Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/03/28 12:0 a.m.256 views

X-Skipper-Proxy 0.13.237 Server-Side Request Forgery

Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Date: 24/10/2022 Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580...

9.8CVSS9.4AI score0.11004EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/03/28 12:0 a.m.211 views

YouPHPTube 7.8 Local File Inclusion / Directory Traversal

Exploit Title: YouPHPTube getLanguage; if !empty$GET'lang' $GET'lang' = striptags$GET'lang'; $SESSION'language' = $GET'lang'; @includeonce "$global'systemRootPath'locale/$SESSION'language'.php"; The parameter "lang" can...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/28 12:0 a.m.239 views

SugarSync 4.1.3 Unquoted Service Path

Exploit Title: SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-20 Vendor Homepage: https://www1.sugarsync.com Software Link: https://www1.sugarsync.com/apps/windows/ Version : 4.1.3 Tested on: Windows 11 64bit CVE : N/A About...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.188 views

Aero CMS 0.0.1 Remote Shell Upload

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.219 views

MODX Revolution 2.8.3-pl Remote Code Execution

Exploit Title: MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 26th Feb'2022 CVE ID: CVE-2022-26149 Confirmed on release 2.8.3-pl Reference: https://github.com/sartlabs/0days/blob/main/Modx/Exploit.txt Vendor...

7.2CVSS7AI score0.09314EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.209 views

Composr-CMS 10.0.39 Remote Code Execution

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

8.8CVSS8.8AI score0.09183EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.153 views

Explorer32++ 1.3.5.531 Buffer Overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.171 views

Webgrind 1.1 Cross Site Scripting / Remote Code Execution

Exploit Title: Webgrind 1.1 - Reflected Cross-Site Scripting XSS & Remote Command Execution RCE Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://github.com/jokkedk/webgrind/ Software Link : http://github.com/jokkedk/webgrind/ Tested Version: 1.1 Tested on: Windows 1...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.242 views

Suprema BioStar 2 2.8.16 SQL Injection

Exploit Title: CVE-2023-27167 - Suprema BioStar 2 v2.8.16 - SQL Injection Date: 26/03/2023 Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link:...

6.5AI score0.07496EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.294 views

WebTareas 2.4 SQL Injection

Exploit Title: WebTareas 2.4 - SQL Injection Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on:...

9.8CVSS9.4AI score0.05452EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.134 views

Rental House Management System 1.0 Cross Site Scripting

Exploit Title: Rental House Management System - Reflected Cross-Site Scripting XSS Date: 25/03/2023 Exploit Author: İsmail Can Durna Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/admin/rentalhousemanagementsystem.zip...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.176 views

Aero CMS 0.0.1 SQL Injection

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.181 views

WebTareas 2.4 Cross Site Scripting

Exploit Title: WebTareas 2.4 - Reflected XSS Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Tested on:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.186 views

WebTareas 2.4 Remote Shell Upload

Exploit Title: WebTareas 2.4 - RCE Authorized Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.283 views

WordPress NEX-Forms SQL Injection

Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...

8.8CVSS8.8AI score0.10375EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.188 views

Google Chrome 109.0.5414.74 Unsafe Library Load

Vulnerability: Google Chrome code execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description Google chrome...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.121 views

FlatCore CMS 2.1.1 Cross Site Scripting

Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://flatcore.org/ Version: 2.1.1 Tested on: Windows & XAMPP == Tutorial http://HOST/install/index.php 2- Write XSS Payload into the username of the user account. 3- Pre...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.147 views

D-Link DNR-322L 2.60B15 Remote Code Execution

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.199 views

SimpleMachinesForum 2.1.1 Remote Code Execution

Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...

7.2CVSS7AI score0.09186EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.245 views

WiFi Mouse 1.8.3.2 Remote Code Execution

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.151 views

Tftpd32_SE 4.60 Unquoted Service Path

Exploit Title: Tftpd32SE 4.60 - 'Tftpd32svc' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 10-13-2022 Vendor Homepage: https://pjo2.github.io/tftpd64/ Software Links : https://bitbucket.org/phjounin/tftpd64/downloads/Tftpd32SE-4.60-setup.exe Tested Version: 4.60 Vulnerability...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.232 views

WordPress Translatepress Multilingual SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.199 views

Mediconta 3.7.27 Unquoted Service Path

Exploit Title: Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path Exploit Author: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.infonetsoftware.com Software Link : https://www.infonetsoftware.com/soft/instalarMedicontx.exe Tested Version: 3.7.27 Vulnerability...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.149 views

Frhed 1.6.0 Buffer Overflow

Exploit Title: Frhed Free hex editor v1.6.0 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://frhed.sourceforge.net/ Software Link : http://frhed.sourceforge.net/ Tested Version: 1.6.0 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.239 views

Fortinet 7.2.1 Authentication Bypass

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Date: 13/10/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from...

9.8CVSS9.4AI score0.99984EPSS
Exploits25
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.158 views

Atom CMS 2.0 SQL Injection

Exploit Title: Atom CMS v2.0 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Windows 10...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.179 views

ImpressCMS 1.4.3 SQL Injection

Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor:...

8.5CVSS7AI score0.04146EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.229 views

Grafana 6.2.4 HTML Injection

Exploit Title: Grafana Hello Best Regards, SimranJeet...

5.4CVSS5.7AI score0.51915EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.268 views

Zoneminder Log Injection / XSS / Cross Site Request Forgery

Exploit Title: Zoneminder v1.36.26 - Log Injection - CSRF Bypass - Stored Cross-Site Scripting XSS Date: 10/01/2022 Exploit Author: Trenches of IT Vendor Homepage: https://github.com/ZoneMinder/zoneminder Version: v1.36.26 Tested on: Linux/Windows CVE: CVE-2022-39285, CVE-2022-39290, CVE-2022-392...

8CVSS5.7AI score0.05444EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.164 views

Clansphere CMS 2011.4 Cross Site Scripting

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.181 views

Lavalite 9.0.0 Path Traversal

Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Date: 09.29.2022 Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.157 views

Gestionale Open 12.00.00 Unquoted Service Path

Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.231 views

Desktop Central 9.1.0 CRLF Injection / Server-Side Request Forgery

Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.203 views

Raspberry Pi Camera Server 1.0 Authentication Bypass

Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Date: 2022-07-25 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04...

9.8CVSS9.4AI score0.49201EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.195 views

Resource Hacker 3.6.0.92 Buffer Overflow

Exploit Title: Resource Hacker 3.6.0.92 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.angusj.com/resourcehacker/ Software Link : http://www.angusj.com/resourcehacker/ Tested Version: 3.6.0.92 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.158 views

Sysax Multi Server 6.95 Denial Of Service

Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.147 views

Hex Workshop 6.7 Buffer Overflow / Denial Of Service

Exploit Title: Hex Workshop v6.7 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.bpsoft.com, http://www.hexworkshop.com Software Link : http://www.bpsoft.com, http://www.hexworkshop.com Tested Version: v6.7 Tested on: Windows 10 CVSS v3: 7...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.189 views

Abantecart 1.3.2 Remote Code Execution

Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...

7.2CVSS7AI score0.09615EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.228 views

Scdbg 1.0 Denial Of Service

Exploit Title: Scdbg 1.0 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2021-06-13 Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 Software Link : https://github.com/dzzie/VSLIBEMU Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 Tested on: Windows ...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.209 views

WPN-XM Serverstack For Windows 0.8.6 XSS / LFI / Traversal

Exploit Title: WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://wpn-xm.org/ Software Link : https://github.com/WPN-XM/WPN-XM/ Tested Version: 0.8.6 Tested on: Windows 10 using XAMPP Vulnerability Type:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.320 views

eXtplorer 2.1.14 Authentication Bypass / Remote Code Execution

Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.302 views

NVFLARE Unsafe Deserialization

Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...

9.8CVSS6.3AI score0.08529EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.289 views

D-Link DIR 819 A1 Denial Of Service

Exploit Title: DLink DIR 819 A1 - Denial of Service Date: 30th September, 2022 Exploit Author: @whokilleddb https://twitter.com/whokilleddb Vendor Homepage: https://www.dlink.com/en/products/dir-819-wireless-ac750-dual-band-router Version: DIR-819 Firmware Version : 1.06 Hardware Version : A1...

7.6AI score0.07974EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.239 views

RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/RSANETWITNESSEDRAGENTINCORRECTACCESSCONTROLCVE-2022-47529.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor RSA Security www.netwitness.com Product NetWitness Endpoint...

6.7AI score0.0157EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.259 views

MAN-EAM-0003 3.2.4 XML Injection

Exploit Title: MAN-EAM-0003 V3.2.4 - XXE Date: 2022-09-19 Exploit Author: Ahmed Alroky Author: http://guralp.com/ Version: 3.2.4 Authentication Required: NO CVE : CVE-2022-38840 Google dork: " webconfig menu.cgi " Tested on: Windows Exploit 1 - browse to http:// name/cgi-bin/xmlstatus.cgi 2 - cli...

7.6AI score0.09803EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.281 views

Bitbucket 7.0.0 Remote Command Execution

Exploit Title: Bitbucket v7.0.0 - RCE Date: 09-23-2022 Exploit Author: khal4n1 Vendor Homepage: https://github.com/khal4n1 Tested on: Kali and ubuntu LTS 22.04 CVE : cve-2022-36804 The following exploit is used to exploit a vulnerability present Atlassian Bitbucket Server and Data Center 7.0.0...

8.8CVSS8.7AI score0.99174EPSS
Exploits24
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.251 views

Online Graduate Tracer System 1.0 SQL Injection

Exploit Title: Online Graduate Tracer System - Multiple SQLi Date: 24/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html Software Download:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.261 views

Linksys AX3200 1.1.00 Command Injection

Exploit Title: Linksys AX3200 V1.1.00 - Command Injection Date: 2022-09-19 Exploit Author: Ahmed Alroky Author: Linksys Version: 1.1.00 Authentication Required: YES CVE : CVE-2022-38841 Tested on: Windows Proof Of Concept: 1 - login into AX3200 webui 2 - go to diagnostics page 3 - put...

8.8AI score0.1067EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.256 views

Sales Tracker Management System 1.0 Cross Site Scripting

Exploit Title: Sales Tracker Management System - Cross Site Scripting Vulnerability Authenticated Date: 23/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link:...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.246 views

wkhtmltopdf 0.12.6 Server-Side Request Forgery

Exploit Title: wkhtmltopdf 0.12.6 - Server Side Request Forgery Date: 20/8/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wkhtmltopdf.org Software Link: https://wkhtmltopdf.org/downloads.html Version: 0.12.6 Tested on: Windows ASP.NET POST /PDF/FromHTML HTTP/1.1 Host:...

9.8CVSS9.4AI score0.11276EPSS
Exploits4
Total number of security vulnerabilities50738