Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.335 views

PHPJabbers STIVA Blog Script 4.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.772 views

Adult Video Script 3.0 File Inclusion

==================================================================================================================================== | Title : Adult Video Script 3.0 RFI /LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.331 views

Adiscon LogAnalyzer 4.1.5 Cross Site Scripting

==================================================================================================================================== | Title : Adiscon LogAnalyzer V 4.1.5 Xss Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.335 views

Smart Office Web 20.28 Information Disclosure / Insecure Direct Object Reference

Exploit Title: Smart Office Web 20.28 - Remote Information Disclosure Unauthenticated Shodan Dork:: inurl:"https://www.shodan.io/search?query=smart+office" Date: 09/Dec/2022 Exploit Author: Tejas Nitin Pingulkar https://cvewalkthrough.com/ Vendor Homepage: https://smartofficepayroll.com/ Software...

7.5CVSS7.1AI score0.59407EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.355 views

Adapt Inventory Management System 1.0.0 SQL Injection

==================================================================================================================================== | Title : Adapt Inventory Management System 1.0.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.313 views

ACJWEB DESIGNER 1.0 Cross Site Scripting

======================================================================================| | Title : ACJWEB DESIGNER v 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor : [email protected] | | Drok :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.350 views

PHPJabbers Knowledge Base Builder 3.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.352 views

Advanced ASP Chat 2.0 Database Disclosure

==================================================================================================================================== | Title : Advanced ASP chat 2.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.329 views

PHPJabbers Forum Script 3.0 Persistent Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.761 views

MOVEit SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MOVEit SQL Injection vulnerability', 'Description' = %q This module exploits an SQL injection vulnerability in the MOVEit Transfer web applicatio...

9.8CVSS7.1AI score0.99934EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.343 views

PHPJabbers Forum Script 3.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/23 12:0 a.m.327 views

Active Newspaper 2.0 HTML Injection

==================================================================================================================================== | Title : Active Newspaper v2.0 HTML inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.294 views

HiSecOS 04.0.01 Privilege Escalation

Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Date: 21.06.2023 Exploit Author: dreizehnutters Vendor Homepage:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.271 views

ACJWEB DESIGNER 1.0 SQL Injection

======================================================================================| | Title : ACJWEB DESIGNER 1.0 - SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor : [email protected] | | Drok :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.334 views

WordPress BackUpWordPress 3.8 Backup Disclosure

==================================================================================================================================== | Title : WordPress BackUpWordPress 3.8 Plugins Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.358 views

Active Matrimonial CMS 1.4 HTML Injection

==================================================================================================================================== | Title : Active Matrimonial CMS v 1.4 HTML inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.325 views

Zstore 6.5.4 Database Disclosure

==================================================================================================================================== | Title : Zstore version 6.5.4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.379 views

Microsoft OneNote 2305 Build 16.0.16501.20074 Spoofing

Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Vulnerability Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...

6.5CVSS7.1AI score0.01649EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.330 views

Acon Architecture and Construction Website CMS 1.2 Insecure Settings

==================================================================================================================================== | Title : Acon - Architecture and Construction Website CMS v1.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.276 views

Ad Manager Pro 3.05 Backup Disclosure

==================================================================================================================================== | Title : Ad Manager Pro 3.05 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.363 views

Hospital Management System 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.258 views

PHP Mall 5.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.284 views

WordPress Super Socializer 7.13.52 Cross Site Scripting

Exploit Title: Super Socializer 7.13.52 - Reflected XSS Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=thechampsharingcount&urls%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E=https://www.google.com Date: 2023-06-20 Exploit Author: Amirhossein Bahramizadeh Category :...

7.1AI score0.05991EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.273 views

Talroo Jobs Script 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.293 views

3CX Open Standards Software IP PBX Thailand 2.0.3 Cross Site Scripting

==================================================================================================================================== | Title : 3CX Open Standards Software IP PBX Thailand v 2.0.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.340 views

WordPress BookIt 2.3.7 Authentication Bypass

On May 22, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in StylemixThemes’s BookIt plugin, which is actively installed on more than 10,000 WordPress websites. The vulnerability makes it possible for...

7.1AI score0.01914EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.256 views

Accent Microcomputers CMS 2.4 Directory Traversal

==================================================================================================================================== | Title : Accent Microcomputers CMS v 2.4 Directory Traversal Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : windows 10 Français V.P...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.307 views

PHP Online School 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.293 views

WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting

Exploit Title: WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting XSS Dork: inurl:/admin/views/admin.php Date: 2023-06-20 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage: https://wordpress.org/plugins/wp-sticky-social Version: 1.0.1...

8.8CVSS7.1AI score0.02304EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.246 views

PHP Car Dealer 3.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.281 views

A Cart 2.0 Database Disclosure

==================================================================================================================================== | Title : A cart 2.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.4334 views

SPIP 4.2.1 Remote Code Execution

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: SPIP v4.2.1 - Remote Code Execution Unauthenticated Google Dork: inurl:"/spip.php?page=login" Date: 19/06/2023 Exploit Author: nuts7 https://github.com/nuts7/CVE-2023-27372 Vendor Homepage: https://www.spip.net/ Software Link:...

9.8CVSS7.1AI score0.99637EPSS
Exploits23
Packet Storm
Packet Storm
added 2023/06/21 12:0 a.m.301 views

Nokia ASIKA 7.13.52 Private Key Disclosure

// Exploit Title: Nokia ASIKA 7.13.52 - Hard-coded private key disclosure // Date: 2023-06-20 // Exploit Author: Amirhossein Bahramizadeh // Category : Hardware // Vendor Homepage: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/ // Version: 7.13.52...

7.1AI score0.00956EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.282 views

Student Study Center Management System 1.0 Cross Site Scripting

Exploit Title: Student Study Center Management System v1.0 - Stored Cross-Site Scripting XSS Date of found: 12/05/2023 Exploit Author: VIVEK CHOUDHARY @sudovivek Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://phpgurukul.com Software Link:...

7.1AI score0.03663EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.332 views

WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism

Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...

8.1CVSS7.1AI score0.13625EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.291 views

NetArt Media Blog LITE 2.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.278 views

Groomify 1.0 SQL Injection

Exploit Title: Groomify v1.0 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/groomify-barbershop-salon-spa-booking-and-ecommerce-platform/45808114 Demo Site: https://script.bugfinder.net/groomify Tested on: Kali Linux CVE: N/A Vulnerable URL...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.299 views

WordPress Kero jQuery/HTML Dashboard PRO 2.3.86 SQL Injection

==================================================================================================================================== | Title : WordPress - Kero jQuery/HTML Dashboard PRO Auth BY pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.283 views

Jobpilot 2.61 SQL Injection

Exploit Title: Jobpilot v2.61 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.268 views

NetArt Media PHP Hotel Site 2.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.285 views

The Shop 2.5 SQL Injection

Exploit Title: The Shop v2.5 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.835 views

Tenda AC6 AC1200 15.03.06.50_multi Cross Site Scripting

Exploit Title: Stored Cross-Site scripting in the Tenda router via the deviceId parameter in the Parental Control module Google Dork: None. Date: Aug-30-2022 Exploit Author: 0x783 Vendor Homepage: https://tendacn.com/default.html Software Link: https://www.tendacn.com/product/download/AC6.html...

7.1AI score0.00479EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.333 views

Symantec SiteMinder WebAgent 12.52 Cross Site Scripting

Exploit Title: Symantec SiteMinder WebAgent v12.52 - Cross-site scripting XSS Google Dork: N/A Date: 18-06-2023 Exploit Author: Harshit Joshi Vendor Homepage: https://community.broadcom.com/home Software Link: https://www.broadcom.com/products/identity/siteminder Version: 12.52 Tested on: Linux,...

6.1CVSS7.1AI score0.03083EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.278 views

WordPress File Manager Pro 8.3.1 Backup Disclosure

==================================================================================================================================== | Title : WordPress - file manager pro 8.3.1 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.356 views

RentEquip Multipurpose Rental 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.267 views

BBoard Forum 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.391 views

Evento Multivendor Event Ticket Booking 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.331 views

WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass

On May 29, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in Tyche Softwares’s Abandoned Cart Lite for WooCommerce plugin, which is actively installed on more than 30,000 WordPress websites. This...

9.8CVSS7.1AI score0.42814EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.297 views

Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle

Microsoft® Lync™ Better Together over Ethernet BToE feature on Polycom® VVX® business media. phones enables you to control phone activity from your computer using your Lync client. The BToE feature enables you to place, answer, and hold audio and video calls from your Polycom VVX phone and your...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.281 views

WordPress Envato 2.0.7 Backup Disclosure

==================================================================================================================================== | Title : WordPress - Envato Plugin 2.0.7 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

7.1AI score
Exploits0
Total number of security vulnerabilities50738