Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2023/01/23 12:0 a.m.468 views

Active eCommerce CMS 6.5.0 Cross Site Scripting

Exploit Title: Active eCommerce CMS 6.5.0 - 'svg' Stored Cross-Site Scripting XSS Date: 19/01/2023 Exploit Author: Sajibe Kanti Vendor Name: ActiveITzone Vendor Homepage: https://activeitzone.com/ Software Link: https://codecanyon.net/item/active-ecommerce-cms/23471405 Version: 6.5.0 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/23 12:0 a.m.682 views

Food Ordering System 2 Shell Upload

Title: Food Ordering System v2 File upload Vulnerability + web-shell upload - RCE Author: nu11secur1ty Date: 01.23.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/23 12:0 a.m.312 views

Inout RealEstate 2.1.3 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.244 views

NetChess 2.1 Buffer Overflow

Exploit Title: NetChess2.1 Buffer Overflow SEH Date: 8/1/2022 Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.369 views

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

9.1CVSS0.01959EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.216 views

Inout Multi-Vendor Shopping Cart 3.2.3 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.367 views

ASKEY RTF3505VW-N1 Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.326 views

Solaris 10 dtprintinfo / libXm / libXpm Security Issues

-- HNS-2022-01 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Products: Common Desktop Environment 1.6, Motif 2.1, X.Org libXpm Date: 2023-01-18 Oracle vulnerability tracking numbers: S1597707 - Arbitrary printer...

7.5CVSS0.3AI score0.08052EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.221 views

Inout Multi-Vendor Shopping Cart 3.2.3 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.303 views

OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple post-authentication vulnerabilities including RCE product: OpenText™ Content Server component of OpenText™ Extended ECM vulnerable version: 16.2.2 - 22.3 fixed...

0.6AI score0.16972EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.577 views

Patient Record Management System 1.0 Authentication Bypass

Exploit Title: Patient Record Management System v1.0 - Authentication Bypass via PHP Loose Comparison Exploit Author: Joe Pollock Date: January 19, 2023 Vendor Homepage: https://www.sourcecodester.com/php/13505/patient-record-management-system.html Software Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/19 12:0 a.m.441 views

SLIMS 9.5.2 Cross Site Scripting

Title: SLIMS-9.5.2 - XSS Reflected - Account Exploit Development: nu11secur1ty Date: 01.19.2023 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.5.2 Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.219 views

PHP Hazir Haber Sitesi Scripti 3 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.215 views

Jettweb Ready Rent A Car Script 4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.267 views

Active Matrimonial CMS 3.6 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.289 views

WordPress WPtouch 3.7.5 Open Redirection

==================================================================================================================================== | Title : WordPress - WPtouch 3.7.5 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.393 views

Ivanti Cloud Services Appliance (CSA) Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Cloud Services Appliance CSA Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Ivanti...

9.8CVSS0.7AI score0.99105EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.426 views

Zstore 6.5.4 Cross Site Scripting

Title: zstore-6.5.4 - XSS-Reflected Development: nu11secur1ty Date: 01.18.2023 Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.240 views

KesionCMS X 1.5 Add Administrator

==================================================================================================================================== | Title : KesionCMS X1.5 Reinstall Add Admin Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 105.0.32-bit | |...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.254 views

Yazilimi Jettweb Haber 3 SQL Injection

==================================================================================================================================== | Title : yazılımı jettweb Haber V3 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-b...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.297 views

WordPress WPtouch 3.8.2 Open Redirection

==================================================================================================================================== | Title : WordPress -WPtouch 3.8.2 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.064-b...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.227 views

Chrome JSNativeContextSpecialization::BuildElementAccess Bypass

Chrome: Copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess VULNERABILITY DETAILS Copy-on-write is one of V8's internal optimization features that allows multiple JavaScript objects to share the same element store. This feature is primarily used to optimize creation of...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.332 views

Active eCommerce CMS 6.5.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.412 views

WordPress WPtouch Pro 3.0.9.1 Open Redirection

==================================================================================================================================== | Title : WordPress -WPtouch Pro 3.0.9.1 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.234 views

xcash 1.5 Insecure Settings

==================================================================================================================================== | Title : xcash V1.5 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.613 views

WordPress WPtouch 4.3.47 Open Redirection

==================================================================================================================================== | Title : WordPress - WPtouch 4.3.47 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/18 12:0 a.m.828 views

WordPress WPtouch Pro 3.3.4 Open Redirection

==================================================================================================================================== | Title : WordPress - WPtouch Pro: 3.3.4 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.250 views

Active Matrimonial CMS 3.5 Insecure Settings

==================================================================================================================================== | Title : Active Matrimonial CMS v3.5 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.202 views

BootCommerce 3.2.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.228 views

LISTSERV 17 Cross Site Scripting

Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting XSS Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-39195 A reflected cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote...

0.06314EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.264 views

LISTSERV 17 Insecure Direct Object Reference

Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-40319 Steps to replicate 1. Create two accounts on your LISTSERV 17 installation, logging into each one in ...

7.8AI score0.07195EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.243 views

BootCommerce 3.2.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.207 views

Yazilimi Jettweb 3 Cross Site Scripting

==================================================================================================================================== | Title : yazılımı jettweb Haber V3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/17 12:0 a.m.340 views

Citrix Workspace App For Linux 2212 Credential Leak

Citrix Linux client credential leak The Citrix Linux client emits its session credentials when starting a Citrix session. These credentials end up being recorded in the client's system log. Citrix do not consider this to be a security vulnerability. Software affected - Citrix Workspace App for...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.173 views

Infokart 1.1 SQL Injection

==================================================================================================================================== | Title : Infokart v1.1 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendo...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.162 views

Infobool 3.0 SQL Injection

==================================================================================================================================== | Title : Infobool v 3.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vend...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.220 views

Yuvan Education CRM 3.0 SQL Injection

==================================================================================================================================== | Title : Yuvan Education CRM v 3.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.177 views

Global Infotech CMS 1.0 SQL Injection

==================================================================================================================================== | Title : Global Infotech cms v 1.0 Sql injectioin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.223 views

KesionCMS X 1.5.160902 Insecure Settings

==================================================================================================================================== | Title : KesionCMS X 1.5.160902 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.233 views

Incrementer CMS 0.1 Insecure Settings

==================================================================================================================================== | Title : Incrementer CMS v0.1 Technology Solutions Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.258 views

Inlislite 3.2 Insecure Settings

==================================================================================================================================== | Title : Inlislite V3.2 Backdoor Account Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.223 views

WordPress Slider Revolution 3.0.8 Directory Traversal

==================================================================================================================================== | Title : WordPress - Slider Revolution 3.0.8 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.1516 views

Laravel 9.47.0 Information Disclosure

==================================================================================================================================== | Title : Laravel from Version 1.0 to 9.47.0 MySQL Credential Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.245 views

WordPress Profile Builder 3.0.5 SQL Injection

==================================================================================================================================== | Title : WordPress profile builder 3.0.5 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.202 views

Global Education And Technoworld 4.1 Backup Disclosure

==================================================================================================================================== | Title : GLOBAL EDUCATION & TECHNOWORLD Version 4.1 unauthorized backup download Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.10Pro /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.261 views

WordPress Slider Revolution 4.1.3 Directory Traversal

==================================================================================================================================== | Title : WordPress - Slider Revolution 4.1.3 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.223 views

WordPress Slider Revolution 4.6.5 Directory Traversal

==================================================================================================================================== | Title : WordPress - Slider Revolution 4.6.5 UpdateCaptionsCSS Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.933 views

WordPress Slider Revolution 4.x.x Shell Upload

================================================================================================= | Title : WordPress - Slider Revolution 4.x.x WordPress - arbitrary file upload exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.064-bit | |...

Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.241 views

Academy LMS 5.11 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Exploits0
Packet Storm
Packet Storm
added 2023/01/13 12:0 a.m.234 views

WebKit CSSCrossfadeValue::crossfadeChanged Use-After-Free

WebKit: Use-after-free of RenderMathMLToken in CSSCrossfadeValue::crossfadeChanged There is a use-after-free of a RenderMathMLToken object in CSSCrossfadeValue::crossfadeChanged. CSSCrossfadeValue extends CSSImageGeneratorValue. CSSImageGeneratorValue keeps a HashCountedSet of clients mclients of...

8.8CVSS8.8AI score0.34574EPSS
Exploits2
Total number of security vulnerabilities50748