Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.274 views

Coursela Personal Course Selling Website 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.252 views

WG Ticket 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.260 views

SystemK NVR 504/508/516 Command Injection

Exploit Title: SystemK NVR 504/508/516 Command Injection Exploit Author: Keniver Wang Publish Date: 19/06/2023 Date of found: 20/01/2021 Vendor: SystemK Vendor Homepage: https://nvr.bz/ Version: NVR 504/508/516 2.3.5SK.30084998 Greets: Weber Tsai CHT Security Description A Command Injection...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.258 views

Diafan CMS 6.0 Cross Site Scripting

Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.347 views

elearning-SES 1.0 Sql Injection

Title: elearning-SES by: oretnom23 v1.0 Multiple-SQLi Author: nu11secur1ty Date: 06.14.2023 Vendor: https://github.com/oretnom23 Software: https://github.com/oretnom23/php-elearning-system Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.297 views

Multirent Multivendor Equipment Rental 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.247 views

WordPress Google Maps 9.0.17 Backup Disclosure

==================================================================================================================================== | Title : WordPress - Google maps 9.0.17 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.331 views

WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass

On May 29, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in Tyche Softwares’s Abandoned Cart Lite for WooCommerce plugin, which is actively installed on more than 30,000 WordPress websites. This...

9.8CVSS7.1AI score0.41077EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/19 12:0 a.m.298 views

Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle

Microsoft® Lync™ Better Together over Ethernet BToE feature on Polycom® VVX® business media. phones enables you to control phone activity from your computer using your Lync client. The BToE feature enables you to place, answer, and hold audio and video calls from your Polycom VVX phone and your...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.277 views

WordPress Unyson 2.7.28 Backup Disclosure

==================================================================================================================================== | Title : WordPress - Unyson 2.7.28 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.400 views

Textpattern CMS 4.8.8 Command Injection

Exploit Title: Textpattern CMS v4.8.8 - Command Injection Authenticated Date: 2023-06-15 Exploit Author: tmrswrr Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/filedownload/118/textpattern-4.8.8.zip Version: v4.8.8 Tested : https://release-demo.textpattern.co/ --...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.302 views

Quickad Classified Ads CMS 10.4 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.306 views

QuickJob Portal 6.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.288 views

QuickHomes Real Estate CMS 1.3 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.332 views

Online Art Gallery Project 1.0 Arbitrary File Upload

Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.310 views

Quicklancer Freelance Marketplace 2.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.423 views

Instagram App 287.0.0.22.85 Denial Of Service

Exploit Title: Instagram App 287.0.0.22.85 - Denial of Service PoC Date: 2023-06-13 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.instagram.com Software Link: https://play.google.com/store/apps/details?id=com.instagram.android Version: 287.0.0.22.85 Tested on: Android 12 About Ap...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/16 12:0 a.m.453 views

WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass

Entering the URL in browser will give you access to the respective users account. If the wordpress admin user himself...

9.8CVSS7.1AI score0.41077EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.314 views

projectSend r1605 Cross Site Scripting

Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & P...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.304 views

QUICKAD CMS 7.3 Cross Site Request Forgery

==================================================================================================================================== | Title : QUICKAD CMS 7.3 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.281 views

phpFK 8.0 Cross Site Scripting

==================================================================================================================================== | Title : phpFK v8.0 version XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.321 views

projectSend r1605 CSV Injection

Exploit Title: projectSend r1605 - CSV injection Version: r1605 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Details & POC...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.271 views

Purle Devloper Panel 1.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Purle Devloper Panel ver 1.0 Unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.248 views

Rest-Cafe And Restaurant Website CMS 2.0.0 Insecure Settings

==================================================================================================================================== | Title : Rest-Cafe and Restaurant Website CMS 2.0.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.456 views

PyLoad 0.5.0 Remote Code Execution

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS7.1AI score0.96988EPSS
Exploits13
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.261 views

Ptclab 3.5 Insecure Settings

==================================================================================================================================== | Title : Ptclab V3.5 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.064-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.346 views

Sales Tracker Management System 1.0 HTML Injection

Exploit Title: Sales Tracker Management System v1.0 – Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...

7.1AI score0.02264EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.731 views

Symmetricom SyncServer Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Symmetricom SyncServer Unauthenticated Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection...

9.8CVSS7.1AI score0.92472EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.316 views

Teachers Record Management System 1.0 Validation Bypass

Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...

7.1AI score0.02556EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/14 12:0 a.m.298 views

Online Examination System Project 1.0 Cross Site Request Forgery

Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery CSRF Google Dork: n/a Date: 09/06/2023 Exploit Author: Ramil Mustafayev kryptohaker Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.330 views

Online Thesis Archiving System 1.0 SQL Injection

Title: OTAS - PHP by: oretnom23 v1.0 Multiple-SQLi Author: nu11secur1ty Date: 06.12.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Reference:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.275 views

Xoops CMS 2.5.10 Cross Site Scripting

Exploit Title: Xoops CMS Version 2.5.10 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-12 Exploit Author: tmrswrr Vendor Homepage: https://xoops.org/ Software https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 Version: 2.5.10 Tested : https://www.softaculous.com/apps/cms/Xoo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.250 views

Piyanas 0.1 Cross Site Request Forgery

==================================================================================================================================== | Title : Piyanas v0.1 User Login Page CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.276 views

ProLogin 1.9 Insecure Direct Object Reference

==================================================================================================================================== | Title : ProLogin V1.9 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.480 views

TerraMaster TOS 4.2.29 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'time' class MetasploitModule 'TerraMaster TOS 4.2.29 or lower - Unauthenticated RCE chaining CVE-2022-24990 and CVE-2022-24989',...

9.8CVSS7.1AI score0.8405EPSS
Exploits10
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.316 views

phpAnalyzer 2.0.4 Insecure Settings

==================================================================================================================================== | Title : phpAnalyzer v2.0.4 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.279 views

EasyAnswer 1.0.1 Cross Site Request Forgery

==================================================================================================================================== | Title : EasyAnswer version 1.0.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 114.0.164-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.295 views

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.5 Hardware revision: 1.1 SoapLive 2.4.0 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.259 views

Ormesson-Immobilier CMS 8 SQL Injection

==================================================================================================================================== | Title : Ormesson-immobilier cms v8 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.241 views

OmniCart 3.4.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.250 views

Pannres-Idence CMS 7.3 Cross Site Request Forgery

==================================================================================================================================== | Title : Pannres-idence CMS 7.3 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.276 views

Expert X Jobs Portal And Resume Builder 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.621 views

KesionCMS X 9.5 Add Administrator

==================================================================================================================================== | Title : KesionCMS X9.5 Reinstall Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 105.0.32-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.446 views

TerraMaster TOS 4.2.15 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'time' class MetasploitModule 'TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.', 'Description...

10CVSS7.1AI score0.15914EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.314 views

Anevia Flamingo XL/XS 3.6.x Default / Hardcoded Credentials

Anevia Flamingo XL/XS 3.6.x Default/Hard-coded Credentials Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.20, 3.2.9 Hardware revision 1.1, 1.0 SoapLive 2.4.1, 2.0.3 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.270 views

Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution

Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.20, 3.2.9 Hardware revision 1.1, 1.0 SoapLive 2.4.1, 2.0.3 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.252 views

PES Pro CMS 1.9.7 Add Administrator

==================================================================================================================================== | Title : PES Pro CMS - v1.9.7 Reinstall add admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.246 views

BB Machine Forum 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.237 views

LearnDesk 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.383 views

TerraMaster TOS 4.2.06 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TerraMaster TOS 4.2.06 or lower - Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated remote...

10CVSS7.1AI score0.96598EPSS
Exploits4
Total number of security vulnerabilities50738