

Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/07/15 12:0 a.m.371 views

Zyxel Armor X1 WAP6806 Directory Traversal

Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal Date: 2020-06-19 Exploit Author: Rajivarnan R Vendor Homepage: https://www.zyxel.com/ Software http://www.zyxelguard.com/WAP6806.asp Version: V1.00ABAL.6C0 CVE: 2020-14461 Tested on: Linux Mint / Windows 10 Vulnerabilities Discovered Dat...

5CVSS0.3AI score0.09537EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/06/02 12:0 a.m.371 views

vBulletin 5.6.1 SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin /ajax/api/contentinfraction/getIndexableContent nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injectio...

7.5CVSS0.2AI score0.88948EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.370 views

Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Panel Amadey.d.c Vulnerability: Cross Site Scripting XSS Family: Amadey Type: Web Panel MD...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.371 views

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...

10CVSS9.8AI score0.99999EPSS
Exploits43
Packet Storm
Packet Storm
added 2024/03/26 12:0 a.m.370 views

Bludit 3.13.0 Cross Site Scripting

Exploit Title: Bludit 3.13.0 - Cross Site Scripting XSS Exploit Author: Gökhan ŞENŞÜKÜR Date: 29/02/2024 Vendor Homepage: https://www.bludit.com Software Link: https://www.bludit.com/releases/bludit-3-13-0.zip Version: bludit-3-13-0 Tested on: Windows TECHNICAL DETAILS & POC...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/01/26 12:0 a.m.370 views

Vinchin Backup And Recovery 7.2 Default Root Credentials

CVE ID: CVE-2024-22902 Title: Default Root Credentials Vulnerability in Vinchin Backup & Recovery v7.2 Suggested Description: Vinchin Backup & Recovery version 7.2 has been identified as being configured with default root credentials, posing a significant security vulnerability. Additional...

7.4AI score0.01147EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.370 views

PHPJabbers Cinema Booking System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Cinema Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cinema-booking-system/sectionDemo Version: v1.0 Tested on: Windo...

7.4AI score0.00538EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.370 views

PHPJabbers Event Ticketing System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Event Ticketing System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Tested on...

7.4AI score0.00614EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/05/11 12:0 a.m.371 views

Textpattern 4.8.8 Session Token Disclosure

Title: textpattern-4.8.8 Session token in URL Vulnerability Author: nu11secur1ty Date: 05.10.2023 Vendor: https://textpattern.com/ Software: https://github.com/textpattern/textpattern/releases/tag/4.8.8 Reference: https://portswigger.net/kb/issues/00500700session-token-in-url,...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/21 12:0 a.m.370 views

Nokia OneNDS 20.9 Insecure Permissions / Privilege Escalation

=============================================================================== title: Incorrect Permission Assignment product: Nokia OneNDS 20.9 vulnerability type: Security Misconfiguration severity: High CVSS Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H found on:...

6.4AI score0.01137EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/02/27 12:0 a.m.370 views

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM...

0.17399EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/09/28 12:0 a.m.370 views

Netfilter nft_set_elem_init Heap Overflow Privilege Escalation

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netfilter nftseteleminit Heap Overflow Privilege Escalation', 'Description' = %q An issue was discovered in the Linux...

7.8CVSS1.2AI score0.05451EPSS
Exploits10
Packet Storm
Packet Storm
added 2022/09/20 12:0 a.m.370 views

Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Ransom.Ryuk.A Vulnerability: Arbitrary Code Execution Description: The ransomware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/11 12:0 a.m.370 views

WordPress LayerSlider Cross Site Scripting

Tittle: WordPress Plugin LayerSlider 5. Exit 6. Save Project 7. XSS will trigger when accessing the project again for example there seem to be other place when its triggered as well, like in the Project's settings POC2 via file,json 1. Add new post & Create Blank Project 2. Import Projects 3. Loa...

5.2AI score0.02691EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/04/07 12:0 a.m.370 views

WordPress Loco Translate Cross Site Scripting

Tittle: WordPress Plugin Loco Translate ' 7. Save 8. Replicated POC2 via example.po 1. Got to Plugin Loco Translate 2. Enter Plugins Options Any Plugin 3. Upload PO options 3. Load example.po Example.po msgid "" msgstr "" "Project-Id-Version: xss-tester\n" "Report-Msgid-Bugs-To: \n"...

5.5AI score0.03932EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/10/25 12:0 a.m.370 views

Netgear Genie 2.4.64 Unquoted Service Path

Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Date: 23.10.2021 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/18 12:0 a.m.370 views

Engineers Online Portal 1.0 SQL Injection

Exploit Title: Engineers Online Portal 1.0 is vulnerable to three types of SQL injection attacks. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 10.13.2021 Vendor: https://www.sourcecodester.com/users/janobe Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/05 12:0 a.m.370 views

HEUR.Trojan.Win32.Generic Unquoted Service Path

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2e4b6c5bd907995f6fd40c5eeab5c6e9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Service Path Description: The malware creates a...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.370 views

Monitoring System (Dashboard) 1.0 Shell Upload

Exploit Title: Monitoring System Dashboard | Authenticated Arbitrary File Upload to Remote Code Execution Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/01/14 12:0 a.m.370 views

Backdoor.Win32.Ketch.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/1149c42fd8cf3ca7d00ef55a6337befe.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.a Vulnerability: Remote SEH Stack Buffer Overflow Description: Ketch makes HTTP...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.370 views

Ksix Zigbee Devices Playback Protection Bypass

Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Date: 2020-11-15 Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor -...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/26 12:0 a.m.370 views

libupnp 1.6.18 Denial Of Service

Exploit Title: libupnp 1.6.18 - Stack-based buffer overflow DoS Date: 2020-08-20 Exploit Author: Patrik Lantz Vendor Homepage: https://pupnp.sourceforge.io/ Software Link: https://sourceforge.net/projects/pupnp/files/pupnp/libUPnP%201.6.6/libupnp-1.6.6.tar.bz2/download Version: = 1.6.6 Tested on:...

10CVSS6.9AI score0.82807EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.370 views

PackageKit File Existence Disclosure

Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedeskt...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/31 12:0 a.m.370 views

CMS Made Simple 2.2.14 Shell Upload

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2025/04/16 12:0 a.m.369 views

📄 phpMyFAQ 3.1.7 Cross Site Scripting

phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Versio...

9.8CVSS7.5AI score0.04381EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.369 views

Joomla com_contenthistory Error-Based SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla comcontenthistory Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla versions 3.2...

7.5CVSS7AI score0.99967EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.369 views

MISP 2.4.171 Cross Site Scripting

Exploit Title: MISP 2.4.171 Stored XSS CVE-2023-37307 Authenticated Date: 8th October 2023 Exploit Author: Mücahit Çeri Vendor Homepage: https://www.circl.lu/ Software Link: https://github.com/MISP/MISP Version: 2.4.171 Tested on: Ubuntu 20.04 CVE : CVE-2023-37307 Exploit: Logged in as low...

5.4CVSS7.4AI score0.00502EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.369 views

PHPJabbers Event Ticketing System 1.0 Cross Site Scripting / HTML Injection

Exploit Title: PHPJabbers Event Ticketing System v1.0 - Multiple HTML Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/event-ticketing-system/sectionDemo Version: v1.0 Test...

7.4AI score0.00425EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/10/26 12:0 a.m.369 views

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/14 12:0 a.m.369 views

Night Club Booking Software 1.0 Cross Site Scripting

Title: Night Club Booking Software-1.0 XSS-Reflected Author: nu11secur1ty Date: 09/09/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/night-club-booking-software/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: T...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/27 12:0 a.m.369 views

Microsoft Windows 11 22h2 Kernel Privilege Escalation

// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...

7.8CVSS7.1AI score0.02866EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/05/26 12:0 a.m.369 views

Seagate Central Storage 2015.0916 User Creation / Command Execution

Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Metasploit Date: Dec 9 2019 Exploit Author: Ege Balci Vendor Homepage: https://www.seagate.com/de/de/support/external-hard-drives/network-storage/seagate-central/ Version: 2015.0916 CVE : 2020-6627 This...

9.8CVSS7.1AI score0.12453EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/23 12:0 a.m.370 views

Monitorr 1.7.6m / 1.7.7d Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monitorr unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits an arbitrary file upload vulnerability and achieving...

9.8CVSS9.4AI score0.85785EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.369 views

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

9.1CVSS0.01959EPSS
Exploits2
Total number of security vulnerabilities5000