Lucene search
K
PacketstormRecent

50784 matches found

Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.211 views

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page: http://www.ljkj2012.com Affected version: 1.21 Summary: Battery Energy Management System. Desc: The application suffers from an unauthenticated arbitrary file download vulnerability. Inp...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.429 views

CloverDX 5.9.0 Code Execution / Cross Site Request Forgery

Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Date: 14.04.2021 Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x,...

8.8CVSS0.1AI score0.04208EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.316 views

IntelliChoice eFORCE Software Suite 2.5.9 Username Enumeration

IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page: https://www.eforcesoftware.com Affected version: 2.5.9.6 2.5.9.5 2.5.9.3 2.5.9.2 2.5.9.1 2.5.8.0 2.5.7.20 2.5.7.18 2.5.6.18 2.5.4.6 2.5.3.11 Summary: IntelliChoice is a United States...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.267 views

Denver IP Camera SHO-110 Snapshot Disclosure

Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot Date: 28 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 Version: Denver SHO-110 all firmware versions Tested on: Denver SHO-110...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.184 views

Event Registration System With QR Code 1.0 Shell Upload

Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Date: 27/07/2021 Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.216 views

Denver Smart Wifi Camera SHC-150 Remote Code Execution

Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Date: 27 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested o...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.397 views

TripSpark VEO Transportation SQL Injection

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.602 views

Backdoor.Win32.WinShell.40 Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c98e23742807f3cb5a095f34e0eb0e52.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.40 Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.230 views

eGain Chat 15.5.5 Cross Site Scripting

Exploit Title: eGain Chat 15.5.5 Cross-Site Scripting Vendor Homepage: https://www.egain.com/ Software Link: https://www.egain.com/chat-software/ Exploit Authors: Brandon Ming Yang Ho https://www.linkedin.com/in/minhobrandon/, Hassy Vinod Eshan https://www.linkedin.com/in/hassy-vinod/ CVE:...

6.4AI score0.00912EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/07/27 12:0 a.m.414 views

WordPress Social Warfare 3.5.2 Remote Code Execution

Author = Raed Ahsan Creation Date = 24/07/2021 Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution Linkedin = https://linkedin.com/in/raed-ahsan/ import socket import requests import subprocess import time import pyautogui print"Start your python SimpleHTTPServer on port 12...

4.3CVSS0.4AI score0.73543EPSS
Exploits20
Packet Storm
Packet Storm
added 2021/07/27 12:0 a.m.281 views

PHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection

Exploit Title: PHP 7.3.15-3 - 'PHPSESSIONUPLOADPROGRESS' Session Data Injection Date: 26/7/2021 Exploit Author: SiLvER | Faisal Alhadlaq Tested on: PHP Version is 7.3.15-3 This poc will abusing PHPSESSIONUPLOADPROGRESS then will trigger race condition to get remote code execution, the script will...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.430 views

Backdoor.Win32.Nbdd.bgz Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6fab73bf104c6a9211b94f9559faa134.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nbdd.bgz Vulnerability: Remote Stack Buffer Overflow Description: NetBotAttacker VIP...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.395 views

Backdoor.Win32.Hupigon.aaur Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/16d598c01f7b391986c8c19eded005b1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aaur Vulnerability: Unauthenticated Open Proxy Description: The malware liste...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.351 views

XOS Shop 1.0.9 Arbitrary File Deletion

Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.618 views

Backdoor.Win32.Mazben.me Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6681d5e4b68abd21a14c704edf9e2ff5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mazben.me Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.357 views

Backdoor.Win32.PsyRat.b Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.210 views

NoteBurner 2.35 Denial Of Service

Exploit Title: NoteBurner 2.35 - Denial Of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.noteburner.com/ Software Link: https://anonfiles.com/13h9Hb82ub/noteburnerexe Exploit Author: Achilles Tested Version: 2.35 Tested on: Windows 7 x64 1.- Run python code : 2.- Open EVIL.txt and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.230 views

WordPress SP Project And Document Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution', 'Description' = %q This module allows an attacker with a...

6.5CVSS0.2AI score0.52007EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.301 views

Backdoor.Win32.Agent.cu Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Port Bounce Scan MITM Description: The malware listens on TC...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.243 views

Leawo Prof. Media 11.0.0.1 Denial Of Service

Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.leawo.org Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html Exploit Author: Achilles Tested Version: 11.0.0.1 Tested on: Windows 7 x64 1.- Run python...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.915 views

Elasticsearch ECE 7.13.3 Database Disclosure

Exploit Title: Elasticsearch ECE 7.13.3 - Anonymous Database Dump Date: 2021-07-21 Exploit Author: Joan Martinez @magichk Vendor Homepage: https://www.elastic.co/ Software Link: https://www.elastic.co/ Version: = 7.10.0 to = 7.13.3 Tested on: Elastic ECE Cloud CVE : CVE-2021-22146 Reference:...

7.6AI score0.27788EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.341 views

Backdoor.Win32.Agent.cu Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.389 views

Backdoor.Win32.Agent.cu Authentication Bypass

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Authentication Bypass RCE Description: The malware listens on...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.407 views

Backdoor.Win32.PsyRat.b Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130cB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Remote Denial of Service Description: The PsyRAT 1.02 malwar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.347 views

Backdoor.Win32.Bifrose.acci Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/611dbff0d68df777c6d6881e00440143.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.acci Vulnerability: Local Stack Buffer Overflow Description: Bifrost doesn't...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/26 12:0 a.m.576 views

WordPress Modern Events Calendar Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Modern Events Calendar - Authenticated Remote Code Execution', 'Description' = %q This module allows an attacker with a privileg...

6.5CVSS0.4AI score0.88158EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/07/25 12:0 a.m.818 views

Zabbix 5.x SQL Injection / Cross Site Scripting

Exploit Title: Zabbix all version / Multiple Vulnerabilities Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: Jul 23th, 2021 CVSS: 3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L Version: Zabbix 1.x, 2.x, 3.x, 4,x 5.x Risk: High 9.0 Vendor Homepage: https://www.zabbix.com/...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/23 12:0 a.m.194 views

WordPress Simple Post 1.1 Cross Site Scripting

Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting XSS Date: 23/07/2021 Exploit Author: Vikas Srivastava Software Link: https://wordpress.org/plugins/simple-post/ Version: 1.1 Category: Web Application Tested on Mac How to Reproduce this Vulnerability: 1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/23 12:0 a.m.734 views

ElasticSearch 7.13.3 Memory Disclosure

Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...

6.8AI score0.76249EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/07/23 12:0 a.m.525 views

Microsoft SharePoint Server 2019 Remote Code Execution

Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution 2 Google Dork: inurl:quicklinks.aspx Date: 2020-08-14 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 ,...

6.8CVSS8AI score0.94243EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.323 views

Sage X3 Administration Service Authentication Bypass / Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sage X3 Administration Service Authentication Bypass Command Execution', 'Description' = %q This module leverages an authentication bypass exploi...

1AI score0.70268EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.373 views

CSZ CMS 1.2.9 Arbitrary File Deletion

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.455 views

WordPress Backup Guard Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Backup Guard - Authenticated Remote Code Execution', 'Description' = %q This module allows an attacker with a privileged Wordpre...

6.5CVSS0.1AI score0.84112EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.428 views

News Portal Project 3.1 SQL Injection

Exploit Title: News Portal Project - Multiple time-based SQL Injection Date: 2021-07-10 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/news-portal-project-in-php-and-mysql/ Version: 3.1 Tested on: Windows 10...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.493 views

Online Shopping Portal 3.1 SQL Injection

Exploit Title: Online Shopping Portal - time-based blind SQL Injection Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: 3.1 Tested on: Windows 10, XAMPP...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.324 views

Ampache 4.4.2 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-site Scripting vulnerability in Ampache 4.4.2 Affected Software: Ampache Affected Versions: 4.4.2 Homepage: http://ampache.org/ Vulnerability: Cross-Site Scripting Severity: High Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.389 views

Vehicle Parking Management System 1.0 SQL Injection

Exploit Title: Vehicle Parking Management System - Multiple time-based SQL Injection Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.382 views

Sequoia: A Deep Root In Linux's Filesystem Layer

Qualys Security Advisory Sequoia: A deep root in Linux's filesystem layer CVE-2021-33909 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation overview Exploitation...

7.2CVSS0.5AI score0.09729EPSS
Exploits15
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.315 views

Vehicle Parking Management System 1.0 Cross Site Scripting

Exploit Title: Vehicle Parking Management System - Stored Cross-Site-Scripting XSS Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.289 views

WordPress KN Fix Your Title 1.0.1 Cross Site Scripting

Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting XSS Date: 19/07/2021 Exploit Author: Aakash Choudhary Software Link: https://wordpress.org/plugins/kn-fix-your/ Version: 1.0.1 Category: Web Application Tested on Mac How to Reproduce this...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.242 views

KevinLAB BEMS 1.0 Unauthenticated SQL Injection / Authentication Bypass

KevinLAB BEMS 1.0 Unauthenticated SQL Injection / Authentication Bypass Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy...

1.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.236 views

KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure

KevinLAB BEMS 1.0 Authenticated File Path Traversal Information Disclosure Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.352 views

Webmin 1.973 Cross Site Request Forgery

Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31761 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...

6.8CVSS0.7AI score0.33569EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.234 views

KevinLAB BEMS 1.0 Undocumented Backdoor Account

KevinLAB BEMS 1.0 Undocumented Backdoor Account Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy management platform. KevinLAB'...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/20 12:0 a.m.356 views

Dell OpenManage Enterprise Hardcoded Credentails / Privilege Escalation / Deserialization

Hello, Please find a text-only version below sent to security mailing lists. The complete version on "Multiple vulnerabilities in Dell OpenManage Enterprise" is posted here: https://pierrekim.github.io/blog/2021-07-19-dell-openmanage-enterprise-0day-vulnerabilities.html === text-version of the...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.264 views

Dolibarr ERP/CRM 10.0.6 Login Brute Forcer

Exploit Title: Dolibarr ERP/CRM 10.0.6 - Login Brute Force Date:2020-01-18 Exploit Author: Creamy Chicken Soup Vendor Homepage: https://www.dolibarr.org Software Link: https://sourceforge.net/projects/dolibarr/ Version: 10.0.6 Tested on: Windows 10 - 64bit CVE: CVE-2020-7995 function...

10CVSS9.6AI score0.04537EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.474 views

HEUR.Backdoor.Win32.Winnti.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Winnti.gen Vulnerability: Insecure Permissions Description: The malware creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.222 views

WordPress Mimetic Books 0.2.13 Cross Site Scripting

Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Date: 18/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Ma...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.359 views

Backdoor.Win32.Agent.bjev Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca40998b5d62ee7f936537ff3de7993d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure Permissions Description: The malware creates a dir...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/19 12:0 a.m.355 views

Backdoor.Win32.IRCBot.gen Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/96f5cdfa5b3416c819d76060f11dc88d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.IRCBot.gen Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Total number of security vulnerabilities50784