Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
added 2021/03/29 12:0 a.m.366 views

Concrete5 8.5.4 Cross Site Scripting

Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...

3.5CVSS0.03008EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/01/08 12:0 a.m.366 views

Cockpit CMS Remote Code Execution

Cockpit CMS 0.6.1 - Remote Code Execution Product: Cockpit CMS https://getcockpit.com Version: Cockpit CMS = 0.6.1...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.366 views

WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3 Total Cache File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability i...

5CVSS0.3AI score0.19396EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/06/23 12:0 a.m.366 views

GilaCMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting

===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timelin...

6.8CVSS0.3AI score0.01814EPSS
Exploits7
Packet Storm
Packet Storm
added 2020/05/22 12:0 a.m.366 views

Plesk / myLittleAdmin ViewState .NET Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...

7.5CVSS0.6AI score0.77635EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/08/31 12:0 a.m.366 views

Confluence Server Local File Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/uAsvOg . CVE ID: CVE-2019-3394. Product: Confluence Server. Affected Confluence Server product versions: 6.1.0 = 6.1.0 but less than 6.6.16 or who have downloaded and...

8.8AI score0.11406EPSS
Exploits1
Packet Storm
Packet Storm
added 2019/08/26 12:0 a.m.366 views

CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery

Cross-Site Request Forgery CSRF ==================================================================== Information ==================================================================== Product : CWP Control Web Panel version : 0.9.8.837 Fixed on : 0.9.8.851 Test on : CentOS 7.6.1810 Core Reference :...

0.3AI score0.00721EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/08/19 12:0 a.m.366 views

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/fortigate/fortios.html...

5CVSS10AI score0.99999EPSS
Exploits22
Packet Storm
Packet Storm
added 2015/03/01 12:0 a.m.366 views

Comsenz SupeSite CMS 7.0 Code Execution

Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Exploit Title: Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Product: SupeSite CMS Content Management System Vendor: Comsenz Vulnerable Versions: 6.0.1UC 7.0 Tested Version: 7.0 Advisory Publication: F...

Exploits0
Packet Storm
Packet Storm
added 2024/07/11 12:0 a.m.365 views

Atlassian Confluence Administrator Code Macro Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Administrator Code Macro Remote Code Execution', 'Description' = %q This module exploits an authenticated administrator-leve...

8.8CVSS7AI score0.88267EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/06/10 12:0 a.m.365 views

Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Kiuwan SAST on-premise KOP & cloud/SaaS Kiuwan Local Analyzer KLA vulnerable version: Kiuwan SAST 2.8.2402.3 Kiuwan Local...

7.4AI score0.0082EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.365 views

GetSimple CMS 3.3.2 Cross Site Scripting

==================================================================================================================================== | Title : GetSimple CMS v3.3.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vend...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/08 12:0 a.m.365 views

RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution

Qualys Security Advisory LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 ======================================================================== Contents ======================================================================== Summary CVE-2023-33865, a symlink...

9.8CVSS7.1AI score0.10789EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/04/26 12:0 a.m.365 views

Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path

Exploit Title: Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path Date: 2023/04/22 Exploit Author: msd0pe Vendor Homepage: https://www.arcsoft.com/ My Github: https://github.com/msd0pe-1 Arcsoft PhotoStudio: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto |...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/21 12:0 a.m.365 views

Nokia OneNDS 17 Insecure Permissions / Privilege Escalation

=============================================================================== title: Incorrect Permission Assignment product: Nokia OneNDS 17 vulnerability type: Security Misconfiguration severity: High CVSS Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H found on: 31/03/20...

6.3AI score0.00329EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/03/15 12:0 a.m.365 views

WordPress Profile Builder 3.9.0 Missing Authorization

Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given ‘userid’. During this process, capability checks are not properly implemented to ensure that the user executing the function is authorized to...

6.5CVSS0.4AI score0.00769EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/02/28 12:0 a.m.365 views

WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress WoodMart Theme deactivate; $this-notices-addsuccess 'Theme license is successfully deactivated.' ; return; if isset $POST'woodmart-purchase-code' &...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/09/20 12:0 a.m.365 views

Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Unauthorized Remote Command Execution Description...

Exploits0
Packet Storm
Packet Storm
added 2022/08/11 12:0 a.m.365 views

Fiberhome AN5506-02-B Cross Site Scripting

Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS Date: 10/08/2022 Exploit Author: Leonardo Goncalves Version: Firmware RP2521 1 Log in the equipment via your web browser 2 Go to Network authsettings 3 In the "sncfgloid" inject the payload "alert" 4 Click Save 5 Exploit!...

Exploits0
Packet Storm
Packet Storm
added 2022/06/21 12:0 a.m.365 views

SAP FRUN Simple Diagnostics Agent 1.0 Missing Authentication

Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Because the Simple Diagnostic Agent SDA handles several important configuration and critical credential information, a successful attack could lead to the control o...

7.8CVSS0.7AI score0.00508EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.365 views

PKP Open Journals System 3.3 Cross Site Scripting

Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...

6.1CVSS6.3AI score0.0608EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/04/15 12:0 a.m.365 views

Backdoor.Win32.Psychward.03.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d069738f18957117367b8a79195a6a96.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/01/13 12:0 a.m.365 views

RLM 14.2 Cross Site Scripting

Product: RLM 14.2 Vendor: Reprise Software CVE ID: CVE-2021-45422 Vulnerability Title: Reflected Cross-Site Scripting Severity: Medium Authors: Giulia Melotti Garibaldi Date: 2022-01-11 Introduction: An issue was discovered in Reprise License Manager 14.2, Reprise License Manager 14.2 is affected...

6.4AI score0.03313EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.365 views

Microsoft Internet Explorer Active-X Control Security Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Internet Explorer MSIE...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/08 12:0 a.m.366 views

Simple Client Management System 1.0 Cross Site Scripting

Exploit Title: Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.365 views

Adobe ColdFusion 8 Remote Command Execution

Exploit Title: Adobe ColdFusion 8 - Remote Command Execution RCE Google Dork: intext:"adobe coldfusion 8" Date: 24/06/2021 Exploit Author: Pergyz Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html Version: 8 Tested on: Microsoft Windows Server 2008 R2 Standard CVE :...

7.5CVSS0.83865EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/03/15 12:0 a.m.365 views

Sonlogger 4.2.3.3 SuperAdmin Account Creation / Information Disclosure

Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Date: 04-02-2021 Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/25 12:0 a.m.365 views

MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MobileIron MDM Hessian-Based Java Deserialization RCE', 'Description' = %q This module exploits an ACL bypass in MobileIron MDM products to execu...

7.5CVSS0.7AI score0.99737EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.365 views

Gotenberg 6.2.0 Traversal / Code Execution / Insecure Permissions

1 Multiple vulnerabilities in Gotenberg │ │ │ │ My PDF │ │ │ │ Path: │ .DirPath │ PASSWD: │ toHTML .DirPath "../../../../etc/passwd" │ IP: │ toHTML .DirPath "../../../...

0.2AI score0.05591EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/06/29 12:0 a.m.365 views

Bolt CMS 3.7.0 Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bolt CMS 3.7.0 - Authenticated Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in Bolt CMS version 3.7.0...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/09 12:0 a.m.365 views

D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SYSTEM-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. Vendor us.dlink.com Product D-LINK Central WifiManager...

0.4AI score0.01675EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/04/16 12:0 a.m.364 views

📄 phpMyFAQ 3.1.7 Cross Site Scripting

phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Versio...

9.8CVSS7.5AI score0.04381EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/25 12:0 a.m.364 views

Multi Branch School Management System 3.5 Backup Disclosure

============================================================================================================================================= | Title : Multi Branch School Management System 3.5 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.364 views

OpenEMR 5.0.1 Patch 6 SQL Injection

require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...

9.8CVSS7AI score0.11945EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/06/07 12:0 a.m.364 views

Online Pizza Ordering System 1.0 SQL Injection

Titles: opos-1.0 Multiple SQLi Author: nu11secur1ty Date: 06/07/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection Description: The email...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/06/06 12:0 a.m.364 views

Northwind Demo 1.0 Cross Site Scripting

Exploit Title: Northwind, company operations database - Cross-Site Scripting Reflected Date: 04.06.2024 Exploit Author: Furkan Eren Tetik Vendor Homepage: https://bigprof.com/appgini/free-open-source-web-applications Software Link: https://github.com/bigprof-software/northwind-demo Version: 1.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/14 12:0 a.m.364 views

Prison Management System Using PHP SQL Injection

Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Date: 15/03/2024 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE :...

7.4AI score0.0081EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/01/26 12:0 a.m.364 views

Atlassian Confluence SSTI Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence SSTI Injection', 'Description' = %q This module exploits an SSTI injection in Atlassian Confluence servers. A specially...

10CVSS7.4AI score0.99984EPSS
Exploits32
Packet Storm
Packet Storm
added 2024/01/22 12:0 a.m.364 views

ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 20 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1MLqBkCyu0dA-cNgYxCAO8xbsVcof060Z/view?usp=sharin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/01/14 12:0 a.m.364 views

freeSSHd 1.0.9 Denial Of Service

!/usr/bin/perl use IO::Socket; Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: freeSSHd 1.0.9 - Denial of Service DoS Tested on: Window XP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/11 12:0 a.m.364 views

Greeva 2.0 SQL Injection

==================================================================================================================================== | Title : Greeva 2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | | Vendo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.364 views

Hospital Management System 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/20 12:0 a.m.364 views

MyBB External Redirect Warning 1.3 Cross Site Scripting

Exploit Title: MyBB External Redirect Warning Plugin 1.3 – Cross-Site Scripting Date: February 1, 2021 Author: 0xB9 Twitter: @0xB9sec Software Link: https://community.mybb.com/mods.php?action=view&pid=493 Version: 1.3 Tested On: Windows 10 CVE: CVE-2022-28353 Description: This plugin notifies the...

6.6AI score0.00558EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/11/24 12:0 a.m.364 views

F5 BIG-IP iControl Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl Authenticated RCE via RPM Creator', 'Description' = %q This module exploits a newline injection into an RPM .rpmspec file that...

0.5AI score0.87987EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/09/20 12:0 a.m.364 views

Blink1Control2 2.2.7 Weak Password Encryption

// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Date: 2022-08-12 // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const...

7.5CVSS7.6AI score0.0414EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/04/08 12:0 a.m.364 views

Car Rental System 1.0 SQL Injection

Car Rental System SQL Injection Author: D4rkP0w4r Note = Login to customer Injection Point = http://192.168.1.101:8080/CarRental/booking.php?id=1 Exploit Exploit with Sqlmap + Burp Suite Use Burp Suite capture request Then save as sqlicar.txt GET /CarRental/booking.php?id=1 HTTP/1.1 Host:...

0.3AI score0.01518EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/01/11 12:0 a.m.364 views

Backdoor.Win32.Controlit.10 Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/859aab793a42868343346163bd42f485.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Controlit.10 Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/10/01 12:0 a.m.364 views

Vehicle Service Management System 1.0 Shell Upload

Exploit Title: Vehicle Service Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 30.09.2021 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/06 12:0 a.m.364 views

Backdoor.Win32.NerTe.781 Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/776e8bb41adf8bd95865c0b03637d8d7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NerTe.781 Vulnerability: Authentication Bypass RCE Description: The malware listens o...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/18 12:0 a.m.364 views

Microsoft Exchange 2019 Unauthenticated Email Download

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...

7.5CVSS10AI score0.99999EPSS
Exploits63
Total number of security vulnerabilities5000