Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.273 views

Game Jackal Server 5 Unquoted Service Path

Exploit Title: Game Jackal Server v5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.allradiosoft.ru Software Link: https://www.allradiosoft.ru/en/ss/index.htm Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36166 PoC C:\Userswmic...

7.1AI score
Exploits3
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.548 views

Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities including Unauthenticated RCE product: Siemens A8000 CP-8050 MASTER MODULE 6MF2805-0AA00 Siemens A8000 CP-8031 MASTER MODULE 6MF2803-1AA00...

9.8CVSS7.1AI score0.47722EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.224 views

Rukovoditel Project Management CRM 2.4.1 Local File Inclusion

==================================================================================================================================== | Title : Rukovoditel Project Management CRM 2.4.1 LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.242 views

Super Store Finder 3.6 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.214 views

Academy LMS 5.15 Cross Site Scripting

Exploit Title: Academy LMS 5.15 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.503 views

Microsoft 365 MSO 2306 Build 16.0.16529.20100 Remote Code Execution

Title: Microsoft Outlook ®Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit RCE Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference: https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/...

8.8CVSS7.1AI score0.05718EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.250 views

Qatanna POS Software 1.0 Blind SQL Injection

Exploit Title: Qatanna POS Software 1.0 - Blind SQL Injection Exploit Date: May 07, 2023. CVSS 3.1: 8.8 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Application Name: Qatanna POS Software Application Version: 1.0 Link: https://www.codester.com/items/42053/qatanna-pos-software...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.602 views

Boomerang Parental Control App Cross Site Scripting / Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS & Privilege Escalation product: Boomerang Parental Control App vulnerable version: =13.83 only issue 1, rest not fixed CVE number: CVE-2023-36620, CVE-2023-366...

7.1AI score0.01098EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.208 views

Inout Blockchain AltExchanger 2.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.367 views

ILIAS eLearning Platform XSS / Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: ILIAS eLearning platform vulnerable version: see section "Vulnerable version" below fixed version: see section "Solution" belo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.1115 views

SmarterTools SmarterMail Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution', 'Description' = %q This module exploits a...

10CVSS7.1AI score0.83317EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.175 views

Faculty Evaluation System 1.0 SQL Injection

Exploit Title: Faculty Evaluation System v1.0 - SQL Injection Date: 07/2023 Exploit Author: Andrey Stoykov Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.180 views

Balaji CMS 1.03 SQL Injection

==================================================================================================================================== | Title : balaji cms v1.03 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.354 views

ZAMAN CMS 1.0 Cross Site Scripting

==================================================================================================================================== | Title : ZAMAN CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.159 views

C3iM CMS 2.0 Cross Site Scripting

====================================================================================================================================== | Title : C3iM CMS V2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.138 views

XOO DIGITAL 2.1.0 Cross Site Scripting

==================================================================================================================================== | Title : XOO DIGITAL v2.1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.153 views

Basic Inventory Stock Management And Invoicing 2.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Basic Inventory - Stock Management and Invoicing v2.0 Missing Authorization Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.175 views

Zuz CMS 1.0 Cross Site Scripting

==================================================================================================================================== | Title : Zuz CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.0.132-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.170 views

Bahardowload CMS 2 Database Disclosure

==================================================================================================================================== | Title : bahardowload cms v2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.180 views

Banner Management CMS 1.0 Database Disclosure

==================================================================================================================================== | Title : Banner Management CMS v1.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/10 12:0 a.m.178 views

AppleZeed CMS 2.0 Insecure Settings

==================================================================================================================================== | Title : AppleZeed CMS v2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.260 views

AGVirtues Galeria 2.0 SQL Injection

==================================================================================================================================== | Title : AGVirtues Galeria v2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.349 views

CakePHP Test Suite 2.7.0 Cross Site Scripting

==================================================================================================================================== | Title : CakePHP Test Suite v2.7.0 Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.346 views

Aplikasi Sistem Informasi Kelulusan CMS 1.0.9 Local File Inclusion

==================================================================================================================================== | Title : Aplikasi Sistem Informasi Kelulusan CMS v 1.0.9 ASIK LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozill...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.328 views

DaillyTools Remote Command Execution

==================================================================================================================================== | Title : DaillyTools v1 command execution Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.433 views

Lost And Found Information System 1.0 SQL Injection

Exploit Title: Lost and Found Information System v1.0 - SQL Injection Date: 2023-06-30 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /php-lfis/admin/?page=systeminfo/contactinformation Tested on: Windows/Linux CVE : CVE-2023-33592 import requests URL of the...

7.1AI score0.02519EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.283 views

Piwigo 13.7.0 Cross Site Scripting

Exploit Title: Piwigo v13.7.0 - Stored Cross-Site Scripting XSS Authenticated Date: 25 June 2023 Exploit Author: Okan Kurtulus Vendor Homepage: https://piwigo.org Version: 13.7.0 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.410 views

Gila CMS 1.10.9 Remote Code Execution

Exploit Title: Gila CMS 1.10.9 - Remote Code Execution RCE Authenticated Date: 05-07-2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/ Version: Gila 1.10.9 Tested on: Linux import requests from termcolor import...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.327 views

Apache RocketMQ 5.1.0 Arbitrary Code Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache RocketMQ update config RCE', 'Description' = %q RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection. Broker...

9.8CVSS7.1AI score0.96604EPSS
Exploits11
Packet Storm
Packet Storm
added 2023/07/07 12:0 a.m.337 views

DANGEROUS MAILER-CLONED 2.0 Information Disclosure

==================================================================================================================================== | Title : DANGEROUS MAILER-CLONED V2.0 information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/06 12:0 a.m.260 views

Archon CMS 3.14 Cross Site Scripting

==================================================================================================================================== | Title : Archon CMS V3.14 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/05 12:0 a.m.214 views

Super Store Finder PHP Script 3.6 SQL Injection

Title : Super Store Finder PHP Script SQL Injection / Bypass admin login Researcher : Etharus Vendor : Joe Iz, https://superstorefinder.net/ Script Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.6 and below Date : 5 July 2023 FOFA Dork : "designed and buil...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/05 12:0 a.m.239 views

Beauty Salon Management System 1.0 SQL Injection

Exploit Title: Beauty Salon Management System v1.0 - SQLi Date of found: 04/07/2023 Exploit Author: Fatih Nacar Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://www.campcodes.com Software Link: https://www.campcodes.com/projects/beauty-salon-management-system-in-php-and-mysqli/ CWE:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.186 views

Ariadna CMS 0.3 Cross Site Scripting

==================================================================================================================================== | Title : Ariadna CMS v.3 - XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vendor ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.225 views

ApPHP MicroCMS 1.0.1 Host Header Injection

==================================================================================================================================== | Title : ApPHP MicroCMS v1.0.1 Host header attack Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.223 views

POS Codekop 2.0 Shell Upload

Exploit Title: POS Codekop v2.0 - Authenticated Remote Code Execution RCE Date: 25-05-2023 Exploit Author: yuyudhn Vendor Homepage: https://www.codekop.com/ Software Link: https://github.com/fauzan1892/pos-kasir-php Version: 2.0 Tested on: Linux CVE: CVE-2023-36348 Vulnerability description: The...

7.1AI score0.06366EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.147 views

Arlisistem 3.0 SQL Injection

==================================================================================================================================== | Title : Arlisistem 3.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://www.arlisistem.com/ | | Dor...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.186 views

D-Link DAP-1325 Insecure Direct Object Reference

Exploit Title: D-Link DAP-1325 - Broken Access Control Date: 27-06-2023 Exploit Author: ieduardogoncalves Contact : twitter.com/0x00dia Vendor : www.dlink.com Version: Hardware version: A1 Firmware version: 1.01 Tested on:All Platforms 1 Description Security vulnerability known as "Unauthenticate...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.206 views

Aathesh Soft CMS 0.3.0 Cross Site Scripting

==================================================================================================================================== | Title : Aathesh Soft CMS v0.3.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.184 views

WordPress WP AutoComplete Search 1.0.4 SQL Injection

Exploit Title: WP AutoComplete 1.0.4 - Unauthenticated SQLi Date: 30/06/2023 Exploit Author: Matin nouriyan matitanium Version: = 1.0.4 CVE: CVE-2022-4297 Vendor Homepage: https://wordpress.org/support/plugin/wp-autosearch/ Tested on: Kali linux --------------------------------------- The WP...

9.8CVSS7.1AI score0.03595EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.176 views

AppleZeed CMS 2.0 SQL Injection

==================================================================================================================================== | Title : AppleZeed CMS v2.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 71.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.134 views

Adveris CMS 3.0 Cross Site Scripting

==================================================================================================================================== | Title : Adveris CMS v3.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.192 views

Advanced HRM 1.6 Insecure Direct Object Reference

==================================================================================================================================== | Title : Advanced HRM v1.6 Reset admin login Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 62.0.3 32-b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.145 views

ApnaTrademark CMS 2.5 SQL Injection

==================================================================================================================================== | Title : ApnaTrademark CMS V2.5 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.189 views

Car Rental Script 1.8 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.146 views

Active Super Shop 1.5.1 HTML Injection

==================================================================================================================================== | Title : Active super shop v1 5.1 HTML inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.161 views

Allhandsmarketing LMS 2.0 Cross Site Request Forgery

==================================================================================================================================== | Title : Allhandsmarketing LMS v2.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.174 views

ADMINA BULGARIA Ltd 1.0 Insecure Settings

==================================================================================================================================== | Title : ADMINA BULGARIA Ltd v 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.180 views

ArticleSetup Script CMS 1.02 Cross Site Request Forgery

==================================================================================================================================== | Title : ArticleSetup Script cms V1.02 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://articlesynergy.com/ ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.194 views

Allhandsmarketing LMS 2.0 Insecure Settings

==================================================================================================================================== | Title : Allhandsmarketing LMS v2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Total number of security vulnerabilities50738