Lucene search
K
PacketstormRecent

50784 matches found

Packet Storm
Packet Storm
•added 2021/05/24 12:0 a.m.•527 views

Schlix CMS 2.2.6-6 Shell Upload / Directory Traversal

Exploit Title: Schlix CMS 2.2.6-6 - Arbitary File Upload And Directory Traversal Leads To RCE Authenticated Date: 21.05.2021 Exploit Author: Emir Polat Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/html/schlix-cms-downloads.html Version: 2.2.6-6 Tested On: Ubuntu...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/24 12:0 a.m.•147 views

iDailyDiary 4.30 Denial Of Service

Exploit Title: iDailyDiary 4.30 - Denial of Service PoC Date: 2021-05-21 Exploit Author: Ismael Nava Vendor Homepage: https://www.splinterware.com/index.html Software Link: https://www.splinterware.com/download/iddfree.exe Version: 4.30 Tested on: Windows 10 Home x64 STEPS Open the program...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/24 12:0 a.m.•647 views

Codiad 2.8.4 Remote Code Execution

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 2 Date: 21.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://herolab.usd.de/security-advisories/usd-2019-0049/ Tobias Neitzel Vendor Homepage: http://codiad.com/ Software Link:...

7.5CVSS0.19241EPSS
Exploits4
Packet Storm
Packet Storm
•added 2021/05/23 12:0 a.m.•191 views

DiskBoss Service 12.2.18 Unquoted Service Path

Exploit Title: DiskBoss Service 12.2.18 - 'diskbsa.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2021-05-21 Vendor Homepage: https://www.diskboss.com Software : https://www.diskboss.com/setupsx64/diskbosssetupv12.2.18x64.exe Tested Version: 12.2.18 Vulnerability Type:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/23 12:0 a.m.•187 views

ePowerSvc 6.0.3008.0 Unquoted Service Path

Exploit Title: ePowerSvc 6.0.3008.0 - 'ePowerSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-22 Vendor Homepage: https://www.acer.com Tested Version: 6.0.3008.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Home Premium x64 Step to discover...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/22 12:0 a.m.•211 views

Backdoor.Win32.SkyDance.216 Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/694ecf256c97ef6e206e2073d37e5944.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SkyDance.216 Vulnerability: Remote Stack Buffer Overflow Description: The malware...

0.9AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/22 12:0 a.m.•175 views

Backdoor.Win32.Singu.a Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c7aabf5d248c6974b4cea6c070d6d441.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Singu.a Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description: The...

0.9AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/21 12:0 a.m.•279 views

Mozilla Firefox 88.0.1 File Extension Execution

Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code Date: 20/05/2021 Exploit Authors: Carlo Di Dato and Michael Caruso from BestEffort Team https://besteffortteam.it Vendor Homepage: https://www.mozilla.org Version: = 88.0.1 Tested on: Windows XP Professional SP3...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/21 12:0 a.m.•265 views

WordPress WP Statistics 13.0.7 SQL Injection

Exploit Title: WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection Unauthenticated Date: 20/05/2021 Exploit Author: Mansoor R @time4ster CVSS Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Version Affected: 13.0 to 13.0.7 Vendor URL:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/21 12:0 a.m.•344 views

Microsoft Exchange ProxyLogon Collector

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Date: 2021-03-02 Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q Thi...

7.5CVSS0.2AI score0.99999EPSS
Exploits65
Packet Storm
Packet Storm
•added 2021/05/21 12:0 a.m.•205 views

DELL dbutil_2_3.sys 2.3 Arbitrary Write / Privilege Escalation

Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...

4.6CVSS0.5AI score0.57474EPSS
Exploits17
Packet Storm
Packet Storm
•added 2021/05/21 12:0 a.m.•295 views

libX11 Insufficient Length Check / Injection

Hello list, A missing length check in libX11 causes data from LookupColor requests mess up the client-server communication protocol and inject malicious X server requests. The flaw is comparable to SQLi injecting commands into database connections granting an attacker access to all features of th...

7.5CVSS0.1AI score0.10634EPSS
Exploits2
Packet Storm
Packet Storm
•added 2021/05/20 12:0 a.m.•285 views

Acer Backup Manager Module 3.0.0.99 Unquoted Service Path

Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-19 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Window...

0.7AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/20 12:0 a.m.•142 views

Spotweb-Develop 1.4.9 Cross Site Scripting

Exploit Title: Cross Site Scripting DOM Based spotweb-develop 1.4.9 Author: @nu11secur1ty Testing and Debugging: nu11secur1ty $ OWASP-ZAP Date: 05.20.2021 Vendor: https://www.nzbserver.com/ Link: https://github.com/spotweb/spotweb CVE: 2021-XXXX Proof: https://streamable.com/hix5o1 + Exploit...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/20 12:0 a.m.•270 views

Acer Updater Service 1.2.3500.0 Unquoted Service Path

Exploit Title: Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2020-11-26 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 1.2.3500.0 Vulnerability Type: Unquoted Service Path Tested on OS: Window...

0.6AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•187 views

COVID19 Testing Management System 1.0 Cross Site Scripting

Exploit Title: COVID19 Testing Management System 1.0 - 'Admin name' Cross-Site Scripting XSS Date: 19/05/2021 Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•311 views

Backdoor.Win32.Psychward.c Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f60a8d71a822e0e485f22ada8f26c31e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.c Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•132 views

COVID19 Testing Management System 1.0 SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection Auth Bypass Date: 19/05/2021 Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10 SQL...

Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•141 views

Visual Studio Code 1.47.1 Denial Of Service

Exploit Tittle: Visual Studio Code 1.47.1 - Denial of Service Poc Exploit Author: H.H.A.Ravindu Priyankara Category: Denial of ServiceDOS Tested Version:1.47.1 Vendor: Microsoft Software Download Link:https://code.visualstudio.com/updates/ Write-Host "...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•352 views

Backdoor.Win32.Psychward.ds Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9e22514c9b0e74c7fcb07b7c091f6123.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.ds Vulnerability: Weak Hardcoded Password Description: The malware listens ...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•300 views

WebSSH For iOS 14.16.10 Denial Of Service

Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•138 views

In4Suit ERP 3.2.74.1370 SQL Injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•340 views

Backdoor.Win32.RMFdoor.c Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5e2e6ca532c20ee6a59861d936df7076.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RMFdoor.c Vulnerability: Authentication Bypass RCE Description: The malware listens o...

0.9AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•189 views

ASUS HID Access Service 1.0.94.0 Unquoted Service Path

Exploit Title: ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path Date: 2020-05-19 Exploit Author: Alejandra Sánchez Vendor Homepage: www.asus.com Version: 1.0.94.0 Tested on: Windows 10 Pro x64 es Description: ATK Hotkey 1.0.94.0 suffers from an unquoted search path issue...

0.5AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•166 views

ManageEngine ADSelfService Plus 6.1 CSV Injection

Exploit Title: ManageEngine ADSelfService Plus 6.1 - CSV Injection Date: 19/05/2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: 6.1 Description:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/19 12:0 a.m.•373 views

WordPress Stop Spammers 2021.8 Cross Site Scripting

Exploit Title: WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting XSS Date: 04/08/2021 Exploit Author: Hosein Vita Vendor Homepage: https://wordpress.org/plugins/stop-spammer-registrations-plugin/ Software Link:...

4.3CVSS6.3AI score0.05721EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•255 views

Backdoor.Win32.DarkMoon.a Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7361fe3620fb6e18467c8e15e224b0b8B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkMoon.a Vulnerability: Insecure Transit Description: Dark Moon v1 client by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•158 views

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

!/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/A ------------------------------------------------------------------------------ URXVT VULNERABILITY In rxvt-based terminals, ANSI...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•213 views

NiceHash Miner Excavator 1.6.7c Cross Site Request Forgery

NiceHash Miner Excavator API Cross-Site Request Forgery ======================================================= The latest version of this advisory is available at: https://sintonen.fi/advisories/nicehash-miner-excavator-api-csrf.txt Overview -------- NiceHash Miner Excavator plugin contains a...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•192 views

Microsoft ACL Shortcomings

Hi @ll, the following is a substantially shortened version of and Windows NT supports access control for almost all its objects, "How Security Descriptors and Access Control Lists Work" and "How Permissions Work" provide a comprehensive and exhaustive explanation. "Access Control Lists" provides ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•211 views

EgavilanMedia PHPCRUD 1.0 SQL Injection

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...

1.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•340 views

NetMotion Mobility Server MvcUtil Java Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetMotion Mobility Server MvcUtil Java Deserialization', 'Description' = %q This module exploits an unauthenticated Java deserialization in the...

9.3CVSS0.6AI score0.77673EPSS
Exploits5
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•221 views

Backdoor.Win32.Delf.aez Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/be4a6274679ca966a1d99140db54c25a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.aez Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•258 views

Backdoor.Win32.DarkMoon.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7361fe3620fb6e18467c8e15e224b0b8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkMoon.a Vulnerability: Weak Hardcoded Password Description: Dark Moon v1 client by...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/18 12:0 a.m.•368 views

Microsoft Exchange 2019 Unauthenticated Email Download

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...

7.5CVSS10AI score0.99999EPSS
Exploits63
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•112 views

IPFire 2.25 Remote Code Execution

Exploit Title: IPFire 2.25 - Remote Code Execution Authenticated Date: 15/05/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipfire.org/ Software Link: https://downloads.ipfire.org/releases/ipfire-2.x/2.25-core156/ipfire-2.25.x8664-full-core156.iso Version: 2.25 - core update 15...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•286 views

Dell DBUtil_2_3.sys IOCTL Memory Read / Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell DBUtil23.sys IOCTL memmove', 'Description' = %q The DBUtil23.sys driver distributed by Dell exposes an unprotected IOCTL interface that can ...

4.6CVSS0.4AI score0.57474EPSS
Exploits17
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•220 views

Backdoor.Win32.Agent.oda Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/380ff48c4a28ac25f5efb630883eeb17.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.oda Vulnerability: Remote Stack Buffer Overflow UDP Description: The malware...

0.6AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•211 views

Printable Staff ID Card Creator System 1.0 Shell Upload / SQL Injection

Exploit Title: Printable Staff ID Card Creator System 1.0 - SQLi & RCE via Arbitrary File Upload Date: 2021-05-16 Exploit Author : bwnz Software Link: https://www.sourcecodester.com/php/12802/php-staff-id-card-creation-and-printing-system.html Version: 1.0 Tested on: Ubuntu 20.04.2 LTS Printable...

1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•226 views

Backdoor.Win32.Danton.43 Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/85f7ef2b6b8da9adb7723a13b91ac1c7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Danton.43 Vulnerability: MITM Port Bounce Scan Description: The backdoor FTP server...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•183 views

Backdoor.Win32.Agent.lyw Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4de6f4104a5fc2185164747a6fcf20ce.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.lyw Vulnerability: Remote Stack Buffer Overflow UDP Description: The malware...

0.6AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•289 views

Backdoor.Win32.Danton.43 Code Execution / Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/85f7ef2b6b8da9adb7723a13b91ac1c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Danton.43 Vulnerability: Weak Hardcoded Credentials RCE Description: The malware...

Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•247 views

Subrion CMS 4.2.1 Shell Upload

Exploit Title: File Upload Bypass to RCE Authenticated Google Dork: N/A Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE :...

6.5CVSS7.2AI score0.64261EPSS
Exploits10
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•142 views

Dental Clinic Appointment Reservation System 1.0 Cross Site Scripting

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - 'Firstname' Persistent Cross Site Scripting Authenticated Date: 14-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•305 views

Advanced Guestbook 2.4.4 Cross Site Scripting

Exploit Title: Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting XSS Date: 17/08/2021 Exploit Author: Abdulkadir AYDOGAN Vendor Homepage: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Software Link: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Version: 2.4....

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•216 views

Microsoft Windows TokenMagic Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Privilege Escalation via TokenMagic UAC Bypass', 'Description' = %q This module leverages a UAC bypass TokenMagic in order to spawn a...

0.5AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•245 views

Backdoor.Win32.Agent.cy Denial Of Service / Null Pointer

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54feeC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Denial of Service Description: The malware listens on TCP po...

0.1AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•114 views

Billing Management System 2.0 SQL Injection

Exploit Title: Billing Management System 2.0 - Union based SQL injection Authenticated Date: 2021-05-16 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•188 views

Microsoft Internet Explorer 8 SetMouseCapture Use-After-Free

Exploit Title: Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free Date: 15/05/2021 CVE : CVE-2013-3893 PoC: https://github.com/travelworld/cve20133893trigger.html/blob/gh-pages/params.json Exploit Author: SlidingWindow Vendor Advisory:...

9.3CVSS9AI score0.8593EPSS
Exploits18
Packet Storm
Packet Storm
•added 2021/05/17 12:0 a.m.•260 views

Backdoor.Win32.Agent.cy Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54feeB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Insecure Transit Description: The malware listens on TCP por...

7.4AI score
Exploits0
Total number of security vulnerabilities50784