Lucene search
K
PacketstormRecent

50784 matches found

Packet Storm
Packet Storm
added 2021/07/02 12:0 a.m.198 views

Scratch Desktop 3.17 Code Execution / Cross Site Scripting

Exploit Title: Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution XSS/RCE Google Dork: 'inurl:"/projects/editor/?tutorial=getStarted" -mit.edu' not foolproof on versioning Date: 2021-06-18 Exploit Author: Stig Magnus Baugstø Vendor Homepage: https://scratch.mit.edu/ Software Link:...

6.8CVSS0.2AI score0.06074EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.228 views

Online Voting System 1.0 SQL Injection

Exploit Title: Online Voting System 1.0 - Authentication Bypass SQLi Exploit Author: deathflash1411 Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on: Ubuntu 20.04 Proof of Concept...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.283 views

Vianeos OctoPUS 5 SQL Injection

Exploit Title: Vianeos OctoPUS 5 - 'loginuser' SQLi Date: 01/07/2021 Exploit Author: Audencia Business SCHOOL Vendor Homepage: http://www.vianeos.com/en/home-vianeos/ Software Link: http://www.vianeos.com/en/octopus/ Version: V5 Tested on: Fedora / Apache2 / MariaDB Octopus V5 SQLi The "loginuser...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.298 views

Online Voting System 1.0 Remote Code Execution

Exploit Title: Online Voting System 1.0 - Remote Code Execution Authenticated Exploit Author: deathflash1411 Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on: Ubuntu 20.04 Proof of...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.322 views

WordPress XCloner 4.2.12 Remote Code Execution

Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Date 30.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12...

6.5CVSS8.8AI score0.24937EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.512 views

Docker Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Container Escape Via runC Overwrite', 'Description' = %q This module leverages a flaw in runc to escape a Docker container and get command...

9.3CVSS0.9857EPSS
Exploits33
Packet Storm
Packet Storm
added 2021/07/01 12:0 a.m.199 views

WinWaste.NET 1.0.6183.16475 Local Privilege Escalation

Exploit Title: WinWaste.NET - Privilege Escalation due Incorrect Access Control Date: 2021-07-01 Author: Andrea Intilangelo Vendor Homepage: http://nica.it - http://winwastenet.com Version: 1.0.6183.16475 Tested on: Windows 10 Pro x64 - 20H2 and 21H1 CVE: CVE-2021-34110 WinWaste.NET version...

0.4AI score0.01154EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/30 12:0 a.m.181 views

Apache Superset 1.1.0 Account Enumeration

Exploit Title: Apache Superset 1.1.0 - Time-Based Account Enumeration Author: Dolev Farhi Date: 2021-05-13 Vendor Homepage: https://superset.apache.org/ Version: 1.1.0 Tested on: Ubuntu import sys import requests import time scheme = 'http' host = '192.168.1.1' port = 8080 change with your wordli...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/30 12:0 a.m.135 views

phpAbook 0.9i SQL Injection

Exploit Title: phpAbook 0.9i - SQL Injection Date: 2021-06-29 Vendor Homepage: http://sourceforge.net/projects/phpabook/ Exploit Author: Said Cortes, Alejandro Perez Version: v0.9i This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/30 12:0 a.m.113 views

Doctors Patients Management System 1.0 SQL Injection

Exploit Title: Doctors Patients Management System 1.0 - SQL Injection Authentication Bypass Date: 06/30/2021 Exploit Author: Murat DEMIRCI butterflyhunt3r Vendor Homepage: https://www.codester.com/ Software Link: https://www.codester.com/items/31349/medisol-doctors-patients-managment-system...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/30 12:0 a.m.167 views

Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation

Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Metadata =================================================== Release Date: 29-Jun-2021 Author: Florian Bogner @ https://bee-itsecurity.at Affected product: Securepoint SSL VPN Client Fixed in: version 2.0.32 Tested on: Windows 10 x64...

0.6AI score0.00707EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/06/29 12:0 a.m.235 views

ES File Explorer 4.1.9.7.4 Arbitrary File Read

Exploit Title: ES File Explorer 4.1.9.7.4 - Arbitrary File Read Date: 29/06/2021 Exploit Author: Nehal Zaman Version: ES File Explorer v4.1.9.7.4 Tested on: Android CVE : CVE-2019-6447 import requests import json import ast import sys if lensys.argv file to download" sys.exit1 url = 'http://' +...

4.8CVSS0.2AI score0.6202EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.233 views

Constructor.Win32.Bifrose.asc Buffer Overflow / Heap Corruption

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9e1ef166901534c276b5eeeee511fe22.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.Bifrose.asc Vulnerability: Local Stack Buffer Overflow Heap Corruption Description...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.222 views

Personnel Record Management System 1.0 SQL Injection

Exploit Title: Personnel Record Management System | Admin Bypass sqli Exploit Author: Richard Jones Date: 28/06/2021 Vendor Homepage: https://www.sourcecodester.com/php/5107/record-management-system.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.170 views

WordPress YOP Polls 6.2.7 Cross Site Scripting

Exploit Title: WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting XSS Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Vendor Homepage: https://yop-poll.com/ Blog Post: https://www.in-spired.xyz/discovering-wordpress-plugin-yop-polls-v6-2-7-stored-xss/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.1225 views

Android 2.0 FreeCIV Arbitrary Code Execution

""" Android Debug Bridge ADB freeciv exploit Author : Raed-Ahsan https://linkedin.com/in/raed-ahsan Android 2.0 Banana Studio """ """ import socket socket import subprocess Subprocess import pyautogui PyAutoGui import time Time def connectionfunctionhost, port: s = socket.socketsocket.AFINET,...

10CVSS0.9AI score0.03342EPSS
Exploits1
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.258 views

Personnel Record Management System 1.0 Authentication Bypass / XSS

Exploit Title: Personnel Record Management System | Unauthenticated Add Admin Account plus Stored XSS Exploit Author: Richard Jones Date: 28/06/2021 Vendor Homepage: https://www.sourcecodester.com/php/5107/record-management-system.html Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.214 views

Email-Worm.Win32.Trance.a Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca18a07560efa0308827dc972351301f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Trance.a Vulnerability: Insecure Permissions Description: The malware creates a dir...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.140 views

Netgear WNAP320 2.0.3 Remote Code Execution

Exploit Title: Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution RCE Unauthenticated Vulnerability: Remote Command Execution on /boardDataWW.php macAddress parameter Notes: The RCE doesn't need to be authenticated Date: 26/06/2021 Exploit Author: Bryan Leong IoT Device: Netgear WNAP320...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.196 views

SAS Environment Manager 2.5 Cross Site Scripting

Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Date: 24/06/2021 Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475...

0.00945EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.603 views

WordPress wpDiscuz 7.0.4 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthenticated File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress...

7.5CVSS0.94535EPSS
Exploits19
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.260 views

Trojan-Dropper.Win32.Scrop.dyi Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/af207a19fbe313e3f7e123b6b2acffd4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Scrop.dyi Vulnerability: Insecure Permissions Description: The malware creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/26 12:0 a.m.261 views

Atlassian Jira Server/Data Center 8.16.0 Cross Site Scripting

Exploit Title: Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting XSS Date: 06/05/2021 Exploit Author: CAPTAINHOOK Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ versi...

4.3CVSS0.1AI score0.04049EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/25 12:0 a.m.193 views

Lightweight Facebook-Styled Blog Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Lightweight facebook-styled blog authenticated remote code execution", 'Description' = %q This module exploits the file upload vulnerability of...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/25 12:0 a.m.427 views

Seeddms 5.1.10 Remote Command Execution

Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...

6CVSS7.5AI score0.11696EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/06/25 12:0 a.m.337 views

SAPSprint 7.60 Unquoted Service Path

Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path Discovery by: Brian Rodriguez Date: 21-06-2021 Vendor Homepage: https://brother.com/ Tested Version: 7.60 Vulnerability Type: Unquoted Service Path Tested on: Windows 10 Enterprise 64 bits Step to discover Unquoted Service Path:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/25 12:0 a.m.338 views

Simple Client Management System 1.0 SQL Injection

Exploit Title: Simple Client Management System 1.0 - 'uemail' SQL Injection Unauthenticated Date: 24-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/client-details.zip...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.308 views

Trojan.Win32.SecondThought.ak Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/21cd8bab6b3569f7b375a69a37e36c50.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SecondThought.ak Vulnerability: Insecure Permissions Description: The malware creates a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.946 views

TP-Link TL-WR841N Command Injection

Exploit Title: TP-Link TL-WR841N - Command Injection Date: 2020-12-13 Exploit Author: Koh You Liang Vendor Homepage: https://www.tp-link.com/ Software Link: https://static.tp-link.com/TL-WR841NJPV13161028.zip Version: TL-WR841N 0.9.1 4.0 Tested on: Windows 10 CVE : CVE-2020-35575 import requests...

7.5CVSS9.7AI score0.07643EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.366 views

Adobe ColdFusion 8 Remote Command Execution

Exploit Title: Adobe ColdFusion 8 - Remote Command Execution RCE Google Dork: intext:"adobe coldfusion 8" Date: 24/06/2021 Exploit Author: Pergyz Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html Version: 8 Tested on: Microsoft Windows Server 2008 R2 Standard CVE :...

7.5CVSS0.83865EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.278 views

Backdoor.Win32.ReverseTrojan.200 Authentication Bypass

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3fbec7c0623f5f80e4d9c096a50b0d59.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.ReverseTrojan.200 Vulnerability: Authentication Bypass Empty Password Description:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.273 views

Trojan-Dropper.Win32.Krepper.a Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee699b4055c6199f9826681797d64f0b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Krepper.a Vulnerability: Unauthenticated Remote Command Execution Description:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.371 views

Huawei DG8045 Authentication Bypass

Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.490 views

VMware vCenter 6.5 / 6.7 / 7.0 Remote Code Execution

Exploit Title: VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution RCE Unauthenticated Date: 06/21/2021 Exploit Author: CHackA0101 Vendor Homepage: https://kb.vmware.com/s/article/82374 Software Link: https://www.vmware.com/products/vcenter-server.html Version: This affects VMware...

10CVSS0.4AI score0.9957EPSS
Exploits47
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.288 views

Trojan-Dropper.Win32.Juntador.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f28e866ce2f99013a66b015f6a7f31a8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Juntador.a Vulnerability: Weak Hardcoded Password Description: The malware...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.293 views

Trojan.Win32.Banpak.kh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/304fb160949dcaec3e718481464f9ce6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Banpak.kh Vulnerability: Insecure Permissions Description: The malware creates a dir wi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/24 12:0 a.m.182 views

rConfig Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'rConfig Vendors Auth File Upload RCE', 'Description' = %q This module allows an attacker with a privileged rConfig account to start a reverse she...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.173 views

WordPress WP Google Maps 8.1.11 Cross Site Scripting

Exploit Title: WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting XSS Date: 22/6/2021 Exploit Author: Mohammed Adam Vendor Homepage: https://www.wpgmaps.com/ Software Link: https://wordpress.org/plugins/wp-google-maps/ Version: 5.7.2 Tested on: Windows 10 CVE: CVE-2021-24383...

0.2AI score0.02339EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.301 views

WordPress Poll, Survey, Questionnaire And Voting System 1.5.2 SQL Injection

Exploit Title: WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 - 'dateanswers' Blind SQL Injection Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Blog Post: https://in-spired.xyz/wpdevart-polls-blind-sql-injection/ Vendor Homepage:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.275 views

HPE RDA-CAS 1.23.826 Denial Of Service

!/usr/bin/python -- coding: UTF-8 -- hpfreeze.py HPE Remote Device Access Unauthenticated Denial of Service Jeremy Brown jbrown3264/gmail June 2021 "Designed for the enterprise, HPE RDA Remote Device Access provides integrated remote connectivity for support automation, device telemetry and remot...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.201 views

Online Library Management System 1.0 Shell Upload

Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.277 views

Cisco Modeling Labs 2.1.1-b19 Remote Command Execution

Cisco Modeling Labs 2.1.1-b19 Post-Auth RCE Vulnerability CVE-2021-1531 ======= Details ======= Authenticated command injection in the web portal via the X-Original-File-Name header. Tested with portal 'admin' user who does not have a system login or SSH access, but likely works for any user who...

9CVSS0.5AI score0.30492EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.248 views

Simple CRM 3.0 SQL Injection

Exploit Title: Simple CRM 3.0 - 'email' SQL injection Authentication Bypass Date: 22/06/2021 Exploit Author: Rinku Kumar rinku191 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.256 views

Online Library Management System 1.0 SQL Injection

Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.630 views

F5 BIG-IQ VE 8.0.0-2923215 Remote Root

F5 BIG-IQ VE v8.0.0-2923215 Post-auth Remote Root RCE CVE-2021-23024 ======= Details ======= It was possible to execute commands with root privileges as an authenticated privileged user via command injection in easy-setup-test-connection. There are two blind command injection bugs in Test DNS...

7.1AI score0.05346EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/06/23 12:0 a.m.458 views

Monitorr 1.7.6m Bypass / Information Disclosure / Shell Upload

!/usr/bin/env ruby Exploit Title: Monitorr exploit toolkit Google Dorks: inurl:/assets/config/installation/register.php?action=register Author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/sec-it/monitorr-exploit-toolkit...

7.5CVSS9.6AI score0.85785EPSS
Exploits9
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.248 views

ASUS DisplayWidget Software 3.4.0.036 Unquoted Service Path

Exploit Title: ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path Date: 2021-06-21 Exploit Author: Julio Aviña Vendor Homepage: https://www.asus.com/ Software Link: https://dlcdnets.asus.com/pub/ASUS/LCD%20Monitors/MB16ACE/ASUSDisplayWidget3.4.0.036.exe.zip...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.255 views

Wise Care 365 5.6.7.568 Unquoted Service Path

Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.341 views

Remote Mouse GUI 3.008 Privilege Escalation

Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411, [email protected] Date: 17.06.2021 Version: Remote Mouse 3.008 Tested on: Windows 10 Pro Version 21H1 Reference: https://deathflash.ml/blog/remote-mouse-lpe Steps to reproduce: 1. Open...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/22 12:0 a.m.617 views

Dlink DSL2750U Command Injection

Exploit Title: Dlink DSL2750U - 'Reboot' Command Injection Date: 17-06-2021 Exploit Author: Mohammed Hadi HadiMed Vendor Homepage: https://me.dlink.com/consumer Software Link: https://dlinkmea.com/index.php/product/details?det=c0lvN0JoeVVhSXh4TVhjTnd1OUpUUT09 Version: ME1.16 Tested on: firmware...

7.4AI score
Exploits0
Total number of security vulnerabilities50784