Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2022/06/27 12:0 a.m.453 views

WordPress Weblizar 8.9 Code Execution

Exploit Title: WordPress Plugin Weblizar 8.9 - Backdoor Google Dork: 'wp-json/am-member/license' Exploit Author: Sobhan Mahmoodi Vendor Homepage: https://weblizar.com/plugins/school-management/ Version: 8.9 Tested on: windows/linux Vulnerable code: addaction 'restapiinit', function...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/27 12:0 a.m.248 views

Library Management System With QR Code 1.0 Shell Upload

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/27 12:0 a.m.412 views

Mailhog 1.0.1 Cross Site Scripting

Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/27 12:0 a.m.351 views

WordPress Simple Page Transition 1.4.1 Cross Site Scripting

Exploit Title: WordPress Plugin ‘Simple Page Transition’ - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/simple-page-transition/ Version: 1.4.1 Tested on: Firefox Contact me: [email protected]...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.261 views

Trojan-Mailfinder.Win32.VB.p MVID-2022-0616 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Mailfinder.Win32.VB.p Vulnerability: Insecure Permissions Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.267 views

Yashma Ransomware Builder 1.2 MVID-2022-0613 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/13e878ed7e547523cffc5728f6ba4190.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Yashma Ransomware Builder v1.2 Vulnerability: Insecure Permissions Description: The malwar...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.247 views

Backdoor.Win32.Shark.btu MVID-2022-0615 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Shark.btu Vulnerability: Insecure Permissions Description: The malware writ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/24 12:0 a.m.316 views

Backdoor.Win32.InfecDoor.17.c MVID-2022-0614 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.InfecDoor.17.c Vulnerability: Insecure Permissions Description: The malware...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/22 12:0 a.m.415 views

Zoo Management System 1.0 Cross Site Scripting

Exploit Title: Zoo Management System 1.0 - Reflected Cross-Site-Scripting XSS Date: 06/22/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15344/zoo-management-system-phpoop-free-source-code.html Version: 1...

0.00875EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/22 12:0 a.m.385 views

WordPress Download Manager 3.2.43 Cross Site Scripting

Exploit Title: Download Manager Cross-Site Scripting Date: 2022-06-16 Exploit Author : Andrea Bocchetti Vendor Homepage : https://wordpress.org/plugins/download-manager/ Version : = 3.2.43 Tested on: windows CVE : CVE-2022-2101 Description 1- Login in the plugin page 2- add the xss payload in the...

5.7AI score0.00846EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/21 12:0 a.m.353 views

SAP FRUN 2.00 / 3.00 Cross Site Scripting

Onapsis Security Advisory 2022-0003: Cross-Site Scripting XSS vulnerability in SAP Focused Run Real User Monitoring Impact on Business Impact depends on the victim's privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired...

6.1CVSS0.01383EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/06/21 12:0 a.m.582 views

SAP Fiori Launchpad Cross Site Scripting

Onapsis Security Advisory 2022-0005: Cross-Site Scripting XSS vulnerability in SAP Fiori launchpad Impact on Business Impact depends on the victim's privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired requests in the SAP...

6.1CVSS0.4AI score0.01383EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/06/21 12:0 a.m.355 views

SAP FRUN Simple Diagnostics Agent 1.0 Directory Traversal

Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Exposing the contents of a directory can lead to a disclosure of useful information for the attacker to devise exploits, such as creation times of files or any...

4CVSS3.9AI score0.02476EPSS
Exploits1
Packet Storm
Packet Storm
added 2022/06/21 12:0 a.m.365 views

SAP FRUN Simple Diagnostics Agent 1.0 Missing Authentication

Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Because the Simple Diagnostic Agent SDA handles several important configuration and critical credential information, a successful attack could lead to the control o...

7.8CVSS0.7AI score0.00508EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.472 views

Mitel 6800/6900 Series SIP Phones Backdoor Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-021 Product: Mitel 6800/6900 Series SIP Phones excluding 6970 Mitel 6900 Series IP MiNet Phones Manufacturer: Mitel Networks Corporation Affected Versions: Rel 5.1 SP8 5.1.0.8016 and earlier Rel 6.0 6.0.0.368 to 6.1 HF4...

7.2CVSS0.5AI score0.00739EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.447 views

phpIPAM 1.4.5 Remote Code Execution

Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...

Exploits0
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.376 views

Pandora FMS 7.0NG.742 Remote Code Execution

Exploit Title: Pandora FMS v7.0NG.742 - Remote Code Execution RCE Authenticated Date: 05/20/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pandorafms.com/ Software Link:...

7.2CVSS0.5AI score0.30254EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.354 views

SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross Site Scripting product: SIEMENS-SINEMA Remote Connect vulnerable version: =V3.0.1.0-01.01.00.02 fixed version: V3.1.0 CVE number: CVE-2022-29034 impact:...

6.7AI score0.28261EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.512 views

Chrome CVE-2022-1096 Incomplete Fix

Chrome: Incomplete fix for CVE-2022-1096 VULNERABILITY DETAILS The fix for https://crbug.com/1309225 has modified SetPropertyInternal to fall back to SetSuperProperty whenever a property access interceptor is encountered because SetSuperProperty is robust against possible side effects caused by...

9.2AI score0.24237EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.449 views

Gentics CMS 5.36.29 Cross Site Scripting / Deserialization

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable version: 5.36.29, see section below fixed version: 5.40.27, 5.41.15, 5.42.7,...

0.2AI score0.01132EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.312 views

SolarView Compact 6.00 Cross Site Scripting

Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...

0.2AI score
Exploits5
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.314 views

Sourcegraph Gitserver 3.36.3 Remote Code Execution

Exploit Title: Sourcegraph Gitserver 3.36.3 - Remote Code Execution RCE Date: 2022-06-10 Exploit Author: Altelus Vendor Homepage: https://about.sourcegraph.com/ Version: 3.63.3 Tested on: Linux CVE : CVE-2022-23642 Docker Container: sourcegraph/server:3.36.3 Sourcegraph prior to 3.37.0 has a remo...

8.8CVSS0.7431EPSS
Exploits8
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.279 views

SoftGuard SNMP Network Management Extension HTML Injection / File Download

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: SoftGuard SNMP Network Management Extension vulnerable version: SoftGuard Web SGW 5.1.5 fixed version: SoftGuard version 5.1.5 from...

6AI score0.01166EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.355 views

Algo 8028 Control Panel Remote Code Execution

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.315 views

Multi Language Pharmacy Management System 1.0 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Vendor: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Source:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.324 views

Lepin EP-KP001 KP001_V19 Authentication Bypass

Advisory ID: SYSS-2022-024 Product: EP-KP001 Manufacturer: Lepin Affected Versions: KP001V19 Tested Versions: KP001V19 Vulnerability Type: Violation of Secure Design Principles CWE-657 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-04-12 Solution Date: - Public Disclosure:...

4.6CVSS0.2AI score0.00506EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.1263 views

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components product: Nexans FTTO GigaSwitch industrial/office switches HW version 5 vulnerable version: See "Vulnerable /...

10CVSS0.2AI score0.94859EPSS
Exploits52
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.306 views

Old Age Home Management System 1.0 SQL Injection

Exploit Title: Old Age Home Management System 1.0 - SQLi Authentication Bypass Date: 12/06/2022 Exploit Author: twseptian Vendor Homepage: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/Old-Age-Home-MS-using-PHP.zip Versio...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.377 views

TP-Link AX50 Remote Code Execution

Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Date: 2022-06-08 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability...

8.8CVSS8.8AI score0.37199EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.381 views

HP LaserJet Professional M1210 MFP Series Receive Fax Service Unquoted Service Path

Exploit Title: HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path Date: 2022-06-06 Exploit Author: Ali Alipour Vendor Homepage: https://support.hp.com/us-en/document/c01998934 Software Link:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.266 views

Marval MSM 14.19.0.12476 Cross Site Request Forgery

Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.307 views

Zyxel Buffer Overflow / Format String / Command Injection

-- HNS-2022-02 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Zyxel zysh Products: Zyxel firewalls, AP controllers, and APs Author: Marco Ivaldi Date: 2022-06-07 CVE Names and Vendor CVSS Scores: CVE-2022-26531:...

7.8CVSS0.3AI score0.05805EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.259 views

Virtua Software Cobranca 12S SQL Injection

Exploit Title: Virtua Software Cobranca 12S - SQLi Shodan Query: http.favicon.hash:876876147 Date: 13/08/2021 Exploit Author: Luca Regne Vendor Homepage: https://www.virtuasoftware.com.br/ Software Link: https://www.virtuasoftware.com.br/downloads/Cobranca12S1308.exe Version: 12S Tested on: Windo...

7.5CVSS1AI score0.29667EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.508 views

Warehouse Management System 2022 SQL Injection

Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...

Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.256 views

Marval MSM 14.19.0.12476 Remote Code Execution

Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.408 views

JM-DATA ONU JF511-TV 1.0.67 / 1.0.62 / 1.0.55 XSS / CSRF / Open Redirect

JM-DATA ONU JF511-TV Multiple Remote Vulnerabilities Vendor: JM-DATA GmbH Product web page: https://www.jm-data.at Affected version: 1.0.67 1.0.62 1.0.55 Summary: This ONU is the perfect GEPON home and business gateway. It is an all-rounder in perfection. It can BRIDGE/NAT/RIP ROUTEND and COMBINE...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.382 views

Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Infiray IRAY-A8Z3 thermal camera vulnerable version: V1.0.957 fixed version: None CVE number: CVE-2022-31208, CVE-2022-31209,...

0.4AI score0.01489EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.359 views

Kitty 0.76.0.8 Stack Buffer Overflow

Exploit Title: Kitty 0.76.0.8 Stack Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2022-06-08 Vendor Homepage: http://www.9bis.net/kitty/index.html!index.md Software Link : https://www.fosshub.com/KiTTY.html?dwl=kittyportable-0.76.0.8.exe Tested Version: 0.76.0.8 Vulnerability Type...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/19 12:0 a.m.611 views

ChurchCRM 4.4.5 SQL Injection

Title: ChurchCRM 4.4.5 SQLi session hijacking L2 Author: nu11secur1ty Date: 05.11.2022 Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection PWN cookie...

7.2CVSS7AI score0.04968EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/06/10 12:0 a.m.272 views

WordPress Motopress Hotel Booking Lite 4.2.4 Cross Site Scripting

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Date: 2022-06-05 Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/08 12:0 a.m.263 views

WordPress Download Manager 3.2.42 Cross Site Scripting

Description: Reflected Cross-Site Scripting Affected Plugin: Download Manager Plugin Slug: download-manager Plugin Developer: codename065 Affected Versions: = 3.2.42 CVE ID: CVE-2022-1985 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Rafie Muhammad...

6.3AI score0.01138EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/06/08 12:0 a.m.966 views

Atlassian Confluence Namespace OGNL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Namespace OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence servers. A...

9.8CVSS9AI score0.99999EPSS
Exploits115
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.278 views

Ransom.Haron MVID-2022-0609 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/dedad693898bba0e4964e6c9a749d380.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Haron Vulnerability: Code Execution Description: Haron looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.388 views

Confluence OGNL Injection Remote Code Execution

!/usr/bin/python3 Exploit Title: Confluence Pre-Auth Remote Code Execution via OGNL Injection Google Dork: N/A Date: 06/006/2022 Exploit Author: h3v0x Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: All 7.4.17...

10AI score0.99999EPSS
Exploits75
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.324 views

Backdoor.Win32.Cabrotor.10.d MVID-2022-0612 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/40acf109fa9621eae6930ef18f804909.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cabrotor.10.d Vulnerability: Unauthenticated Remote Command Execution...

Exploits0
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.272 views

Trojan-Proxy.Win32.Symbab.o MVID-2022-0610 Heap Corruption

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/bffc519fbaf2d119bd307cd22368cdc7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Symbab.o Vulnerability: Heap Corruption Description: The malware listen...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.243 views

Trojan-Banker.Win32.Banbra.cyt MVID-2022-0611 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/e0f2bee25dd103d92e91e895e313ec34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Banker.Win32.Banbra.cyt Vulnerability: Insecure Permissions Description: The malwar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.229 views

Trojan-Banker.Win32.Banker.agzg MVID-2022-0608 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ef1e59148c9a902ae5454760aaab73fe.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Banker.Win32.Banker.agzg Vulnerability: Insecure Permissions Description: The malwa...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.401 views

Microsoft Office Word MSDTJS Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office Word MSDTJS', 'Description' = %q This module generates a malicious Microsoft Word document that when loaded, will leverage the...

9.3CVSS8.3AI score0.99374EPSS
Exploits62
Packet Storm
Packet Storm
added 2022/06/06 12:0 a.m.258 views

Korenix JetPort 5601V3 Backdoor Account

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Backdoor account product: Korenix JetPort 5601V3 vulnerable version: Firmware version 1.0 fixed version: None CVE number: CVE-2020-12501 impact: High homepage:...

9.8CVSS9.7AI score0.03298EPSS
Exploits7
Total number of security vulnerabilities50748