Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.234 views

Microfinance Management System 1.0 SQL Injection

Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Date: 2022-25-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link:...

9.8CVSS0.2AI score0.13829EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.297 views

MyBB 1.8.29 Remote Code Execution

Exploit Title: MyBB 1.8.29 - Remote Code Execution RCE Authenticated Date: 2022-05-08 Exploit Author: Altelus Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1829 Version: MyBB 1.8.29 Tested on: Linux CVE : CVE-2022-24734 An RCE can be obtained on...

7.2CVSS7AI score0.77677EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.604 views

Wondershare Dr.Fone 11.4.10 Insecure Permissions

Exploit Title: Wondershare Dr.Fone 11.4.10 - Insecure File Permissions Date: 04/25/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://drfone.wondershare.com/ Software Link: https://download.wondershare.com/drfonefull3360.exe Version: 11.4.10 Tested on: Window...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.412 views

Apache CouchDB 3.2.1 Remote Code Execution

Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...

10CVSS0.2AI score0.92335EPSS
Exploits8
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.291 views

Ruijie Reyee Mesh Router Remote Code Execution

Exploit Title: Ruijie Reyee Mesh Router - Remote Code Execution RCE Authenticated Google Dork: None Date: November 1, 2021 Exploit Author: Minh Khoa of VSEC Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/resources/products/1896-1900 Version: ReyeeOS...

0.3AI score0.34947EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.287 views

Google Chrome 78.0.3904.70 Remote Code Execution

Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Date: 2022-05-03 Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...

8.8CVSS0.3AI score0.72977EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/10 12:0 a.m.675 views

Spring4Shell Spring Framework Class Property Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Framework Class property RCE Spring4Shell', 'Description' = %q Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older...

9.8CVSS0.4AI score0.99677EPSS
Exploits101
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.222 views

Ransom.Cryakl Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2aea3b217e6a3d08ef684594192cafc8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Cryakl Vulnerability: Code Execution Description: Cryakl looks for and loads a DLL...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.229 views

Ransom.Satana Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/46bfd4f1d581d7c0121d2b19a005d3df.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Satana Vulnerability: Code Execution Description: Satana searches for and loads a D...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.188 views

School Dormitory Management System 1.0 SQL Injection

Exploit Title: School Dormitory Management System - 'month' SQL Injection Date: 08/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html Version:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.235 views

APT28 FancyBear Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d6751b148461e0f863548be84020b879.txt Contact: [email protected] Media: twitter.com/malvuln Threat: APT28 FancyBear Vulnerability: Code Execution Description: FancyBear looks for and execute...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.221 views

School Dormitory Management 1.0 SQL Injection

Title: School Dormitory Management 1.0 SQLi Author: nu11secur1ty Date: 05.09.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html Reference:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.601 views

F5 BIG-IP Remote Code Execution

F5 BIG-IP RCE exploitation CVE-2022-1388 POST 1: POST /mgmt/tm/util/bash HTTP/1.1 Host: :8443 Authorization: Basic YWRtaW46 Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: 0 "command": "run" , "utilCmdArgs": " -c 'id' " curl commandliner: $ curl -i -s -k -X $'POST' -H $'Host: :8443' -H...

9.8CVSS10AI score0.99956EPSS
Exploits63
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.277 views

Ransom.Petya Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8ed9a60127aee45336102bf12059a850.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Petya Vulnerability: Code Execution Description: Petya looks for and loads a DLL...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.269 views

Travel Management System 1.0 SQL Injection

Title: Travel Management System 1.0 Multiple SQLi Author: nu11secur1ty Date: 05.07.2022 Vendor: https://code-projects.org/author/fabian/ Software: https://code-projects.org/travel-management-system-using-php-source-code/ Reference:...

0.2AI score0.28826EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.192 views

Ransom.Conti Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/20f0c736a966142de88dee06a2e4a5b1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.221 views

Trojan-Ransom.LockerGoga Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/3b200c8173a92c94441cb062d38012f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.LockerGoga Vulnerability: Code Execution Description: LockerGoga looks f...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.204 views

Trojan.Ransom.Cryptowall Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/0CFFEE266A8F14103158465E2ECDD2C1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Ransom.Cryptowall Vulnerability: Code Execution Description: Cryptowall looks f...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.206 views

ChatBot Application With A Suggestion Feature 1.0 SQL Injection

Exploit Title: ChatBot Application with a Suggestion Feature 1.0 - 'id' Blind SQL Injection Date: 05/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.203 views

Trojan.CryptoLocker Code Execution

Discovery / credits: Malvuln - John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/209a288c68207d57e0ce6e60ebf60729.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.CryptoLocker Vulnerability: Code Execution Description: Cryptolocker drops a PE...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.237 views

Trojan-Ransom.Cerber Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ae99e6a451bc53830be799379f5c1104.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Cerber Vulnerability: Code Execution Description: Cerber looks for and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.203 views

REvil.Ransom Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/4c5c1731481ea8d67ef6076810c49e00.txt Contact: [email protected] Media: twitter.com/malvuln Threat: REvil.Ransom Vulnerability: Code Execution Description: REvil looks for and executes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.231 views

Craft CMS 3.7.36 Password Reset Poisoning Attack

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Password Reset Poisoning Attack product: Craft CMS vulnerable version: 3.7.36 and potentially lower fixed version: none, see workaround by vendor CVE number: CVE-2022-299...

0.4AI score0.04547EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.189 views

Ransom.CTBLocker Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/de25f04dedaffde1be47ef26dc9a8176.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.CTBLocker Vulnerability: Code Execution Description: CTBLocker looks for and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.184 views

Trojan-Ransom.Radamant Code Execution

Discovery / credits: Malvuln - John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/6152709e741c4d5a5d793d35817b4c3d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Radamant Vulnerability: Code Execution Description: Radamant tries to load...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/05 12:0 a.m.543 views

ZoneMinder Language Settings Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ZoneMinder Language Settings Remote Code Execution', 'Description' = %q This module exploits arbitrary file write in debug log file option chaine...

0.1AI score0.66317EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/05/05 12:0 a.m.195 views

PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting

Exploit Title: PHProjekt PhpSimplyGest / MyProjects, 1.3.0 - Stored XSS Cross-Site Scripting Date: 2022-05-05 Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.phprojekt.altervista.org removed demo was at http://phprojekt.altervista.org/phpsimplygest130 Software Link:...

0.4AI score0.02517EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.254 views

Ransom.Conti Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/3c55ee6753408bff2e3e6a392ed9f2a0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs in its...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.223 views

Conti.Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/710a77804637f65e22a2e230ff6444f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Conti.Ransom Vulnerability: Code Execution Description: Conti looks for and loads a DLL named...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.306 views

Ransom.WannaCry Code Execution

Discovery / credits: Malvuln - John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/84c82835a5d21bbcf75a61706d8ab549.txt Contact: [email protected] Media: twitter.com/malvuln ISR: ApparitionSec Threat: Ransom.WannaCry Vulnerability: Code Execution Description: WannaCry...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.217 views

Red Planet Laundry Management System 1.0 SQL Injection

Title: Red Planet Laundry Management System 1.0 SQLi Author: nu11secur1ty Date: 05.01.2022 Vendor: https://laundry.redplanetcomputers.com/ Software: https://laundry.redplanetcomputers.com/ Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-28452 Description: The username...

0.4AI score0.17301EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.342 views

REvil.Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/979635229dfcfae1aae74ae296ec78c8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: REvil.Ransom Vulnerability: Code Execution Description: REvil looks for and executes DLLs in its...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/04 12:0 a.m.685 views

SAP Web Dispatcher HTTP Request Smuggling

Onapsis Security Advisory 2022-0001: HTTP Request Smuggling in SAP Web Dispatcher Impact on Business By injecting an HTTP request as a prefix into a victim's request, a malicious user is able to cause damage in different ways, such as producing a Denial of Service by setting an invalid request as...

9.4CVSS9.3AI score0.02601EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.181 views

LokiLocker Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/2ffc2446a2a6cf04c06a85deb43b9fb8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: LokiLocker Ransom Vulnerability: Code Execution Description: LokiLocker looks for and executes DLLs ...

Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.268 views

RedLine.Stealer Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/0adb0e2ac8aa969fb088ee95c4a91536.txt Contact: [email protected] Media: twitter.com/malvuln Threat: RedLine.Stealer Vulnerability: Code Execution Description: RedLine looks for and loads a DLL named...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.193 views

Ransom.AvosLocker Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.AvosLocker Vulnerability: Code Execution Description: The ransomware looks for and executes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.232 views

BlackBasta Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/998022b70d83c6de68e5bdf94e0f8d71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BlackBasta Ransom Vulnerability: Code Execution Description: BlackBasta looks for and loads a DLL...

Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.300 views

VMware Workspace ONE Access Template Injection / Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-22954', 'Description' = %q This module exploits CVE-2022-22954, an unauthenticated server-side template...

10CVSS0.8AI score0.99997EPSS
Exploits24
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.182 views

WordPress Stafflist 3.1.2 Cross Site Scripting

Exploit Title: WordPress Plugin stafflist 3.1.2 - Reflected XSS Authenticated Date: 05-02-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A cross site scripti...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.199 views

Tenda HG6 3.3.0 Remote Command Injection

Tenda HG6 v3.3.0 Remote Command Injection Vulnerability Vendor: Tenda Technology Co.,Ltd. Product web page: https://www.tendacn.com https://www.tendacn.com/product/HG6.html Affected version: Firmware version: 3.3.0-210926 Software version: v1.1.0 Hardware Version: v1.0 Check Version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.230 views

REvil Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/7d7ee58c2696794b3be958b165eb61a9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: REvil Ransom Vulnerability: Code Execution Description: REvil looks for and executes DLLs in its...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/03 12:0 a.m.189 views

Conti Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9eb9197cd58f4417a27621c4e1b25a71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Conti Ransom Vulnerability: Code Execution Description: Conti looks for and executes DLLs in its...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.473 views

WSO Arbitrary File Upload / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WSO2 Arbitrary File Upload to RCE', 'Description' = %q This module abuses a vulnerability in certain WSO2 products that allow unrestricted file...

10CVSS0.4AI score0.99999EPSS
Exploits22
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.212 views

WordPress Stafflist 3.1.2 SQL Injection

Exploit Title: WordPress Plugin stafflist 3.1.2 - SQL Injection Authenticated Date: 05-02-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Vulnerable Code: $w =...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.250 views

Covid 19 Travel Pass Management System 1.0 SQL Injection

Title: Covid 19 Travel Pass Management System v1.0 SQLi Author: nu11secur1ty Date: 05.01.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15308/covid-19-travel-pass-management-system-phpoop-free-source-code.html Reference:...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.209 views

Ransom.LockBit DLL Hijacking

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.LockBit Vulnerability: DLL Hijacking Description: LockBit ransomware looks for and executes...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.218 views

WordPress Stafflist 3.1.2 Cross Site Request Forgery

Exploit Title: WordPress Plugin stafflist 3.1.2 - CSRF Authenticated Date: 05-02-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A CSRF vulnerability exists i...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.520 views

Strapi 3.6.8 Password Disclosure / Insecure Handling

Exploit Title: Strapi " Date: 2022-03-30 Exploit Author: Kitchaphan Singchai idealphase Vendor Homepage: https://strapi.io/ Software Link: https://github.com/strapi/strapi/releases Vulnerable Version: ..SNIP.. Redirecting to /documentati...

7.6AI score0.02786EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/02 12:0 a.m.219 views

Toll Tax Management System 1.0 SQL Injection

Title: Toll Tax Management System v1.0 SQLi Author: nu11secur1ty Date: 04.07.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html Reference:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/28 12:0 a.m.215 views

Home Clean Service System 1.0 SQL Injection

Title: Home Clean Service System v1.0 - 2022 SQLi Author: nu11secur1ty Date: 04.27.2022 Vendor: https://www.sourcecodester.com/users/acetech Software: https://www.sourcecodester.com/php/15293/home-clean-service-free-source-code.html Reference:...

0.4AI score
Exploits0
Total number of security vulnerabilities50748