Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/07/14 12:0 a.m.306 views

Bazaar Social Listing Shopping Web PHP Template 2.3.2 Cross Site Scripting

==================================================================================================================================== | Title : Bazaar Social Listing Shopping Web PHP Template v2.3.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/14 12:0 a.m.304 views

Blogator 0.93 Cross Site Scripting

==================================================================================================================================== | Title : Blogator script v 0.93 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/14 12:0 a.m.259 views

BloodBank 1.0 Cross Site Scripting

====================================================================================================================================== | Title : BloodBank v1.0 - Blood Donor Directory CMS with PayPal Integration XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/14 12:0 a.m.294 views

Bigware Shop 2.3 Cross Site Scripting

==================================================================================================================================== | Title : Bigware Shop v2.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.258 views

BloodBank 1.0 Insecure Direct Object Reference

====================================================================================================================================== | Title : BloodBank v1.0 - Blood Donor Directory CMS with PayPal Integration unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.303 views

BD-Schools LMS 1.0.2 Cross Site Scripting

==================================================================================================================================== | Title : BD-Schools LMS v1.0.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vend...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.318 views

Vaidya-Mitra 1.0 SQL Injection

Title: Vaidya-Mitra 1.0 Multiple - SQLi Author: nu11secur1ty Date: 07.12.2023 Vendor: https://mayurik.com/ Software: free: https://www.sourcecodester.com/php/16720/free-hospital-management-system-small-practices.html, https://mayurik.com/source-code/P5890/best-hospital-management-system-in-php...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.297 views

Blogator Script 0.93 Insecure Settings

==================================================================================================================================== | Title : Blogator script v 0.93 Reinstall default Password Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.267 views

BBAM 1.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : bbam CMS v1.1 unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.329 views

BBook 5.7 Shell Upload

==================================================================================================================================== | Title : BBook - BookStore Script System with website v5.7 Unrestricted File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.301 views

Bayfront CMS 1.0 SQL Injection

==================================================================================================================================== | Title : Bayfront-CMS v1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.286 views

ARTISTRY LIMITED LMS 0.5 SQL Injection

==================================================================================================================================== | Title : ARTISTRY LIMITED LMS v 0.5 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.287 views

BKMobile CMS 1.5.0 SQL Injection

==================================================================================================================================== | Title : BKMobile-CMS V1.5.0 Blind SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.404 views

Blackboard 2.0.2 Database Disclosure

==================================================================================================================================== | Title : blackboard v 2.0.2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.318 views

Bloly 1.3 Add Administrator

==================================================================================================================================== | Title : Bloly v1.3 Add admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.367 views

pfSense Restore RRD Data Command Injection

class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of pfSense prior to version 2.7.0 which allows an authenticated attacker with the "WebCfg - Diagnostics:...

8.8CVSS7.1AI score0.90655EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.319 views

Bazaar Social Listing Shopping Web PHP Template 2.3.2 Privilege Escalation

==================================================================================================================================== | Title : Bazaar | Social Listing Shopping Web PHP Template v2.3.2 Privilege Escalation Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.P...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.315 views

Bigware-Shop CMS 2.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Bigware-Shop CMS v2.1 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.422 views

Spring Cloud 3.2.2 Remote Command Execution

Exploit Title: Spring Cloud 3.2.2 - Remote Command Execution RCE Date: 07/07/2023 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://spring.io/projects/spring-cloud-function/ Description: Exploit to execute commands exploiting CVE-2022-22963 Software Link:...

9.8CVSS7.1AI score0.99939EPSS
Exploits36
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.259 views

Avidi Media 2.0 Insecure Settings

==================================================================================================================================== | Title : Avidi Media v2.0 - Ultimate Video, Music, Photo and Gif Sharing Script - nulled Insecure Settings Vulnerability | | Author : indoushka | | Tested on :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.276 views

Asanhamayesh CMS 3.4.6 Directory Traversal

================================================================================================= | Title : Asanhamayesh CMS 3.4.6 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Dork : طراح و پشتیبان...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.219 views

Banner RotatorCMS 1.0 Database Disclosure

==================================================================================================================================== | Title : Banner RotatorCMS v1.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.221 views

ARTISTRY LIMITED LMS 0.5 Insecure Settings

==================================================================================================================================== | Title : ARTISTRY LIMITED LMS v 0.5 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.237 views

AtTestimonials CMS 1.2 Missing Authentication

==================================================================================================================================== | Title : AtTestimonials CMS v1.2 Missing Authentication Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.344 views

Architect HTML And Site Builder 2.2.3 File Upload

==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.327 views

Atom CMS 2.0 Directory Traversal

==================================================================================================================================== | Title : AtomCMS 2.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.301 views

XAMPP 8.2.4 Unquoted Service Path

Exploit Title: XAMPP 8.2.4 - Unquoted Path Date: 07/2023 Exploit Author: Andrey Stoykov Version: 8.2.4 Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.2.4/xampp-windows-x64-8.2.4-0-VS16-installer.exe Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.230 views

ArabInfotech L.L.C CMS 2.0 Cross Site Scripting

==================================================================================================================================== | Title : ArabInfotech L.L.C CMS v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.302 views

WordPress User Registration 3.0.2 Arbitrary File Upload

Description: User Registration = 3.0.2 – Authenticated Subscriber+ Arbitrary File Upload Affected Plugin: User Registration – Custom Registration Form, Login Form And User Profile For WordPress Plugin Slug: user-registration Affected Versions: = 3.0.2 CVE ID: CVE-2023-3342 CVSS Score: 9.9 Critica...

7.1AI score0.01454EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.316 views

Frappe Framework 13.4.0 Remote Code Execution

Exploit Title: Frappe Framework ERPNext 13.4.0 - Remote Code Execution Authenticated Exploit Author: Sander Ferdinand Date: 2023-06-07 Version: 13.4.0 Vendor Homepage: http://erpnext.org Software Link: https://github.com/frappe/frappe/ Tested on: Ubuntu 22.04 CVE : none Silly sandbox escape. Frap...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.293 views

Nedal CMS 1.2 SQL Injection

==================================================================================================================================== | Title : Nedal CMS 1.2 Sql injection vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.206 views

Netlify CMS 2.10.192 Cross Site Scripting

Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.235 views

QuickJob 6.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.237 views

QuickOrder 6.3.7 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.234 views

QuickQR 6.3.7 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.223 views

QuickVCard 2.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.257 views

QuickAI OpenAI 3.8.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.230 views

CANDOO Strategic CMS 2.0 SQL Injection

==================================================================================================================================== | Title : CANDOO Strategic CMS V2.0 Auth By pass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.641 views

Kyocera TASKalfa 4053ci 2VG_S000.002.561 Path Traversal / Denial Of Service

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Path traversal bypass & Denial of service product: Kyocera TASKalfa 4053ci printer vulnerable version: TASKalfa 4053ci Version = 2VGS000.002.561 fixed version:...

7.1AI score0.67994EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.192 views

Virtual Freer 1.57 Cross Site Scripting

==================================================================================================================================== | Title : virtual freer v1.57 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.217 views

Inout Blockchain FiatExchanger 3.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.248 views

BuildaGate5 Cross Site Scripting

Exploit Title: BuildaGate5library - Reflected Cross-Site Scripting XSS Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: None Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36163 PoC: An attacker just needs to find the vulnerable parameter mc= and inject the JS code lik...

7.1AI score0.02936EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.270 views

Articart 2.0.1 Cross Site Scripting / Open Redirection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.237 views

Atlas Business Directory Listing 2.13 Cross Site Scripting

Exploit Title: Atlas Business Directory Listing 2.13 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/atlas/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.236 views

Ateme TITAN File 3.9 Job Callbacks Server-Side Request Forgery

Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD, PostProduction, Playout and...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.213 views

Inout Blockchain EasyPayments 1.0.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.264 views

MiniTool Partition Wizard ShadowMaker 12.7 Unquoted Service Path

Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.7 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-361...

7.1AI score
Exploits5
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.266 views

Ekushey Project Manager CRM 5.0 Cross Site Scripting

Exploit Title: Ekushey Project Manager CRM 5.0 - Stored XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/ekushey/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow Attacker...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.272 views

AVG Anti Spyware 7.5 Unquoted Service Path

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

7.1AI score
Exploits3
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.244 views

Mastery LMS 1.2 Cross Site Scripting

Exploit Title: Mastery LMS 1.2 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/mastery/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow...

7.1AI score
Exploits0
Total number of security vulnerabilities50738