Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.212 views

MiniDVBLinux 5.4 Change Root Password

MiniDVBLinux 5.4 Change Root Password PoC Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.257 views

Webile 1.0.1 Directory Traversal

Document Title: =============== Webile v1.0.1 - Directory Traversal Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2320 Release Date: ============= 2022-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 232...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.240 views

WordPress Photo Gallery 1.8.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.198 views

MiniDVBLinux 5.4 Arbitrary File Read

!/usr/bin/env python3 MiniDVBLinux 5.4 Arbitrary File Read Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Vide...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.240 views

WordPress ImageMagick-Engine 1.7.4 Remote Code Execution

Exploit Title: Wordpress Plugin ImageMagick-Engine 1.7.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:"/wp-content/plugins/imagemagick-engine/" Date: Thursday, September 1, 2022 Exploit Author: ABDO10 Vendor Homepage: https://wordpress.org/plugins/imagemagick-engine/ Software Link...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.211 views

MiniDVBLinux 5.4 Unauthenticated Stream Disclosure

MiniDVBLinux 5.4 Unauthenticated Stream Disclosure Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: /dev/null -------------------------------------------------------------------- Tested on: MiniDVBLinux 5.4 BusyBox v1.25.1 Architecture: armhf,...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.237 views

MapTool 1.11.5 Cross Site Scripting

Document Title: =============== MapTool v1.11.5 - Cross Site Scripting Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2319 Release Date: ============= 2022-10-11 Vulnerability Laboratory ID VL-ID: ==================================== 23...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.342 views

pfSense pfBlockerNG 2.1.4_26 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense plugin pfBlockerNG unauthenticated RCE as root', 'Description' = %q pfBlockerNG is a popular pfSense plugin that is not installed by...

9.8CVSS0.86446EPSS
Exploits14
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.240 views

Knap Advanced PHP Login 3.1.3 Cross Site Scripting

Document Title: =============== Knap APL v3.1.3 - Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2307 Release Date: ============= 2022-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 230...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.215 views

Backdoor.Win32.Redkod.d MVID-2022-0649 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/bb309bdd071d5733efefe940a89fcbe8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Redkod.d Vulnerability: Weak Hardcoded Credentials Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.218 views

MiniDVBLinux 5.4 Remote Root Command Injection

!/usr/bin/env python3 MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based o...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.229 views

Stripe Green Downloads 2.03 Cross Site Scripting

Document Title: =============== Stripe Green Downloads 2.03 - Cross Site Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2287 Release Date: ============= 2022-10-17 Vulnerability Laboratory ID VL-ID: ===================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.251 views

MapTool 1.11.5 Denial Of Service

Document Title: =============== MapTool v1.11.5 - Denial of Service Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2318 Release Date: ============= 2022-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 2318...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.189 views

Joomla Vik Appointments 1.7.3 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.291 views

Backdoor.Win32.DarkSky.23 MVID-2022-0648 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1164ef21ef2af97e0339359c0dce5e7d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkSky.23 Vulnerability: Remote Stack Buffer Overflow SEH Description: The...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.664 views

Vicidial 2.14-783a Cross Site Scripting

Document Title: =============== Vicidial v2.14-783a - Multiple XSS Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2311 Release Date: ============= 2022-10-11 Vulnerability Laboratory ID VL-ID: ==================================== 23...

Exploits0
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.331 views

Spring Cloud Gateway 3.1.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Gateway Remote Code Execution', 'Description' = %q This module exploits an unauthenticated remote code execution vulnerability in...

10CVSS0.2AI score0.98253EPSS
Exploits54
Packet Storm
Packet Storm
added 2022/10/14 12:0 a.m.131 views

Joomla OSG Courts Reservation 1.4.9 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/14 12:0 a.m.136 views

Intelbras WiFiber 120AC inMesh 1.1-220216 Command Injection

CyberDanube Security Research 20221009-0 ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Intelbras WiFiber 120AC inMesh vulnerable version| 1.1-220216 fixed version| 1-1-220826 CVE number| impact| High homepage|...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.236 views

WordPress / Joomla JReviews 4.1.5 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.245 views

WordPress eCommerce Product Catalog 3.0.70 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.271 views

Web Based Student Clearance 1.0 Shell Upload

Exploit Title: Web Based Student Clearance 1.0 - Unrestricted File Upload leads to Remote Code Execution Authenticated Date: 08-10-2022 Exploit Author: Akash Pandey L3V1ATH0N Vendor Homepage: https://www.sourcecodester.com/php/15627/web-based-student-clearance-system.html Software Link:...

6.9AI score0.00512EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.334 views

Online Shopping System Advanced 1.0 SQL Injection

The online-shopping-system-advanced-1.0 suffers from multiple SQLi The attacker can steal all information from the database of this system. Status: CRITICAL + Exploit: MYSQL Parameter: cid POST Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause NOT Payload:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.261 views

Joomla Vik Rent Car 1.14 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/10 12:0 a.m.255 views

Zentao Project Management System 17.0 Remote Code Execution

Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution Exploit Author: mister0xf Date: 2022-10-8 Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit Tested...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/07 12:0 a.m.373 views

WordPress Zephyr Project Manager 3.2.42 SQL Injection

Exploit Title: Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi Date: 14-08-2022 Exploit Author: Rizacan Tufan Blog Post: https://rizax.blog/blog/wordpress-plugin-zephyr-project-manager-multiple-sqli-authenticated Software Link: https://wordpress.org/plugins/zephyr-project-manager/...

9.8CVSS0.4AI score0.09675EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/10/07 12:0 a.m.223 views

Joomla Vik Booking 1.15.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/06 12:0 a.m.249 views

Joomla KSAdvertiser 2.5.37 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/06 12:0 a.m.237 views

Joomla JoomBri Freelance 4.5.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Exploits0
Packet Storm
Packet Storm
added 2022/10/06 12:0 a.m.235 views

Joomla JoomBri Careers 3.3.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.377 views

Canteen Management 1.0-2022 Cross Site Scripting

Title: Canteen-Management-1.0-2022 suffers from XSS-Reflected Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

Exploits0
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.314 views

Remote Mouse 4.110 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Mouse RCE', 'Description' = %q This module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it...

0.02044EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/10/05 12:0 a.m.392 views

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubuntu Enlightenment Mount Priv Esc', 'Description' = %q This module exploits a command injection within Enlightenment's enlightenmentsys binary...

0.8AI score0.05486EPSS
Exploits15
Packet Storm
Packet Storm
added 2022/10/04 12:0 a.m.337 views

WordPress Elementor 3.6.2 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Elementor Authenticated Upload Remote Code Execution', 'Description' = %q The WordPress plugin Elementor versions 3.6.0 - 3.6.2,...

8.8CVSS8.8AI score0.92943EPSS
Exploits10
Packet Storm
Packet Storm
added 2022/10/04 12:0 a.m.313 views

WordPress WPvivid Backup Path Traversal

===== Tempest Security Intelligence - ADV-15/2022 ========================== Wordpress plugin - WPvivid Backup - Version 0.9.76 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview...

4.9CVSS5.2AI score0.18147EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/10/04 12:0 a.m.243 views

Joomla RAXO All-Mode PRO 2.01 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/04 12:0 a.m.251 views

Joomla Solidres 2.12.9 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/04 12:0 a.m.251 views

Canteen Management 1.0-2022 SQL Injection

Title: Canteen-Management1.0-2022 SQLi Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.243 views

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting

Chrome: Universal XSS in Autofill Assistant VULNERABILITY DETAILS From the Autofill Assistant README file1: Autofill Assistant is an execution engine to run user journeys on websites given a set of actions. These actions include clicking on buttons or scrolling to an element. They also provide a...

Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.228 views

Joomla Easy Shop 1.4.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.192 views

Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.272 views

Joomla JUX Charity Hub 1.0.4 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.195 views

Backdoor.Win32.NTRC MVID-2022-0646 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/273fd3f33279cc9c0378a49cf63d7a06.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NTRC Vulnerability: Weak Hardcoded Credentials Family: NTRC Type: PE32 MD5:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.226 views

Backdoor.Win32.Delf.eg MVID-2022-0647 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/de6220a8e8fcbbee9763fb10e0ca23d7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.eg Vulnerability: Unauthenticated Remote Command Execution Description...

Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.239 views

Password Manager For IIS 2.0 Cross Site Scripting

Exploit Title: XSS Exploit Author: VP4TR10T Vendor Homepage:http://passwordmanager.adiscon.com/en/manual/ Software Link:http://passwordmanager.adiscon.com/ Version: Version 2.0 Tested on: WINDOWS CVE : CVE-2022-36664 Affected URI when trying to change user password: POST /isapi/PasswordManager.dl...

6.5AI score0.03767EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.238 views

Joomla Rentalot Plus 19.05 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.263 views

Joomla MarvikShop ShoppingCart 3.4 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

1.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.301 views

Joomla JKassa ShoppingCart 2.0.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/01 12:0 a.m.211 views

GuppY CMS 6.00.10 Shell Upload

Exploit Title: GuppY 6.00.10 CMS Remote Code Execution Date: Sep 30, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.freeguppy.org/ Software Link: https://www.freeguppy.org/fgy6dn.php?lng=en&pg=279927&tconfig=0z2 Version: 6.00.10 Tested on: Linux !/usr/bin/php ?php $username =...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/01 12:0 a.m.229 views

ZKSecurity BIO 4.1.2 SQL Injection / Code Execution

ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...

0.4AI score0.16583EPSS
Exploits3
Total number of security vulnerabilities50748