Packetstorm - Page 170 of Packetstorm Vulnerabilities List

PacketstormRecent

50630 matches found

Packet Storm•added 2021/04/19 12:0 a.m.•365 views

Trojan-Dropper.Win32.Agent.bjtzcp Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Agent.bjtzcp Vulnerability: Insecure Permissions Description: Agent.bjtzcp...

7.4AI score

Exploits0

Packet Storm•added 2021/04/19 12:0 a.m.•215 views

WordPress Photo Gallery 1.5.69 Cross Site Scripting

Researcher Name: ThuraMoeMyint Twitter: https://twitter.com/mgthuramoemyint Vendor Url: https://wordpress.org/plugins/photo-gallery/ "Photo Gallery by 10Web / Mobile-Friendly Image Gallery" photo-gallery Multiple RXSS The parameter bwgalbumbreadcrumb0 is able to inject malicious javascript code...

Exploits0

Packet Storm•added 2021/04/19 12:0 a.m.•421 views

Trojan.Win32.NanoBot.onh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.NanoBot.onh Vulnerability: Insecure Permissions Description: NanoBot.onh creates an...

7.4AI score

Exploits0

Packet Storm•added 2021/04/19 12:0 a.m.•525 views

Nagios XI 5.7.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection', 'Description' = %q This module exploits CVE-2020-5791, an OS command...

9CVSS7.2AI score0.87753EPSS

Exploits7

Packet Storm•added 2021/04/19 12:0 a.m.•342 views

Trojan.Win32.Agent.hsm Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.hsm Vulnerability: Insecure Permissions Description: Agent.hsm creates an insecur...

7.4AI score

Exploits0

Packet Storm•added 2021/04/19 12:0 a.m.•454 views

Trojan.Win32.Bayrob.dtrg Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Bayrob.dtrg Vulnerability: Insecure Permissions Description: Bayrob.dtrg creates an...

7.4AI score

Exploits0

Packet Storm•added 2021/04/19 12:0 a.m.•370 views

Trojan.Win32.Agentb.iofv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agentb.iofv Vulnerability: Insecure Permissions Description: Agentb.iofv creates an...

7.4AI score

Exploits0

Packet Storm•added 2021/04/18 12:0 a.m.•256 views

Constructor.Win32.Bifrose.ag Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.Bifrose.ag Vulnerability: Local Stack Buffer Overflow Description: Bifrost crypted...

0.8AI score

Exploits0

Packet Storm•added 2021/04/17 12:0 a.m.•309 views

HEUR.Backdoor.Win32.Generic File Download

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The backdoor...

7.4AI score

Exploits0

Packet Storm•added 2021/04/16 12:0 a.m.•238 views

glFTPd 2.11a Denial Of Service

Exploit Title: glFTPd 2.11a - Remote Denial of Service Date: 15/05/2021 Exploit Author: xynmaps Vendor Homepage: https://glftpd.io/ Software Link: https://glftpd.io/files/glftpd-LNX-2.11a1.1.1kx64.tgz Version: 2.11a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8...

7.4AI score

Exploits0

Packet Storm•added 2021/04/16 12:0 a.m.•557 views

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...

Exploits0

Packet Storm•added 2021/04/15 12:0 a.m.•275 views

htmly 2.8.0 Cross Site Scripting

Exploit Title: htmly 2.8.0 allows stored XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor: htmly Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 + Exploit Source: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929 Exploit Program Code !/usr/bin/python3...

4.3CVSS5.8AI score0.01518EPSS

Exploits9

Packet Storm•added 2021/04/15 12:0 a.m.•712 views

Backdoor.Win32.Zombam.h Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.h Vulnerability: Remote Stack Buffer Overflow Description: Zombam.h HTTP RAT...

0.7AI score

Exploits0

Packet Storm•added 2021/04/15 12:0 a.m.•518 views

Horde Groupware Webmail 5.2.22 Cross Site Scripting

Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty Date: 04.14.2021 Vendor: https://www.horde.org/apps/webmail Link: https://github.com/horde/webmail/releases CVE: CVE-2021-26929 + Exploit Source:...

4.3CVSS6.2AI score0.01518EPSS

Exploits7

Packet Storm•added 2021/04/15 12:0 a.m.•420 views

Nagios XI Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection', 'Description' = %q This module exploits a command injection...

9CVSS0.1AI score0.85202EPSS

Exploits7

Packet Storm•added 2021/04/15 12:0 a.m.•238 views

Tileserver-gl 3.0.0 Cross Site Scripting

Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Date: 15/04/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain...

4.3CVSS0.14515EPSS

Exploits3

Packet Storm•added 2021/04/14 12:0 a.m.•346 views

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution

Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE Date: 12-4-2021 Exploit Author: Jay Sharma Version: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Tested on: V2.1 CVE : CVE-2021-29003 steps to reproduce Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute...

0.3AI score0.36407EPSS

Exploits5

Packet Storm•added 2021/04/14 12:0 a.m.•421 views

HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Hoax.Win32.FrauDrop.gen Vulnerability: Insecure Permissions Description: FrauDrop.gen creates a...

7.4AI score

Exploits0

Packet Storm•added 2021/04/14 12:0 a.m.•420 views

Trojan.Win32.Agent.zfgh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.zfgh Vulnerability: Insecure Permissions Description: Agent.zfgh creates an hidde...

7.4AI score

Exploits0

Packet Storm•added 2021/04/14 12:0 a.m.•294 views

CITSmart ITSM 9.1.2.27 SQL Injection

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...

0.2AI score0.04018EPSS

Exploits3

Packet Storm•added 2021/04/14 12:0 a.m.•225 views

CITSmart ITSM 9.1.2.22 LDAP Injection

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...

7.5CVSS9.7AI score0.26159EPSS

Exploits3

Packet Storm•added 2021/04/14 12:0 a.m.•5060 views

jQuery 1.0.3 Cross Site Scripting

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...

4.3CVSS0.1AI score0.3466EPSS

Exploits6

Packet Storm•added 2021/04/14 12:0 a.m.•5098 views

jQuery 1.2 Cross Site Scripting

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...

4.3CVSS0.1AI score0.02456EPSS

Exploits7

Packet Storm•added 2021/04/14 12:0 a.m.•505 views

Nagios XI getprofile.sh Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.6.6 getprofile.sh Authenticated Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the...

9CVSS0.4AI score0.86916EPSS

Exploits13

Packet Storm•added 2021/04/14 12:0 a.m.•679 views

Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected cross-site scripting product: Microsoft Azure DevOps Server vulnerable version: 2020.0.1 fixed version: 2020.0.1 Patch 2 CVE number: CVE-2021-28459 impact: medi...

6.6AI score0.00824EPSS

Exploits3

Packet Storm•added 2021/04/14 12:0 a.m.•722 views

Trojan.Win32.Jorik.qje Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Jorik.qje Vulnerability: Insecure Permissions Description: Jorik.qje creates an insecur...

7.4AI score

Exploits0

Packet Storm•added 2021/04/14 12:0 a.m.•433 views

Digital Crime Report Management System 1.0 SQL Injection

Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...

0.4AI score

Exploits0

Packet Storm•added 2021/04/14 12:0 a.m.•499 views

Webmail Edition 5.2.22 XSS / Remote Code Execution

Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...

4.3CVSS6.2AI score0.01518EPSS

Exploits7

Packet Storm•added 2021/04/14 12:0 a.m.•895 views

MariaDB 10.2 Command Execution

Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Date: 03/18/2021 Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through...

9CVSS0.6AI score0.48947EPSS

Exploits8

Packet Storm•added 2021/04/13 12:0 a.m.•252 views

Native Church Website 1.0 Shell Upload

Exploit Title: Native Church Website - Arbitrary File Upload Authenticated Date: 04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11764/native-church-website-phpmysql.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4 /usr/bin/python3 import...

7.4AI score

Exploits0

Packet Storm•added 2021/04/13 12:0 a.m.•523 views

Simple Student Information System 1.0 SQL Injection

Exploit Title: Simple Student Information System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://www.sourcecodester.com/php/11400/simple-student-information-system-ajax-live-search.html Software Link:...

7.4AI score

Exploits0

Packet Storm•added 2021/04/13 12:0 a.m.•653 views

ExpressVPN VPN Router 1.0 Integer Overflow

Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow Date: 09-04-2021 Exploit Author: Jai Kumar Sharma Vendor Homepage: https://www.expressvpn.com/ Software Link: https://www.expressvpn.com/vpn-software/vpn-router Version: version 1 Tested on: Windows/Ubuntu/MacOS CVE ...

5CVSS0.9AI score0.49599EPSS

Exploits3

Packet Storm•added 2021/04/13 12:0 a.m.•452 views

Blitar Tourism 1.0 SQL Injection

Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....

0.1AI score

Exploits0

Packet Storm•added 2021/04/13 12:0 a.m.•659 views

Chrome V8 JavaScript Engine Remote Code Execution

/ BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice,...

0.2AI score

Exploits0

Packet Storm•added 2021/04/12 12:0 a.m.•3039 views

vsftpd 2.3.4 Backdoor Command Execution

Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution Date: 9-04-2021 Exploit Author: HerculesRD Software Link: http://www.linuxfromscratch.org/thomasp/blfs-book-xsl/server/vsftpd.html Version: vsftpd 2.3.4 Tested on: debian CVE : CVE-2011-2523 !/usr/bin/python3 from telnetlib import Telnet...

10CVSS0.2AI score0.94282EPSS

Exploits25

Packet Storm•added 2021/04/09 12:0 a.m.•587 views

PrestaShop 1.7.6.7 SQL Injection

Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...

7.5CVSS0.3AI score0.18559EPSS

Exploits3

Packet Storm•added 2021/04/09 12:0 a.m.•1030 views

Google Chrome SimplfiedLowering Integer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase', 'Description' = %q This module exploits an issue in...

4.3CVSS0.9AI score0.74065EPSS

Exploits14

Packet Storm•added 2021/04/08 12:0 a.m.•467 views

Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops ...

0.2AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•271 views

D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4. Thanks & Acknowledgements 5. References 6. Credits 7. Legal...

0.5AI score0.36848EPSS

Exploits3

Packet Storm•added 2021/04/08 12:0 a.m.•578 views

Linux Kernel 5.4 BleedingTooth Remote Code Execution

/ BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution by Andy Nguyen theflow@ This Proof-Of-Concept demonstrates the exploitation of CVE-2020-12351 and CVE-2020-12352. Compile using: $ gcc -o exploit exploit.c -lbluetooth and execute as: $ sudo ./exploit targetmac sourceip sourceport ...

5.8CVSS0.7AI score0.02874EPSS

Exploits6

Packet Storm•added 2021/04/08 12:0 a.m.•435 views

Trojan.Win32.Hosts2.yqf Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an...

7.4AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•474 views

Trojan-Downloader.Win32.Genome.omht Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/01055838361f534ab596b56a19c70fef.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.omht Vulnerability: Insecure Permissions Description: Genome.omht...

7.4AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•470 views

Backdoor.Win32.Small.n Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution SYSTEM Description: T...

7.4AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•427 views

Trojan-Downloader.Win32.Genome.qiw Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5cddc4647fb1c59f5dc7f414ada7fad4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.qiw Vulnerability: Insecure Permissions Description: Genome.qiw creat...

7.4AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•920 views

Tableau Server Open Redirection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-032 Product: Tableau Server Manufacturer: Tableau Software, LLC, a Salesforce Company Affected Versions: 2019.4-2019.4.17, 2020.1-2020.1.13, 2020.2-2020.2.10, 2020.3-2020.3.6, 2020.4-2020.4.2 Tested Versions: 2020.2.1...

5.8CVSS0.0029EPSS

Exploits2

Packet Storm•added 2021/04/08 12:0 a.m.•560 views

Check Point Identity Agent Arbitrary File Write

Advisory: Privileged File Write Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Version: R81.018.0000 Vulnerability...

0.3AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•509 views

DMA Radius Manager 4.4.0 Cross Site Request Forgery

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147...

0.4AI score0.00404EPSS

Exploits4

Packet Storm•added 2021/04/08 12:0 a.m.•437 views

Trojan.Win32.Hotkeychick.d Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/aff493ed1f98ed05c360b462192d2853.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hotkeychick.d Vulnerability: Insecure Permissions Description: creates an insecure dir...

7.4AI score

Exploits0

Packet Storm•added 2021/04/08 12:0 a.m.•313 views

Composr 10.0.36 Shell Upload

Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...

9.7AI score0.17356EPSS

Exploits4

Packet Storm•added 2021/04/07 12:0 a.m.•1240 views

Gitea Git Hooks Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gitea Git Hooks Remote Code Execution', 'Description' = %q This module leverages an insecure setting to get remote code execution on the target O...

6.5CVSS0.4AI score0.93529EPSS

Exploits12

Total number of security vulnerabilities50630