Lucene search
K
PacketstormMost viewed

50765 matches found

Packet Storm
Packet Storm
added 2022/03/24 12:0 a.m.293 views

Online Sports Complex Booking System 1.0 SQL Injection

Exploit Title: Online Sports Complex Booking System - 'id' Blind SQL Injection Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/11 12:0 a.m.293 views

Subrion CMS 4.2.1 Cross Site Request Forgery

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/09 12:0 a.m.293 views

Grandstream GXV31XX settimezone Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...

9.8CVSS0.5AI score0.15353EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/02/07 12:0 a.m.293 views

WordPress International SMS For Contact Form 7 Integration 1.2 XSS

Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting XSS Date: 2022-02-04 Author: Milad karimi Software Link: https://wordpress.org/plugins/cf7-international-sms-integration/ Version: 1.2 Tested on: Windows 11 CVE: N/A 1. Description: This...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/04 12:0 a.m.293 views

Servisnet Tessa Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Add sysAdmin User Unauthenticated Metasploit', 'Description' = %q This module exploits an authentication bypass in Servisnet...

0.4AI score0.11441EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/10/04 12:0 a.m.293 views

Pet Shop Management System 1.0 Privilege Escalation / Shell Upload

!/usr/bin/python3 Exploit Title: Pet Shop Management System v1.0 - Authenticated Privilege Escalation to Remote Code Execution Exploit Author: Oscar Gutierrez m4xp0w3r Date: October 01, 2021 Vendor Homepage:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.293 views

Trojan.Win32.Banpak.kh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/304fb160949dcaec3e718481464f9ce6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Banpak.kh Vulnerability: Insecure Permissions Description: The malware creates a dir wi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/15 12:0 a.m.293 views

Polkit 0.105-26 0.117-2 Privilege Escalation

Exploit Title: Polkit 0.105-26 0.117-2 - Local Privilege Escalation Date: 06/11/2021 Exploit Author: J Smith CadmusofThebes Vendor Homepage: https://www.freedesktop.org/ Software Link: https://www.freedesktop.org/software/polkit/docs/latest/polkitd.8.html Version: polkit 0.105-26 Ubuntu, polkit...

0.3AI score0.22193EPSS
Exploits37
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.293 views

WordPress Database Backups 1.2.2.6 Cross Site Request Forgery

Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...

5.8CVSS0.03218EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.293 views

Backdoor.Win32.Zombam.gen Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Remote Stack Buffer Overflow Description: Zombam malware...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/22 12:0 a.m.293 views

Comodo Unified Threat Management Web Console 2.7.0 Remote Code Execution

Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution Date: 2018-08-15 Exploit Author: Milad Fadavvi Author's LinkedIn: https://www.linkedin.com/in/fadavvi/ Vendor Homepage: https://www.comodo.com/ Version: Releases before 2.7.0 & 1.5.0 Tested on:...

7.5CVSS0.83912EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/06/08 12:0 a.m.293 views

10-Strike Bandwidth Monitor 3.9 Buffer Overflow

Exploit Title: 10-Strike Bandwidth Monitor 3.9 - ROP VirtualAlloc - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pr...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2019/12/06 12:0 a.m.293 views

Integard Pro NoJs 2.2.0.9026 Remote Buffer Overflow

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7...

7.5CVSS1.3AI score0.10746EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/09/03 12:0 a.m.293 views

Totaljs CMS 12.0 Insecure Admin Session Cookie

Author/Discoverer: Riccardo Krauter @CertimeterGroup + Title: Totaljs CMS Insecure Admin Session cookie + Affected software: Totaljs CMS 12.0 + Description: A low privilege user can easily crack the owned cookie to obtain the “random” values inside it. If this user can leak a session cookie owned...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/24 12:0 a.m.292 views

📄 AlegroCart 1.2.9 Cross Site Scripting

AlegroCart version 1.2.9 suffers from persistent and reflective cross site scripting vulnerabilities. Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 Date: 04/2025 Exploit Author: Andrey Stoykov Version: 1.2.9 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ XSS via SVG Imag...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/02/03 12:0 a.m.292 views

ABB Cylon FLXeon 9.3.4 timeConfig.js Authenticated Root Remote Code Execution

ABB Cylon FLXeon version 9.3.4 is vulnerable to authenticated remote root code execution via the /api/timeConfig endpoint. An attacker with valid credentials can inject arbitrary system commands by manipulating parameters such as tz, timeServerYN, and multiple timeDate fields. The vulnerability...

10CVSS9.7AI score0.04328EPSS
Exploits18
Packet Storm
Packet Storm
added 2024/10/11 12:0 a.m.292 views

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.292 views

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/06/11 12:0 a.m.292 views

VSCode ipynb Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSCode ipynb Remote Development RCE', 'Description' = %q VSCode when opening an Jupyter notebook .ipynb file bypasses the trust model. On version...

7.8CVSS7AI score0.67469EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/05/31 12:0 a.m.292 views

Check Point Security Gateway Information Disclosure

Exploit Title: Check Point Security Gateway - Information Disclosure Unauthenticated Exploit Author: Yesith Alvarez Vendor Homepage: https://support.checkpoint.com/results/sk/sk182336 Version: R77.20 EOL, R77.30 EOL, R80.10 EOL, R80.20 EOL, R80.20.x, R80.20SP EOL, R80.30 EOL, R80.30SP EOL, R80.40...

5CVSS6.5AI score0.99978EPSS
Exploits52
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.292 views

Advanced Page Visit Counter 1.0 Cross Site Scripting

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/13 12:0 a.m.292 views

Kleeja 1.5.4 Cross Site Scripting

==================================================================================================================================== | Title : Kleeja v1.5.4 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/07 12:0 a.m.292 views

JPC2 CMS 1.0 SQL Injection

====================================================================================================================================== | Title : JPC2 CMS v1.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 61.0.1 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/02 12:0 a.m.292 views

Tinycontrol LAN Controller 3 Remote Credential Extraction

!/usr/bin/env python Tinycontrol LAN Controller v3 LK3 Remote Credentials Extraction PoC Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of a web page. The website presents readin...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.292 views

Global Domains International 2.0 HTML Injection

==================================================================================================================================== | Title : Global Domains International v2.0 HTML inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.292 views

FreshRSS 1.11.1 HTML Injection

==================================================================================================================================== | Title : FreshRSS v1.11.1 Html Inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.292 views

Adiscon LogAnalyzer 4.1.13 Cross Site Scripting

Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Date: 2023.Aug.01 Exploit Author: Pedro ISSDU TW Vendor Homepage: https://loganalyzer.adiscon.com/ Software Link: https://loganalyzer.adiscon.com/download/ Version: v4.1.13 and before Tested on: Linux CVE : CVE-2023-36306 There ar...

7.1AI score0.03771EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/09 12:0 a.m.292 views

MVC Shop 0.5 Directory Traversal

==================================================================================================================================== | Title : mvc-shop v0.5 Directory Traversal Vulnerability Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/31 12:0 a.m.292 views

CoolerMaster MasterPlus 1.8.5 Unquoted Service Path

Exploit Title: CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path Date: 11/17/2022 Exploit Author: Damian Semon Jr Blue Team Alpha Version: 1.8.5 Vendor Homepage: https://masterplus.coolermaster.com/ Software Link: https://masterplus.coolermaster.com/ Tested on: Windows 10 64x Step...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/02 12:0 a.m.292 views

IBM Websphere Application Server 7.0 Cross Site Scripting

Exploit Title: IBM Websphere Application Server 7.0 - Persistent Cross-Site Scripting Authenticated Date: 2022-12-02 Author: Milad karimi Software Link: https://www.ibm.com/support/pages/6107-websphere-application-server-v61-fix-pack-7-windows Version: 7.0 Tested on: Windows 10 CVE: 2009-0855 1...

4.3CVSS6.7AI score0.05979EPSS
Exploits1
Packet Storm
Packet Storm
added 2022/09/08 12:0 a.m.292 views

Apache Spark Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...

8.8CVSS0.7AI score0.92984EPSS
Exploits12
Packet Storm
Packet Storm
added 2022/06/03 12:0 a.m.292 views

NVIDIA Data Center GPU Manager Remote Memory Corruption

!/usr/bin/python3 -- coding: UTF-8 -- heart.py NVIDIA Data Center GPU Manager Remote Memory Corruption Vulnerability Jeremy Brown jbrown3264/gmail NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopba...

6.5CVSS0.5AI score0.16954EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.292 views

WordPress Elementor 3.6.2 Shell Upload

Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution RCE Authenticated Date: 04/16/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://elementor.com/ Software Link: https://wordpress.org/plugins/elementor/advanced/ scroll down to select the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/01/25 12:0 a.m.292 views

Backdoor.Win32.Hanuman.b Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/4087cffab90fa22c2882e2f97a467e8e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hanuman.b Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/10 12:0 a.m.292 views

Microsoft OMI Management Interface Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft OMI Management Interface Authentication Bypass', 'Description' = %q By removing the authentication exchange, an attacker can issue...

7.5CVSS7.4AI score0.99723EPSS
Exploits20
Packet Storm
Packet Storm
added 2021/08/06 12:0 a.m.292 views

Amica Prodigy 1.7 Privilege Escalation

Exploit Title: Amica Prodigy 1.7 - Privilege Escalation Date: 2021-08-06 Exploit Author: Andrea Intilangelo Vendor Homepage: https://gestionaleamica.com - https://www.bisanziosoftware.com Software Link: https://gestionaleamica.com/Download/AmicaProdigySetup.exe Version: 1.7 Tested on: Windows 10...

1.1AI score0.01129EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.292 views

Internet Explorer jscript9.dll Memory Corruption

Internet Explorer: Memory corruption in jscript9.dll related to scope of the arguments object There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing attacker-controlled website in Internet Explorer. The vulnerability has been...

0.4AI score0.22595EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/03/24 12:0 a.m.292 views

Ext2Fsd 0.68 Unquoted Service Path

Exploit Title: Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Software Link: https://sourceforge.net/projects/ext2fsd/files/latest/download Version: 0.68 Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 Service info:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.292 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/24 12:0 a.m.292 views

SLMail 5.1.0.4420 Remote Code Execution

-- coding: utf-8 -- import socket from time import sleep from os import system system"clear" print 'Shell-code-foi-informada?\r\n' print '1 sim' print '2 nao\n' quest = intinput' ' def main: system"clear" ============================ --ensira-sua-shell-code-aqui buf = "" buf +=...

7.5CVSS0.2AI score0.71483EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/02/09 12:0 a.m.292 views

Adobe Connect 10 Username Disclosure

Title: adobe connect 10 Local Route Disclosure Author: h4shur date:2021-02-07 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 10 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Description : There ar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.292 views

HEUR.RISKTOOL.WIN32.BITMINER.GEN Remote Memory Corruption / Null Pointer

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/b85ae73dbbfff1d3b90cb7c78356f2a3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.RISKTOOL.WIN32.BITMINER.GEN Vulnerability: Remote Memory Corruption Description: Null pointer...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/15 12:0 a.m.292 views

FreeRadius 3.0.19 Logrotate Privilege Escalation

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Accessibility: Local Severity: Low...

6.9CVSS1.1AI score0.00345EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/10/28 12:0 a.m.292 views

Infosysta Jira 1.6.13_J8 User Name Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-043 Product: In-App & Desktop Notification for Jira Manufacturer: Infosysta Affected Versions: 1.6.13J8 Tested Versions: 1.6.13J8 Vulnerability Type: Authentication/Authorization Bypass Risk Level: Medium Solution Status: Clos...

5.4AI score0.01565EPSS
Exploits2
Packet Storm
Packet Storm
added 2019/03/07 12:0 a.m.292 views

Android su Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Android 'su' Privilege Escalation", 'Description' = %q This module uses the su binary present on rooted devices to run a payload as root. A roote...

1.2AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/18 12:0 a.m.291 views

Furniture Master 2 SQL Injection

==================================================================================================================================== | Title : Furniture master v2 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.291 views

C-MOR Video Surveillance 5.2401 Cross Site Scripting

Advisory ID: SYSS-2024-020 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Reflected Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2024-04-05 Solution Date:...

7.1AI score0.00942EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/02 12:0 a.m.291 views

IntelliNet 2.0 Remote Root

!/usr/local/bin/node const execSync = require'childprocess'; const readline = require'readline'; let TARGET = ''; let COMMAND = ''; let SESSION = ''; const ESCALATE = '/usr/aes/bin/execsuid'; console.log ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⣿⣧⣶⣶⣶⣦⣤⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.291 views

IPMI 2.0 Cipher Zero Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 Cipher Zero Authentication Bypass Scanner', 'Description' = %q| This module identifies IPMI 2.0-compatible systems that are vulnerable t...

10CVSS7.1AI score0.26016EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.291 views

Notemark 0.13.0 Cross Site Scripting

Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7.1AI score0.00777EPSS
Exploits4
Total number of security vulnerabilities5000