Lucene search
K
PacketstormMost viewed

50748 matches found

Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.317 views

Local Service Search Engine Management System 1.0 SQL Injection

Exploit Title: Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass Date: 21/11/2020 Exploit Author: Aditya Wakhlu Vendor Homepage: https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/13 12:0 a.m.317 views

ScanGuard Antivirus Insecure Permissions

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SCANGUARD-ANTIVIRUS-INSECURE-PERMISSIONS.txt + ISR: ApparitionSec Vendor https://www.scanguard.com Product ScanGuard Antivirus ScanGuardSetup.exe Hash: 1a63c67a249da0c2e9abd09d35c3c65d...

7.7AI score0.00499EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/10/16 12:0 a.m.317 views

CyberArk Password Vault 10.6 Authentication Bypass

Exploit Title: CyberArk Password Vault 10.6 - Authentication Bypass Date: 2019-10-16 Author: Daniel Martinez Adan adon90 Vendor: https://www.cyberark.com Software: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Collaborator: Luis Buendía...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/06/27 12:0 a.m.317 views

PRTG Command Injection

Bugtraq, I Josh Berry discovered an authenticated command injection vulnerability in the Demo PowerShell notification script provided by versions of PRTG Network Monitor prior to 18.2.39. The PowerShell notifications demo script on versions of the application prior to 18.2.39 do not properly...

7AI score0.87173EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.316 views

fronsetia 1.1 XML Injection

Exploit Title: XXE OOB - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-15-oob-xxe.html XXE OOB Description: - It was found that the application was vulnerable XXE XML External...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.316 views

SchoolPlus 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : SchoolPlus v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.316 views

C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection

Advisory ID: SYSS-2024-023 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution Date: -...

8.1CVSS7.1AI score0.01306EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/03 12:0 a.m.316 views

PPDB 2.4-update 6118-1 Cross Site Request Forgery

============================================================================================================================================= | Title : ppdb v2.4-update 6118-1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.316 views

Online Bus Ticketing 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Online Bus Ticketing v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.316 views

Blog Site 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Blog Site 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/05 12:0 a.m.316 views

DerbyNet 9.0 print/render/award.inc SQL Injection

CVE ID: CVE-2024-30922 Description: A SQL Injection vulnerability has been identified in DerbyNet version 9.0, specifically affecting the 'where' clause in Award Document Rendering through the component print/render/award.inc. This vulnerability allows remote attackers to execute arbitrary code a...

7.4AI score0.01429EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/03/22 12:0 a.m.316 views

Task Management System 1.0 SQL Injection

Exploit Title: SourceCodester PHP Task Management System 1.0 update-employee.php - SQL Injection Date: 22 March 2024 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor Homepage: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Software Link:...

7.4AI score0.0093EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/12/28 12:0 a.m.316 views

Lot Reservation Management System 1.0 File Disclosure

Exploit Title: Lot Reservation Management System Unauthenticated File Disclosure Vulnerability Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.htm...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.316 views

Foodiee CMS 1.0.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Foodiee CMS v1.0.1 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/10 12:0 a.m.316 views

Deprixa 3.2.5 Cross Site Request Forgery

==================================================================================================================================== | Title : Deprixa 3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.316 views

Ciuis CRM 1.0.8 Add Administrator

==================================================================================================================================== | Title : Ciuis™ CRM v1.0.7 add administrator Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.316 views

Frappe Framework 13.4.0 Remote Code Execution

Exploit Title: Frappe Framework ERPNext 13.4.0 - Remote Code Execution Authenticated Exploit Author: Sander Ferdinand Date: 2023-06-07 Version: 13.4.0 Vendor Homepage: http://erpnext.org Software Link: https://github.com/frappe/frappe/ Tested on: Ubuntu 22.04 CVE : none Silly sandbox escape. Frap...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.316 views

Teachers Record Management System 1.0 Validation Bypass

Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...

7.1AI score0.02556EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/10/19 12:0 a.m.316 views

Zimbra Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra sudo + postfix privilege escalation', 'Description' = %q This module exploits a vulnerable sudo configuration that permits the zimbra user...

0.7AI score0.00695EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.316 views

Backdoor.Win32.InfecDoor.17.c MVID-2022-0614 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.InfecDoor.17.c Vulnerability: Insecure Permissions Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.316 views

Backdoor.Win32.Psychward.03.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.316 views

Backdoor.Win32.FTP.Nuclear.10 Hardcoded Credential

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9c23dad9ba11305fecf38bed46b0cec2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Nuclear.10 Vulnerability: Hardcoded Credentials Description: The malware builds...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/07 12:0 a.m.316 views

Hospital Management System 4.0 SQL Injection

Title: Hospital Management System v4.0 Multiple SQL-Injections Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multiple...

9.8CVSS0.1AI score0.08244EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/01/25 12:0 a.m.316 views

Backdoor.Win32.DRA.c Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5ff832ce6af4b03a709eaf380672cf34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DRA.c Vulnerability: Weak Hardcoded Password Description: The malware listens on TCP...

Exploits0
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.316 views

IntelliChoice eFORCE Software Suite 2.5.9 Username Enumeration

IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page: https://www.eforcesoftware.com Affected version: 2.5.9.6 2.5.9.5 2.5.9.3 2.5.9.2 2.5.9.1 2.5.8.0 2.5.7.20 2.5.7.18 2.5.6.18 2.5.4.6 2.5.3.11 Summary: IntelliChoice is a United States...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.316 views

HEUR.Backdoor.Win32.Winnti.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Winnti.gen Vulnerability: Insecure Permissions Description: The malware creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/06 12:0 a.m.316 views

Billing System Project 1.0 Shell Upload

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Date: 06.07.2021 Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import...

Exploits0
Packet Storm
Packet Storm
added 2021/06/01 12:0 a.m.316 views

Veyon 4.4.1 Unquoted Service Path

Exploit Title: Veyon 4.4.1 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.4.1/veyon-4.4.1.0-win64-setup.exe Tested Version: 4.4.1 Vulnerability Type...

4.6CVSS0.5AI score0.11123EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.316 views

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation Vendor: Epic Games, Inc. Product web page: https://www.epicgames.com https://www.easy.ac Affected version: 4.0.0.0 Summary: Easy Anti-Cheat is the industry-leading anti–cheat service, countering hacking and cheating in multiplayer PC games...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.316 views

Trojan.Win32.Antavka.bz Insecure Permissions / Privilege Escalation

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/2e4573d8925be404a9a1ff49ee2f5bc3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Antavka.bz Vulnerability: Insecure Permissions EoP Description: Change permissions are...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.316 views

Online Course Registration 1.0 SQL Injection

Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/15 12:0 a.m.316 views

BitZoom 1.0 SQL Injection

Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0 Category: Webapps Tested on:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/05 12:0 a.m.315 views

OpenPanel 0.3.4 Remote Code Execution

OpenPanel version 0.3.4 suffers from a remote code execution vulnerability via /fix-permissions. Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission Date: Nov 7, 2024 Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee Vendor Homepage:...

8.3AI score0.00253EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/09/20 12:0 a.m.315 views

Online Food Management System 1.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Online Food Management System 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.315 views

Online Exam System 1.0 Information Disclosure

==================================================================================================================================== | Title : Online Exam System 1.0 HTML Form found in redirect page Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.315 views

Online Food Management System 1.0 SQL Injection

==================================================================================================================================== | Title : Online Food Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.315 views

C-MOR Video Surveillance 5.2401 Improper Access Control

Advisory ID: SYSS-2024-024 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Improper Access Control CWE-284 Risk Level: High Solution Status: Fixed Manufacturer Notification: 2024-04-05 Solution Date: 2024-07-31...

8.1CVSS7.1AI score0.00648EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/02 12:0 a.m.315 views

SPIP 4.2.7 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.7 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.315 views

Aruba 501 CN12G5W0XX Remote Command Execution

Exploit Title: Remote Command Execution | Aurba 501 Date: 17-07-2024 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/16 12:0 a.m.315 views

WordPress Shield Security 20.0.5 Cross Site Scripting

Exploit Title: CVE-2024-7313 - Reflected XSS to Unauthorised Administrator Account Creation Google Dork: inurl:"/wp-content/plugins/wp-simple-firewall/" Cannot find version numbers from this DORK Date: 16/08/2024 Exploit Author: Tim Lepp Vendor Homepage: https://getshieldsecurity.com/ Software...

7.4AI score0.01444EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/03/28 12:0 a.m.315 views

WinRAR 6.22 Remote Code Execution

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

7.8CVSS7.4AI score0.97798EPSS
Exploits49
Packet Storm
Packet Storm
added 2023/09/14 12:0 a.m.315 views

islamnt CMS 2.1.0 Add Administrator

==================================================================================================================================== | Title : islamnt CMS v2.1.0 Add ADmin Vulnerability Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.315 views

G And G Corporate CMS 1.0 SQL Injection

==================================================================================================================================== | Title : G&G Corporate CMS v1.0 Auth by Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/21 12:0 a.m.315 views

Evsanati Radyo 1.0 Shell Upload

==================================================================================================================================== | Title : evsanati radyo v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.315 views

Chevereto CMS 3.7.0 SQL Injection

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.315 views

Kolibri 2.0 Buffer Overflow

!/usr/bin/python3 Exploit Title: Kolibri GET request buffer Overflow Stack Egghunter Date: 2 Augst 2023 Exploit Author: Mahmoud NourEldin @Engacker Vendor App: https://www.exploit-db.com/apps/4d4e15b98e105facf94e4fd6a1f9eb78-Kolibri-2.0-win.zip Version: Kolibri 2.0 Tested on: Windows 10...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.315 views

Bigware-Shop CMS 2.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Bigware-Shop CMS v2.1 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/05/30 12:0 a.m.315 views

Argon Dashboard 2 SQL Injection

==================================================================================================================================== | Title : Argon Dashboard 2 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/25 12:0 a.m.315 views

WordPress Shield Security 17.0.17 Cross Site Scripting / Missing Authorization

Affected Plugin: Shield Security – Smart Bot Blocking & Intrusion Prevention Plugin Slug: wp-simple-firewall Affected Versions: = 17.0.17 CVE ID: CVE-2023-0992 CVSS Score: 7.2 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N Researcher/s: Ramuel Gall Fully Patched Version: 17.0.18 T...

6.3AI score0.93046EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.315 views

IBM Instana 243-0 Missing Authentication

Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...

9.1CVSS9.2AI score0.08573EPSS
Exploits3
Total number of security vulnerabilities5000