Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.237 views

Provide Server 14.4 XSS / Cross Site Request Forgery / Code Execution

Provide Server v. 14.4 CVE-2023-23286 Vulnerabilities: CWE-79: Improper Neutralization of Input During Web Page Generation Unauthenticated stored XSS in server-log delivered via username field from login-form CWE-352: Cross-Site Request Forgery CSRF-token exposed in javascript, making it possible...

6.1CVSS6.4AI score0.02628EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.435 views

GNU screen 4.9.0 Privilege Escalation

Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...

6.5AI score0.0054EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.696 views

Binwalk 2.3.2 Remote Command Execution

Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...

7.8CVSS7.6AI score0.21845EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.281 views

Mitel MiCollab AWV 8.1.2.4 / 9.1.3 Directory Traversal / LFI

Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Date: 2022-10-14 Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...

5.3CVSS5.6AI score0.45241EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.378 views

Apache Tomcat 10.1 Denial Of Service

Exploit Title: Apache Tomcat 10.1 - Denial Of Service Google Dork: N/A Date: 13/07/2022 Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE :...

7.5CVSS7.7AI score0.71653EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.287 views

POLR URL 2.3.0 Shortener Admin Takeover

Exploit Title: POLR URL 2.3.0 - Shortener Admin Takeover Date: 2021-02-01 Exploit Author: p4kl0nc4t Vendor Homepage: - Software Link: https://github.com/cydrobolt/polr Version: 2.3.0 Tested on: Linux CVE : CVE-2021-21276 import json import requests payload = 'acctusername': 'admin', 'acctpassword...

9.3CVSS9.3AI score0.07164EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.304 views

Responsive FileManager 9.9.5 Remote Shell Upload

Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Date: 02-Feb-2023 Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip...

8.8CVSS8.8AI score0.08627EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.317 views

Dompdf 1.2.1 Remote Code Execution

!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...

9.8CVSS9.4AI score0.82438EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.232 views

FileZilla Client 3.63.1 DLL Hijacking

--------------------------------------------------------- Title: FileZilla Client 3.63.1 - 'TextShaping.dl' DLL Hijacking Date: 2023-02-14 Author: Bilal Qureshi Vendor: https://filezilla-project.org/ Version: 3.63.1 Tested on: Windows 10 Pro 64-bit 10.0, Build 19044...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.244 views

modoboa 2.0.4 Admin Takeover

/ Exploit Title: modoboa 2.0.4 - Admin TakeOver Description: Authentication Bypass by Primary Weakness Date: 02/10/2023 Software Link: https://github.com/modoboa/modoboa Version: modoboa/modoboa prior to 2.0.4 Tested on: Arch Linux Exploit Author: 7h3h4ckv157 CVE: CVE-2023-0777 / package main...

9.8CVSS9.4AI score0.15088EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.216 views

PhotoShow 3.0 Remote Code Execution

Exploit Title: PhotoShow 3.0 - Remote Code Execution Date: January 11, 2023 Exploit Author: LSCP Responsible Disclosure Lab Detailed Bug Description: https://lscp.llc/index.php/2021/07/19/how-white-box-hacking-works-remote-code-execution-and-stored-xss-in-photoshow-3-0/ Vendor Homepage:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.223 views

Bus Pass Management System 1.0 Cross Site Scripting

Exploit Title: Bus Pass Management System 1.0 - Stored Cross-Site Scripting XSS Date: 2021-09-17 Exploit Author: Matteo Conti - https://deltaspike.io Vendor Homepage: https://phpgurukul.com/ Software Link:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.270 views

D-Link DIR-846 Remote Command Execution

Exploit Title: D-Link DIR-846 - Remote Command Execution RCE vulnerability Google Dork: NA Date: 30/01/2023 Exploit Author: Françoa Taffarel Vendor Homepage:...

8.8CVSS8.8AI score0.10503EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.283 views

Liferay Portal 6.2.5 Insecure Permissions

Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/ Date: 2021/05 Exploit Author: fu2x2000 Version: Liferay Portal 6.2.5 or later CVE : CVE-2021-33990 import requests import json print " Search this on Google Dork for...

9.4AI score0.11915EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.258 views

Uptime Kuma 1.19.6 Cross Site Scripting

Exploit Title: Stored XSS in uptime-kuma ""alert"XSS" If anyone loads the page, the javascript inside the script tag will be executed...

6.5AI score0.00681EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.241 views

Sales Tracker Management System 1.0 Insecure Direct Object Reference

Exploit Title: Sales Tracker Management System v1.0 - Sensitive information disclosure CVE: CVE-2023-26774 Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...

7.7AI score0.01431EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.246 views

Calendar Event Multi View 1.4.07 Cross Site Scripting

Exploit Title: Calendar Event Multi View 1.4.07 - Unauthenticated Arbitrary Event Creation to Cross-Site Scripting XSS Date: 2022-05-25 Exploit Author: Mostafa Farzaneh WPScan page: https://wpscan.com/vulnerability/95f92062-08ce-478a-a2bc-6d026adf657c Vendor Homepage:...

4.3CVSS5.1AI score0.02179EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.224 views

projectSend r1605 Remote Code Execution

Exploit Title: projectSend r1605 - Remote Code Exectution RCE Application: projectSend Version: r1605 Bugs: rce via file extension manipulation Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 26-01-2023 Author: Mirabbas Ağalarov...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.253 views

Monitorr 1.7.6 Cross Site Scripting

Exploit Title: Monitorr v1.7.6 - Cross Site Scripting CVE: CVE-2023-26776 Exploit Author: Achuth V P retrymp3 Date: February 09, 2023 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description: Cross Site...

6.5AI score0.01179EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.257 views

Pentaho BA Server EE 9.3.0.0-428 Server-Side Template Injection / Remote Code Execution

Title: Pentaho BA Server EE 9.3.0.0-428 - RCE via Server-Side Template Injection Unauthenticated Author: dwbzn Date: 2022-04-04 Vendor: https://www.hitachivantara.com/ Software Link: https://www.hitachivantara.com/en-us/products/lumada-dataops/data-integration-analytics/download-pentaho.html...

8.4AI score0.9767EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.265 views

Kardex Mlog MCC 5.7.12 Remote Code Execution

!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...

9.8CVSS9.4AI score0.14832EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.389 views

Sales Tracker Management System 1.0 Cross Site Scripting

Exploit Title: Sales Tracker Management System v1.0 - One click account takeover XSS Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 CVE: CVE-2023-26773 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...

6.5AI score0.00878EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.263 views

Citrix 22.2.1.103 / 23.1.1.11 Local Privilege Escalation

//Discovered by:: TOUHAMI KASBAOUI - VXREMALWARE //Discover date : 25/03/2023 //Reported to Citrix: 25/03/2023 //Tested Version: 22.2.1.103, 23.1.1.11/Last version //Exploit: https://github.com/sqrtZeroKnowledge/CitrixSecureAccessLPE0DAY define UNICODE define UNICODE include include include inclu...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.247 views

Roxy WI 6.1.0.0 Remote Code Execution

ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...

10CVSS9.4AI score0.90387EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.250 views

GLPI Glpiinventory 1.0.1 Local File Inclusion

ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

5.3CVSS5.6AI score0.05497EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.262 views

Splashtop 8.71.12001.0 Unquoted Service Path

Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path Date: 12/20/2022 Exploit Author: A.I. hernandez Version: 8.71.12001.0 Vendor Homepage: https://www.splashtop.com Version: current version Tested on: Windows 10 21H2 Step to discover Unquoted Service Path: C:\wmic service get...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.228 views

Art Gallery Management System Project 1.0 SQL Injection

Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection sqli Unauthenticated Date: 20/01/2023 Exploit Author: Rahul Patwari Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip Version: 1.0 Tested on: XAMPP / Windows 10 C...

9.8CVSS9.4AI score0.04379EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.337 views

ManageEngine Access Manager Plus 4.3.0 Path Traversal

Exploit Title: ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Author: nu11secur1ty Date: 11.22.2023 Vendor: https://www.manageengine.com/ Software: https://www.manageengine.com/privileged-session-management/download.html Reference:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.242 views

HotKey Clipboard 2.1.0.6 Unquoted Service Path

Exploit Title: HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Date: 2023/01/17 Exploit Author : Wim Jaap van Vliet Vendor Homepage: www.clevo.com.tw Software Link: https://enstrong.blob.core.windows.net/en-driver/PDXXPNX1/Others/CC301006.zip Version: 2.1.0.6 Tested on:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.907 views

sudo 1.9.12p1 Privilege Escalation

!/usr/bin/env bash Exploit Title: sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit Author: n3m1.sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: https://www.sudo.ws/ Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz Version: 1.8.0 to 1.9.12p1 Tested on: Ubuntu Server 22.0...

7.8CVSS7.9AI score0.55367EPSS
Exploits20
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.257 views

NetIQ / Microfocus Performance Endpoint 5.1 Remote Root / SYSTEM

/ Exploit Title: NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit Date: Jun 2007 Exploit Author: mu-b Vendor Homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management Version: All Tested on: Windows / Solaris x86/SPARC CVE : 0day endpoint-pown-uni.c...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.357 views

MyBB 1.8.32 Remote Code Execution

Exploit Title: MyBB 1.8.32 - Chained LFI Remote Code Execution RCE Authenticated Date: 2023-01-19 Exploit Author: lUc1f3r11 https://github.com/FDlucifer Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1832 Version: MyBB 1.8.32 Tested on: Linux CVE :...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.232 views

perfSONAR 4.4.5 Cross Site Request Forgery

Exploit Title: perfSONAR v4.4.5 - Partial Blind CSRF Link: https://github.com/perfsonar/ Affected Versions: v4.x = v4.4.5 Vulnerability Type: Partial Blind CSRF Discovered by: Ryan Moore CVE: CVE-2022-41413 Summary A partial blind CSRF vulnerability exists in perfSONAR v4.x = v4.4.5 within the...

4.3CVSS5.1AI score0.01991EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.312 views

WordPress Paid Memberships Pro 2.9.8 SQL Injection

!/usr/bin/env python Exploit Title: Paid Memberships Pro v2.9.8 WordPress Plugin - Unauthenticated SQL Injection Exploit Author: r3nt0n CVE: CVE-2023-23488 Date: 2023/01/24 Vulnerability discovered by Joshua Martinelle Vendor Homepage: https://www.paidmembershipspro.com Software Link:...

9.8CVSS9.4AI score0.9246EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.351 views

ChatGPT Cross Site Scripting

Exploit Title: ChatGPT OpenAI - Cross-Site Scripting XSS Vulnerability. Date: 25/03/2023 Vendor Homepage: https://openai.com/ Exploit Author: Miguel Segovia Software Link: https://chat.openai.com/chat CVE : Requested N/A Description: A reflected Cross-Site Scripting XSS vulnerability has been...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.228 views

AimOne Video Converter 2.04 Build 103 Buffer Overflow / Denial Of Service

Title: AimOne Video Converter V2.04 Build 103 - Buffer Overflow DoS Author: nu11secur1ty Date: 01.05.2023 Vendor: https://aimone-video-converter.software.informer.com/, http://www.aimonesoft.com/ Software: https://aimone-video-converter.software.informer.com/download/?ca85d0 Reference: Descriptio...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.219 views

ELSI Smart Floor 3.3.3 Cross Site Scripting

Exploit Title: ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting XSS Date: 12/09/2022 Exploit Author: Rob, CTRL Group Vendor Homepage: marigroup.com Version: V3.3.3 and under Tested on: Windows IIS all versions CVE : CVE-2022-35543 “Stored Cross-Site Scripting” Vulnerability within the Elsi...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.341 views

TP-Link TL-WR902AC Remote Code Execution

!/usr/bin/python3 Exploit Title: TP-Link TL-WR902AC firmware 210730 V3 - Remote Code Execution RCE Authenticated Exploit Author: Tobias Müller Date: 2022-12-01 Version: TL-WR902ACEUV30.9.1 Build 220329 Vendor Homepage: https://www.tp-link.com/ Tested On: TP-Link TL-WR902AC Vulnerability...

8.8CVSS8.8AI score0.33482EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.1089 views

XCMS 1.83 Remote Command Execution

Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: [email protected] Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.298 views

Roxy WI 6.1.1.0 Remote Code Execution

ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution RCE via sslcert Upload Date of found: 21 July 2022 Application: Roxy WI .oastify.com;...

10CVSS9.4AI score0.90387EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.413 views

WordPress File Manager 6.9 Shell Upload

!/usr/bin/env Exploit Title: WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE Date: 22-01-2023 Exploit Author: BLY Vendor Homepage: https://wpscan.com/vulnerability/10389 Version: File Manager plugin 6.0-6.9 Tested on: Debian CVE : CVE-2020-25213 import...

10CVSS9.4AI score0.97328EPSS
Exploits14
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.229 views

Microsoft Exchange Active Directory Topology 15.02.1118.007 Unquoted Service Path

Exploit Title: Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-01-18 Vendor : Microsoft Version : 15.02.1118.007 Tested on OS: Microsoft Exchange Server 2019 CU12 PoC :...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.200 views

Online Pizza Ordering 1.0 Shell Upload

Title: Online-Pizza-Ordering-1.0 File-Inclusion-RCE Author: nu11secur1ty Date: 03.30.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference: https://portswigger.net/web-security/file-upload...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.210 views

WordPress Accessibility Help Button 1.1 Cross Site Scripting

Exploit Title: WordPress Plugin Accessibility Help Button – Stored Cross Site Scripting. Date: 2-04-2023 Exploit Author: Taliya Bilal- NightHawk Vendor Homepage: https://wordpress.com/plugins/accessibility-help-button Version: 1.1 Tested on: Firefox Contact me: [email protected] Steps to...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.323 views

Reprise Software RLM 14.2BL4 Cross Site Scripting

Exploit Title: Reprise Software RLM v14.2BL4 - Cross-Site Scripting XSS Exploit Author: Mohammed A.Siledar Author Company : reprisesoftware Version: rlm.v14.2BL4 Vendor home page : https://reprisesoftware.com Software Link:...

6.1CVSS6.4AI score0.02527EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.222 views

GLPI Manageentities Local File Inclusion

ADVISORY INFORMATION Exploit Title: GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin Date of found: 11 Jun 2022 Application: GLPI Manageentities 4.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

7.6AI score0.06715EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.209 views

Chromacam 4.0.3.0 Unquoted Service Path

Exploit Title: Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path Exploit Author: Laguin Benjamin MONK-MODE Discovery Date: 2023-19-01 Vendor Homepage: https://personifyinc.com/ Software Link: https://personifyinc.com/download/chromacam Tested Version: Chromacam-4.0.3.0 Vulnerabilit...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.280 views

WordPress Metform Elementor Contact Form Builder 3.1.2 Cross Site Scripting

Exploit Title: Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting XSS Google Dork: inurl:metform-form intext:textarea|message Date: 14/01/2023 Exploit Author: Mohammed Chemouri https://de.linkedin.com/in/chemouri Vendor Homepage:...

7.2CVSS6.4AI score0.28565EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.289 views

Roxy WI 6.1.0.0 Improper Authentication Control

Exploit Title: Roxy WI v6.1.0.0 - Improper Authentication Control Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...

10CVSS9.4AI score0.90387EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.217 views

Art Gallery Management System Project 1.0 Cross Site Scripting

Exploit Title: Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting XSS Date: 20/01/2023 Exploit Author: Rahul Patwari Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip Version: 1.0 Tested on: XAMPP / Windows 10 C...

6.1CVSS6.4AI score0.0591EPSS
Exploits4
Total number of security vulnerabilities50748