Lucene search
K
PacketstormMost viewed

50748 matches found

Packet Storm
Packet Storm
added 2011/06/19 12:0 a.m.317 views

sxVideo 2.1.0 SQL Injection

Exploit Title: sxVideo v2.1.0 Sql Ýnjection Vulnerability Google Dork: Powered By sxVideo v2.1.0 Date: 19/06/2011 Author: HeRoTuRK- http://by-heroturk.blogspot.com/ Demo :http://www.huntvideo.net/index.php?p=View&id=1128 Version: v2.1.0 Tested on: Windows 7 Greetz; F0RTYS3V3N - Lazmania61 -...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.316 views

fronsetia 1.1 XML Injection

Exploit Title: XXE OOB - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-15-oob-xxe.html XXE OOB Description: - It was found that the application was vulnerable XXE XML External...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.316 views

SchoolPlus 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : SchoolPlus v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.316 views

C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection

Advisory ID: SYSS-2024-023 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution Date: -...

8.1CVSS7.1AI score0.01306EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/03 12:0 a.m.316 views

PPDB 2.4-update 6118-1 Cross Site Request Forgery

============================================================================================================================================= | Title : ppdb v2.4-update 6118-1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.316 views

Blog Site 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Blog Site 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/06/24 12:0 a.m.316 views

Student Attendance Management System 1.0 SQL Injection

Titles: Student Attendance Management System-1.0 Bypass Authentication SQLi Author: nu11secur1ty Date: 06/22/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14561/student-attendance-management-system-using-phpmysqli-source-code.html Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/05 12:0 a.m.316 views

DerbyNet 9.0 print/render/award.inc SQL Injection

CVE ID: CVE-2024-30922 Description: A SQL Injection vulnerability has been identified in DerbyNet version 9.0, specifically affecting the 'where' clause in Award Document Rendering through the component print/render/award.inc. This vulnerability allows remote attackers to execute arbitrary code a...

7.4AI score0.01429EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/12/28 12:0 a.m.316 views

Lot Reservation Management System 1.0 File Disclosure

Exploit Title: Lot Reservation Management System Unauthenticated File Disclosure Vulnerability Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.htm...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.316 views

Foodiee CMS 1.0.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Foodiee CMS v1.0.1 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/10 12:0 a.m.316 views

Deprixa 3.2.5 Cross Site Request Forgery

==================================================================================================================================== | Title : Deprixa 3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.316 views

Ciuis CRM 1.0.8 Add Administrator

==================================================================================================================================== | Title : Ciuis™ CRM v1.0.7 add administrator Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.316 views

Frappe Framework 13.4.0 Remote Code Execution

Exploit Title: Frappe Framework ERPNext 13.4.0 - Remote Code Execution Authenticated Exploit Author: Sander Ferdinand Date: 2023-06-07 Version: 13.4.0 Vendor Homepage: http://erpnext.org Software Link: https://github.com/frappe/frappe/ Tested on: Ubuntu 22.04 CVE : none Silly sandbox escape. Frap...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.316 views

Teachers Record Management System 1.0 Validation Bypass

Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...

7.1AI score0.02556EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/10/19 12:0 a.m.316 views

Zimbra Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra sudo + postfix privilege escalation', 'Description' = %q This module exploits a vulnerable sudo configuration that permits the zimbra user...

0.7AI score0.00695EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.316 views

Backdoor.Win32.InfecDoor.17.c MVID-2022-0614 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.InfecDoor.17.c Vulnerability: Insecure Permissions Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.316 views

Backdoor.Win32.Psychward.03.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.316 views

Backdoor.Win32.FTP.Nuclear.10 Hardcoded Credential

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9c23dad9ba11305fecf38bed46b0cec2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Nuclear.10 Vulnerability: Hardcoded Credentials Description: The malware builds...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/07 12:0 a.m.316 views

Hospital Management System 4.0 SQL Injection

Title: Hospital Management System v4.0 Multiple SQL-Injections Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multiple...

9.8CVSS0.1AI score0.08244EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/01/25 12:0 a.m.316 views

Backdoor.Win32.DRA.c Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5ff832ce6af4b03a709eaf380672cf34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DRA.c Vulnerability: Weak Hardcoded Password Description: The malware listens on TCP...

Exploits0
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.316 views

IntelliChoice eFORCE Software Suite 2.5.9 Username Enumeration

IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page: https://www.eforcesoftware.com Affected version: 2.5.9.6 2.5.9.5 2.5.9.3 2.5.9.2 2.5.9.1 2.5.8.0 2.5.7.20 2.5.7.18 2.5.6.18 2.5.4.6 2.5.3.11 Summary: IntelliChoice is a United States...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.316 views

HEUR.Backdoor.Win32.Winnti.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Winnti.gen Vulnerability: Insecure Permissions Description: The malware creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/06 12:0 a.m.316 views

Billing System Project 1.0 Shell Upload

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Date: 06.07.2021 Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import...

Exploits0
Packet Storm
Packet Storm
added 2021/06/01 12:0 a.m.316 views

Veyon 4.4.1 Unquoted Service Path

Exploit Title: Veyon 4.4.1 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.4.1/veyon-4.4.1.0-win64-setup.exe Tested Version: 4.4.1 Vulnerability Type...

4.6CVSS0.5AI score0.11123EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.316 views

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation Vendor: Epic Games, Inc. Product web page: https://www.epicgames.com https://www.easy.ac Affected version: 4.0.0.0 Summary: Easy Anti-Cheat is the industry-leading anti–cheat service, countering hacking and cheating in multiplayer PC games...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/04/17 12:0 a.m.316 views

HEUR.Backdoor.Win32.Generic File Download

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.316 views

Trojan.Win32.Antavka.bz Insecure Permissions / Privilege Escalation

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/2e4573d8925be404a9a1ff49ee2f5bc3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Antavka.bz Vulnerability: Insecure Permissions EoP Description: Change permissions are...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.316 views

Online Course Registration 1.0 SQL Injection

Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/15 12:0 a.m.316 views

BitZoom 1.0 SQL Injection

Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0 Category: Webapps Tested on:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/05 12:0 a.m.315 views

OpenPanel 0.3.4 Remote Code Execution

OpenPanel version 0.3.4 suffers from a remote code execution vulnerability via /fix-permissions. Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission Date: Nov 7, 2024 Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee Vendor Homepage:...

8.3AI score0.00253EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/09/20 12:0 a.m.315 views

Online Food Management System 1.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Online Food Management System 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.315 views

Online Exam System 1.0 Information Disclosure

==================================================================================================================================== | Title : Online Exam System 1.0 HTML Form found in redirect page Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/19 12:0 a.m.315 views

Online Food Management System 1.0 SQL Injection

==================================================================================================================================== | Title : Online Food Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.315 views

C-MOR Video Surveillance 5.2401 Improper Access Control

Advisory ID: SYSS-2024-024 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Improper Access Control CWE-284 Risk Level: High Solution Status: Fixed Manufacturer Notification: 2024-04-05 Solution Date: 2024-07-31...

8.1CVSS7.1AI score0.00648EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.315 views

Online Bus Ticketing 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Online Bus Ticketing v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.315 views

Aruba 501 CN12G5W0XX Remote Command Execution

Exploit Title: Remote Command Execution | Aurba 501 Date: 17-07-2024 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/16 12:0 a.m.315 views

WordPress Shield Security 20.0.5 Cross Site Scripting

Exploit Title: CVE-2024-7313 - Reflected XSS to Unauthorised Administrator Account Creation Google Dork: inurl:"/wp-content/plugins/wp-simple-firewall/" Cannot find version numbers from this DORK Date: 16/08/2024 Exploit Author: Tim Lepp Vendor Homepage: https://getshieldsecurity.com/ Software...

7.4AI score0.01444EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/03/28 12:0 a.m.315 views

WinRAR 6.22 Remote Code Execution

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

7.8CVSS7.4AI score0.97798EPSS
Exploits49
Packet Storm
Packet Storm
added 2024/03/22 12:0 a.m.315 views

Task Management System 1.0 SQL Injection

Exploit Title: SourceCodester PHP Task Management System 1.0 update-employee.php - SQL Injection Date: 22 March 2024 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor Homepage: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Software Link:...

7.4AI score0.0093EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/09/14 12:0 a.m.315 views

islamnt CMS 2.1.0 Add Administrator

==================================================================================================================================== | Title : islamnt CMS v2.1.0 Add ADmin Vulnerability Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.315 views

G And G Corporate CMS 1.0 SQL Injection

==================================================================================================================================== | Title : G&G Corporate CMS v1.0 Auth by Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/21 12:0 a.m.315 views

Evsanati Radyo 1.0 Shell Upload

==================================================================================================================================== | Title : evsanati radyo v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.315 views

Chevereto CMS 3.7.0 SQL Injection

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.315 views

Kolibri 2.0 Buffer Overflow

!/usr/bin/python3 Exploit Title: Kolibri GET request buffer Overflow Stack Egghunter Date: 2 Augst 2023 Exploit Author: Mahmoud NourEldin @Engacker Vendor App: https://www.exploit-db.com/apps/4d4e15b98e105facf94e4fd6a1f9eb78-Kolibri-2.0-win.zip Version: Kolibri 2.0 Tested on: Windows 10...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.315 views

Bigware-Shop CMS 2.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Bigware-Shop CMS v2.1 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/05/30 12:0 a.m.315 views

Argon Dashboard 2 SQL Injection

==================================================================================================================================== | Title : Argon Dashboard 2 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/25 12:0 a.m.315 views

WordPress Shield Security 17.0.17 Cross Site Scripting / Missing Authorization

Affected Plugin: Shield Security – Smart Bot Blocking & Intrusion Prevention Plugin Slug: wp-simple-firewall Affected Versions: = 17.0.17 CVE ID: CVE-2023-0992 CVSS Score: 7.2 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N Researcher/s: Ramuel Gall Fully Patched Version: 17.0.18 T...

6.3AI score0.93046EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.315 views

IBM Instana 243-0 Missing Authentication

Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...

9.1CVSS9.2AI score0.08573EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/09/26 12:0 a.m.315 views

Active eCommerce CMS 6.3.0 Cross Site Scripting

Exploit Title: Active eCommerce CMS Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/active-ecommerce-cms/23471405 Version: Version 6.3.0 Tested on Ubuntu 18.04 -------Request----------- POST /ajax-search HTTP/1.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/18 12:0 a.m.315 views

Polar Flow Android 5.7.1 Secret Disclosure

Trovent Security Advisory 2110-01 Insecure data storage in Polar Flow Android application Overview Advisory ID: TRSA-2110-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2110-01 Affected product: Polar Flow Android mobile application...

7.4AI score
Exploits0
Total number of security vulnerabilities5000