Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.101 views

📄 thumbler 1.1.2 Command Injection

thumbler through version 1.1.2 allows OS command injection in thumbnail in lib/thumbler.js. The package concatenates the input, output, time, and size values into a single ffmpeg command string and executes that string with childprocess.exec. An attacker who controls one of those values can injec...

9.8CVSS5.9AI score0.02308EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.180 views

📄 pdf-image 2.0.0 Command Injection

pdf-image through version 2.0.0 allows OS command injection via the pdfFilePath argument. The package builds shell command strings with util.format and executes them with childprocess.exec. If an application passes an attacker-controlled file path into PDFImage, shell metacharacters in that path...

9.8CVSS6AI score0.02493EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.145 views

📄 V8 StringToBigInt Memory Corruption Sandbox Bypass

V8 suffers from a sandbox bypass vulnerability due to memory corruption during StringToBigInt conversion. The function v8::internal::StringToBigInt is used by V8 when converting a string to a BigInt e.g. via BigInt“1337”. It first parses the string into individual digitt’s in the...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.234 views

📄 node-tesseract-ocr 2.2.1 Command Injection

node-tesseract-ocr through version 2.2.1 allows OS command injection in recognize in src/index.js. The package builds a shell command string and executes it with childprocess.exec. Because the input path is only wrapped in double quotes, an attacker can inject shell syntax through a crafted file...

9.8CVSS5.8AI score0.01706EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.134 views

📄 V8 BytecodeArray Swapping Sandbox Bypass

V8 suffers from a sandbox bypass due to arbitrary bytecode execution from BytecodeArray swapping before code deoptimization. Vulnerability Details When deoptimizing compiled code and resuming execution in the interpreter, V8 uses the function Deoptimizer::DoComputeOutputFrames to reconstruct the...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.130 views

📄 textract 2.5.0 Command Injection

textract through version 2.5.0 allows OS command injection through the file path supplied to multiple extractors. Several code paths pass that file path into childprocess.exec with inadequate sanitization. An attacker who can influence the file name or path can break out of the command line and r...

9.8CVSS6AI score0.02421EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/03/26 12:0 a.m.117 views

📄 OpenEMR 8.0.0.2 SQL Injection

OpenEMR versions prior to 8.0.0.3 contain a remote SQL injection vulnerability in the new search popup that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the new search popup functionality. CVE-2026-29187 - SQL Injection Vulnerabilit...

8.8CVSS5.9AI score0.00473EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/25 12:0 a.m.156 views

📄 EspoCRM 9.3.3 Remote Code Execution / Path Traversal

EspoCRM versions 9.3.3 and below proof of concept remote code execution exploit that leverages formula ACL bypass, path traversal, and poisoning. !/bin/bash =========================================================================== EspoCRM command Example: ./poc.sh http://192.168.5.16:8090 admin...

6.5AI score0.005EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/24 12:0 a.m.179 views

📄 activitypub-federation-rust 0.7.1 Server-Side Request Forgery

activitypub-federation-rust versions 0.7.1 and below suffer from a server-side request forgery vulnerability. CVE-2026-33693: SSRF via 0.0.0.0 Bypass in activitypub-federation-rust v4isinvalid CVSS 6.5 Moderate Keywords: SSRF, 0.0.0.0, IP validation bypass, activitypub-federation, Lemmy, Rust,...

6.5CVSS5.8AI score0.00359EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/24 12:0 a.m.427 views

📄 MCPJam Inspector 1.4.2 Remote Code Execution

MCPJam Inspector versions 1.4.2 and below proof of concept remote code execution exploit. !/usr/bin/env python3 CVE-2026-23744.py for testing only import requests import argparse import json import sys import urllib3 urllib3.disablewarningsurllib3.exceptions.InsecureRequestWarning def main: parse...

9.8CVSS6.5AI score0.38374EPSS
Exploits29
Packet Storm
Packet Storm
added 2026/03/24 12:0 a.m.129 views

📄 Payara Server Cross Site Scripting

Research details on exploitation for a cross site scripting vulnerability in Payara's administration REST interface. Versions below 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 are affected. XSS to Admin account takeover CVE-2025-14340 A Cross-Site Scripting vulnerability in Payara’s Administration...

9.3CVSS5.2AI score0.01002EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/03/24 12:0 a.m.117 views

📄 esiclivre 0.2.2 SQL Injection

esiclivre versions 0.2.2 and below suffer from a remote SQL injection vulnerability. CVE-2026-30655 — SQL Injection in esiclivre password reset Summary A SQL injection vulnerability exists in the password reset endpoint of esiclivre. An unauthenticated attacker can inject SQL via the cpfcnpj POST...

6.5CVSS5.9AI score0.00514EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/03/24 12:0 a.m.153 views

📄 ddev/ddev ZipSlip Path Traversal

A ZipSlip path traversal vulnerability exists in ddev/ddev, a popular open-source local development tool for PHP, Python, and Node.js projects. Both the Untar and Unzip functions in pkg/archive/archive.go use filepath.Joindest, file.Name without any path containment validation, allowing a crafted...

5.9AI score0.00418EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.189 views

📄 Digital Watchdog DVR VMAX / DW-VP / DW-VA Credential Disclosure / Code Execution

Digital Watchdog DVR versions VMAX, DW-VP, and DW-VA suffer from unauthenticated credential disclosure and post-authentication remote code execution vulnerabilities. Exploit Title: Digital Watchdog DVR VMAX/DW-VP/DW-VA unauth credential disclosure and post-auth RCE Date: 2026-01-06 Exploit Author...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.127 views

📄 OpenEMR 8.0.0 Authenticated SQL Injection

OpenEMR version 8.0.0 authenticated remote SQL injection exploit that leverages the name parameter in ajax/graphs.php. ====================================================================================================================== | Title : OpenEMR 8.0.0 Authenticated SQL Injection via nam...

8.8CVSS5.9AI score0.00327EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.160 views

📄 Cursor IDE MCP Deeplink Remote Code Execution

This Metasploit module exploits the MCP deeplink functionality in Cursor IDE through social engineering. The cursor:// protocol handler can be abused when a user accepts an installation prompt, leading to arbitrary command execution...

8.8CVSS6.2AI score0.07598EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.107 views

📄 Webb Fontaine Trade Portal Information Disclosure

A security vulnerability was identified in the Webb Fontaine Trade Portal affecting the codification module /trade/help/codification. The issue allows unauthorized users to trigger data export functionality via the /export/excel endpoint without proper validation of session state or user...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.128 views

📄 DSpace 7.6.6-next Cross Site Scripting

The Discovery Search REST API in DSpace version 7.6.6-next suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : DSpace 7.6.6-next Discovery API...

5.2AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.137 views

📄 MailEnable 10.54 Cross Site Scripting

MailEnable versions 10.54 and below suffer from multiple cross site scripting vulnerabilities. --------------------------------------------------------------------------- MailEnable = 10.54 Multiple Reflected Cross-Site Scripting Vulnerabilities...

5.2AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.120 views

📄 AVideo Command Injection

The Metasploit exploit module targets a command injection vulnerability in AVideo. This module exploits a base64-encoded command injection flaw in AVideo Encoder's image processing endpoint, turning a simple URL parameter into remote code execution with multiple payload strategies. Versions prior...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.139 views

📄 Starlink DNS Rebinding

This python script implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. ================================================================================================================================== | Title : Starlink DNS Rebinding Exploit | | Author : indoushka...

8.8CVSS5.8AI score0.00528EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.117 views

📄 Barracuda ESG TAR Filename Command Injection

This Metasploit module exploits CVE-2023-2868, a command injection vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the ESG processes TAR file attachments - filenames containing shell metacharacters backticks are passed directly to shell commands...

9.8CVSS7.8AI score0.86956EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.146 views

📄 Starlink DNS Rebinding

This Metasploit auxiliary module implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. The module operates by running a malicious DNS server that dynamically switches responses from a public IP to internal network targets, enabling access to internal services. It als...

8.8CVSS5.8AI score0.00528EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/20 12:0 a.m.91 views

📄 PEGA Infinity Brute Force / Insecure Direct Object Reference

PEGA Infinity suffers from brute forcing and insecure direct object reference vulnerabilities. Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by the brute force issue. Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by the idor issue. SEC Consult Vulnerability Lab...

6.5CVSS5.8AI score0.00405EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/03/20 12:0 a.m.157 views

📄 OpenEMR Remote Code Execution

OpenEMR versions prior to 8.0.0.1 contain multiples command injection vulnerabilities in the backup functionality that can be exploited by authenticated attackers. CVE-2026-32238 - Remote Code Execution in OpenEMR Weakness CWE-78 : Improper Neutralization of Special Elements used in an OS Command...

9.1CVSS5.8AI score0.01889EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/19 12:0 a.m.100 views

📄 Arturia Software Center MacOS 2.12.0.3157 Privilege Escalation

Arturia Software Center MacOS version 2.12.0.3157 suffers from privilege escalation vulnerabilities. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Privilege Escalation Vulnerabilities product: Arturia Softwa...

8.2CVSS5.8AI score0.00127EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/03/19 12:0 a.m.149 views

📄 AVideo getImage.php Unauthenticated Command Injection

This Metasploit module exploits an unauthenticated OS command injection vulnerability in the AVideo encoder getImage.php endpoint. This affects versions prior to 7.0. The base64Url GET parameter is base64-decoded and injected directly into an ffmpeg shell command within double quotes, without any...

9.8CVSS5.8AI score0.02132EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/03/19 12:0 a.m.161 views

📄 Casdoor 2.359.0 Cross Site Request Forgery

Casdoor version 2.359.0 suffers from a cross site request forgery vulnerability. This is an older vulnerability originally discovered in 2023 that they still have not addressed in later versions. Exploit Title: Casdoor 2.359.0 2026-03-18 - Cross-Site Request Forgery CSRF Application: Casdoor...

6.5CVSS5.2AI score0.03093EPSS
Exploits10
Packet Storm
Packet Storm
added 2026/03/18 12:0 a.m.128 views

📄 FreePBX Filestore Command Injection

This script targets a potential remote command execution vector in the FreePBX Filestore module by leveraging a valid PHP session cookie PHPSESSID to access administrative AJAX endpoints. The exploit attempts to abuse the testconnection function within the filestore module to inject and execute...

8.6CVSS6.4AI score0.84417EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/03/17 12:0 a.m.158 views

📄 WordPress WPvivid 0.9.123 Arbitrary File Write

This Metasploit module exploits an unauthenticated arbitrary file write vulnerability in the WPvivid Backup plugin used in WordPress websites. The vulnerability allows an attacker to send a specially crafted encrypted payload to the vulnerable endpoint using the parameter wpvividaction=sendtosite...

9.8CVSS7.7AI score0.32714EPSS
Exploits13
Packet Storm
Packet Storm
added 2026/03/16 12:0 a.m.141 views

📄 Libjxl Integer Overflow

This Python script generates malicious JPEG XL JXL image files designed to test a potential integer overflow vulnerability in libjxl. The tool creates specially crafted JXL images with extremely large dimensions and manipulated headers that can trigger memory miscalculations when processed by...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/16 12:0 a.m.193 views

📄 WordPress WWLC 2.0.3.1 File Upload Metasploit Scanner

This Metasploit auxiliary module scans WordPress websites for an arbitrary file upload vulnerability in the WWLC plugin version 2.0.3.1. The module attempts to upload a crafted PHP file through the vulnerable AJAX endpoint admin-ajax.php using the wwlcfileuploadhandler action. If the upload is...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/16 12:0 a.m.157 views

📄 WordPress WWLC 2.0.3.1 File Upload Scanner

This Python tool is a multi‑threaded scanner designed to detect an arbitrary file upload vulnerability in the WWLC WordPress plugin version 2.0.3.1. The script loads a list of target websites from a file and attempts to upload a crafted PHP payload through the vulnerable admin-ajax.php endpoint...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/13 12:0 a.m.132 views

📄 FreePBX Filestore Authenticated Command Injection

This Metasploit module exploits an authenticated command injection vulnerability in the FreePBX filestore module. The filestore module allows administrators to configure remote file storage backends SSH, FTP, etc. for backup and file management purposes. The vulnerability exists in the SSH driver...

8.6CVSS5.9AI score0.84417EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/03/13 12:0 a.m.126 views

📄 WordPress Canto 3.0.4 Remote File Inclusion

This is a Metasploit module that exploits a remote file inclusion vulnerability in WordPress Canto plugin versions 3.0.4 and below. ============================================================================================================================================= | Title : WordPress Can...

9.8CVSS5.8AI score0.0562EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/03/13 12:0 a.m.165 views

📄 Microsoft Windows Server 2025 jscript.dll Use-After-Free

The exploit targets a use-After-free vulnerability in the JScript engine component jscript.dll of Internet Explorer 11 on Windows Server 2025. ============================================================================================================================================= | Title :...

7.5CVSS5.8AI score0.21562EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.162 views

📄 Microsoft Windows Cloud Files Mini Filter Driver Local Privilege Escalation

Proof of concept exploit for a heap-based buffer overflow vulnerability in the Windows Cloud Files Mini Filter Driver cldflt.sys that allows local attackers to escalate privileges from user-level to SYSTEM-level access on affected Windows systems. The vulnerability exists in the Cloud Files Mini...

7.8CVSS6.1AI score0.15127EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.210 views

📄 Microsoft Windows 11 Race Condition / Privilege Escalation

This Metasploit module exploits CVE-2025-62215, a race condition combined with a double-free vulnerability in the Windows Kernel. It allows local privilege escalation from low-privileged users to SYSTEM by exploiting improper synchronization in kernel object handling...

7CVSS5.8AI score0.061EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.253 views

📄 Microsoft Windows 11 SMB Local Privilege Escalation

Proof of concept for CVE‑2025‑33073, a Microsoft Windows SMB privilege escalation vulnerability that abuses local NTLM reflection behavior within the SMB stack...

8.8CVSS5.8AI score0.64987EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.199 views

📄 Alipay Open Redirect / API Attacker Payload Insertion

A single crafted URL enables a complete attack chain against Alipay mobile application users that can allow for data exfiltration. As the vendor has stated this is normal behavior with no apparent plans to address the problem, this is being published to make users aware. Alipay Mobile App -...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.168 views

📄 Microsoft Windows LNK File Remote Code Execution

This PHP script is a proof of concept exploit that demonstrates how to create a Windows LNK shortcut file that executes a PowerShell command in this example, launches calc.exe...

7.8CVSS5.8AI score0.63102EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.253 views

📄 SPIP CMS Analysis Scanner Script

This is an exploitation tool designed for websites running the SPIP CMS versions 5.4.0 through 5.11.0. The tool performs automated detection and enumeration of SPIP installations, identifies installed plugins, attempts to determine plugin versions, and searches for forms using the saisies plugin...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.115 views

📄 BuptLab DNS Relay Server 1.0 Denial of Service

A remote denial of service vulnerability exists in BuptLab DNS Relay Server version 1.0 due to improper validation of DNS label length during query parsing. An attacker can send a specially crafted DNS request containing an invalid label length field that exceeds the actual payload size. When the...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.185 views

📄 Nginx UI 2.3.3 Backup Decryption Mass Scanner

This Python tool is a multi‑threaded scanner and exploitation utility designed to identify and validate the vulnerability CVE-2026-27944 affecting Nginx UI versions 2.3.2 and below. The script supports scanning single hosts, CIDR ranges, or target lists, and checks multiple common web service...

9.8CVSS5.8AI score0.22162EPSS
Exploits12
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.203 views

📄 Nginx UI 2.3.3 Unauthenticated Backup Disclosure / Decryption

This Python proof‑of‑concept demonstrates an unauthenticated information disclosure vulnerability in Nginx UI tracked as CVE-2026-27944. The vulnerability allows a remote attacker to access the /api/backup endpoint without authentication and retrieve a backup archive of the server configuration...

9.8CVSS5.8AI score0.22162EPSS
Exploits12
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.163 views

📄 FreeFloat FTP Server 1.0 Buffer Overflow

Proof of concept exploit for a buffer overflow vulnerability in FreeFloat FTP Server version 1.0. The exploit works by sending an overly long payload through the NOOP FTP command, which overflows the server's buffer and allows control of the EIP Extended Instruction Pointer...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.201 views

📄 WatchGuard Firebox Default SSH Credentials

This is a python script to detect whether or not WatchGuard Firebox devices allow unauthorized access via default credentials admin:readwrite on port 4118. =============================================================================================================================================...

6AI score0.00043EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.112 views

📄 BuptLab DNS Relay Server 1.0 Buffer Underflow

This is a proof of concept exploit that leverages a remote heap buffer underflow denial of service vulnerability in BuptLab DNS Relay Server version 1.0.0 that was recently discovered by Antonius...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.135 views

📄 Vvveb CMS 1.0.5 Command Injection

Proof of concept exploit for a remote command injection vulnerability in Vvveb CMS version 1.0.5 via configuration files. Upon further analysis, the researcher has also discovered that this affects version 1.0.7.3...

7.2CVSS5.8AI score0.2442EPSS
Exploits21
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.110 views

📄 Easy Grade Pro 4.1 Malformed .EGP File Denial of Service

This Python script generates a malformed .EGP gradebook file designed to trigger a crash in Easy Grade Pro 4.1 by corrupting data at a specific offset within the file...

5.8AI score
Exploits0
Total number of security vulnerabilities50738