Lucene search
K
PacketstormRecent

50784 matches found

Packet Storm
Packet Storm
added 2021/05/17 12:0 a.m.223 views

Backdoor.Win32.Antilam.14.d Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a53351e8fa0cb4f7db3d0250387a0e4f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.d Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/17 12:0 a.m.200 views

Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery Add Admin Date: 15-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/05/16 12:0 a.m.178 views

Backdoor.Win32.Agent.cy Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54fee.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Weak Hardcoded Credentials Description: The malware listens o...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/16 12:0 a.m.84 views

Simple Chatbot Application 1.0 Cross Site Scripting

Exploit Title: Simple Chatbot Application 1.0 - 'Category' Stored Cross site Scripting Date: 16-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/15 12:0 a.m.166 views

Backdoor.Win32.Delf.abb Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2910c3bea6732d5ed81a7c44d4354136.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.abb Vulnerability: Insecure Transit Description: The malware listens on TCP port...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/15 12:0 a.m.77 views

Customer Relationship Management System 1.0 Cross Site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/05/14 12:0 a.m.217 views

Podcast Generator 3.1 Cross Site Scripting

Exploit Title: Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting XSS Date: 13/05/2021 Exploit Author: Ayşenur KARAASLAN Vendor Homepage: https://podcastgenerator.net/demoV2/ Software Link: https://podcastgenerator.net/download and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/14 12:0 a.m.107 views

Student Management System 1.0 Cross Site Scripting

Exploit Title: Student Management System 1.0 - 'message' Persistent Cross-Site Scripting Authenticated Date: 2021-05-13 Exploit Author: mohsen khashei kh4sh3i or [email protected] Vendor Homepage: https://github.com/amirhamza05/Student-Management-System Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/14 12:0 a.m.189 views

Chamilo LMS 1.11.14 Remote Code Execution

Exploit Title: Chamilo LMS 1.11.14 - Remote Code Execution Authenticated Date: 13/05/2021 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms Version: 1.11.14 Tested on: Ubuntu 20.04.2 LTS CVE: CVE-2021-31933 Writeup:...

6.5CVSS0.1AI score0.13933EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.205 views

Dental Clinic Appointment Reservation System 1.0 SQL Injection

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass SQLi Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.304 views

ScadaBR 1.0 / 1.1CE Linux Shell Upload

!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Google Dork: N/A Date: 04/21 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on:...

8.8AI score0.39096EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.221 views

OpenPLC WebServer 3 Remote Code Execution

Exploit Title: OpenPLC WebServer v3 - Authenticated Remote Code Execution Google Dork: N/A Date: 25/04/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.openplcproject.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3 Version: OpenPLC v3 Tested on: Ubuntu 16.04,Debian...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.294 views

Internet Explorer jscript9.dll Memory Corruption

Internet Explorer: Memory corruption in jscript9.dll related to scope of the arguments object There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing attacker-controlled website in Internet Explorer. The vulnerability has been...

0.4AI score0.22595EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.427 views

ScadaBR 1.0 / 1.1CE Windows Shell Upload

!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Google Dork: N/A Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for...

8.8AI score0.39096EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.714 views

Firefox 72 IonMonkey JIT Type Confusion

Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Date: 2021-05-10 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /||...

7.6CVSS8.8AI score0.86863EPSS
Exploits21
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.352 views

Microsoft Internet Explorer 8/11 Use-After-Free

Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...

7.6CVSS8.1AI score0.86863EPSS
Exploits17
Packet Storm
Packet Storm
added 2021/05/13 12:0 a.m.155 views

ZeroShell 3.9.0 Remote Command Execution

Exploit Title: ZeroShell 3.9.0 - Remote Command Execution Google Dork: N/A Date: 10/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://zeroshell.org/ Software Link: https://zeroshell.org/download/ Version: 3.9.0 Tested on: ZeroShell 3.9.0 CVE : CVE-2019-12725 !/usr/bin/python3 impo...

10CVSS0.4AI score0.89849EPSS
Exploits11
Packet Storm
Packet Storm
added 2021/05/12 12:0 a.m.420 views

Backdoor.Win32.Delf.zho Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6b9f5a0512af3ab33c26eaa4bdf94f1f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.zho Vulnerability: Authentication Bypass RCE Description: The malware listens on...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/12 12:0 a.m.136 views

Splinterware System Scheduler Professional 5.30 Unquoted Service Path

Exploit Title: Splinterware System Scheduler Professional 5.30 - Unquoted Service Path Date: 2021-05-11 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.splinterware.com Software Link: https://www.splinterware.com/download/ssproeval.exe Version: 5.30 Professional Tested on: Windows...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/12 12:0 a.m.129 views

Odoo 12.0.20190101 Unquoted Service Path

Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path Exploit Author: 1F98D Vendor Homepage: https://www.odoo.com/ Software Link: https://nightly.odoo.com/12.0/nightly/windows/odoo12.0.20190101.exe Tested Version: 12.0.20190101 Tested on OS: Windows Step to discover Unquoted Servic...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/12 12:0 a.m.120 views

Chevereto 3.17.1 Cross Site Scripting

Exploit Title: Chevereto 3.17.1 - Cross Site Scripting Stored Google Dork: "powered by chevereto" Date: 19.04.2021 Exploit Author: Akıner Kısa Vendor Homepage: https://chevereto.com/ Software Link: https://chevereto.com/releases Version: 3.17.1 Tested on: Windows 10 / Xampp Proof of Concept: 1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/12 12:0 a.m.385 views

ExifTool DjVu ANT Perl Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ExifTool DjVu ANT Perl injection', 'Description' = %q This module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifToo...

6.8CVSS7.5AI score0.99981EPSS
Exploits39
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.161 views

SIS-REWE GO 7.5.0/12C Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross-site Scripting Vulnerabilities product: SIS Informatik - REWE GO vulnerable version: 7.5.0/12C fixed version: 7.7 SP17 CVE number: CVE-2021-31537 impact:...

0.2AI score0.07781EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.280 views

Customer Relationship Management (CRM) System 1.0 Shell Upload

Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.227 views

Customer Relationship Management (CRM) System 1.0 SQL Injection

Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.176 views

Customer Relationship Management (CRM) System 1.0 Cross Site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - Stored XSS Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.733 views

ERPNext 12.18.0 / 13.0.0 SQL Injection

Trovent Security Advisory 2103-01 Authenticated SQL injection in ERPNext 13.0.0/12.18.0 Overview Advisory ID: TRSA-2103-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2103-01 Affected product: ERPNext Tested versions: 12.18.0 and 13.0.0 beta...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.397 views

ERPNext 12.18.0 / 13.0.0 Cross Site Scripting

Trovent Security Advisory 2103-02 Multiple XSS vulnerabilities in ERPNext 13.0.0/12.18.0 Overview Advisory ID: TRSA-2103-02 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2103-02 Affected product: ERPNext Tested versions: 12.18.0 and 13.0.0 beta...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/11 12:0 a.m.220 views

Hexagon G!nius Auskunftsportal SQL Injection

CVE-2021-32051 Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter. Additional Information PoC Payload: id=test' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHR113||...

0.8AI score0.02191EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.223 views

Backdoor.Win32.MotivFTP.12 Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/88785a093b8fa00893214dd220ac255d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.MotivFTP.12 Vulnerability: Authentication Bypass RCE Description: The malware listens...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.149 views

AWS CloudShell Terminal Escape Injection / Remote Code Execution

Terminal escape injection in AWS CloudShell The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance. The bug is in the handling of DCS escape...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.104 views

Human Resource Information System 0.1 Cross Site Scripting

Exploit Title: Human Resource Information System 0.1 - 'First Name' Persistent Cross-Site Scripting Authenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.208 views

Backdoor.Win32.Antilam.13.a Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1ef711b34cc278449f1997e4ed06334a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.13.a Vulnerability: Unauthenticated Remote Command Execution Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.186 views

Microweber CMS 1.1.20 Remote Code Execution

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

6.5CVSS0.1AI score0.16611EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.328 views

OpenNetAdmin 18.1.1 Remote Command Execution

!/usr/bin/env ruby Exploit Title: OpenNetAdmin 8.5.14 --debug FILE version --debug FILE -h | --help exploit: Exploit the RCE vuln version: Try to fetch OpenNetAdmin version Options: Root URL base path including HTTP scheme, port and root folder Command to execute on the target --debug Display...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.227 views

TFTP Broadband 4.3.0.1465 Unquoted Service Path

Exploit Title: TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/tftpbbv4retailx64.exe Tested Version: 4.3.0.1465...

Exploits0
Packet Storm
Packet Storm
added 2021/05/09 12:0 a.m.175 views

DHCP Broadband 4.1.0.1503 Unquoted Service Path

Exploit Title: DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/dhcpbbv4retailx64.exe Tested Version: 4.1.0.1503...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/09 12:0 a.m.173 views

BOOTP Turbo 2.0.0.1253 Unquoted Service Path

Exploit Title: BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/bootptdemox64.exe Tested Version: 2.0.0.1253 Vulnerabilit...

Exploits0
Packet Storm
Packet Storm
added 2021/05/08 12:0 a.m.213 views

PHP Timeclock 1.04 SQL Injection

Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Date: 03.05.2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Test...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/08 12:0 a.m.203 views

PHP Timeclock 1.04 Cross Site Scripting

Exploit Title: PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting XSS Date: May 3rd 2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Tested on...

Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.135 views

Sandboxie 5.49.7 Denial Of Service

Exploit Title: Sandboxie 5.49.7 - Denial of Service PoC Date: 06/05/2021 Author: Erick Galindo Vendor Homepage: https://sandboxie-plus.com/ Software https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Classic-x64-v5.49.7.exe Version: 5.49.7 Tested on: Windows 10 Pro x64 ...

Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.352 views

Voting System 1.0 Shell Upload

Exploit Title: Voting System 1.0 - Remote Code Execution Unauthenticated Date: 07/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.296 views

Sandboxie Plus 0.7.4 Unquoted Service Path

Exploit Title: Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Plus-x64-v0.7.4.exe Tested Version: 0.7.4 Vulnerability Type: Unquoted Servic...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.352 views

WifiHotSpot 1.0.0.0 Unquoted Service Path

Exploit Title: WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://www.gearboxcomputers.com/downloads/wifihotspot.exe Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.316 views

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation Vendor: Epic Games, Inc. Product web page: https://www.epicgames.com https://www.easy.ac Affected version: 4.0.0.0 Summary: Easy Anti-Cheat is the industry-leading anti–cheat service, countering hacking and cheating in multiplayer PC games...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.351 views

macOS Gatekeeper Check Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Gatekeeper check bypass', 'Description' = %q This module serves an OSX app as a zip that contains no Info.plist, which bypasses gatekeeper ...

0.68531EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.368 views

Voting System 1.0 SQL Injection

Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/07 12:0 a.m.315 views

Human Resource Information System 0.1 Remote Code Execution

Exploit Title: Human Resource Information System 0.1 - Remote Code Execution Unauthenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/05/06 12:0 a.m.164 views

StudyMD 0.3.2 Cross Site Scripting / Code Execution

Exploit Title: StudyMD 0.3.2 XSS to RCE Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jotron/StudyMD Version: 0.3.2 Tested on: Windows, Linux, MacOs Softwar...

Exploits0
Packet Storm
Packet Storm
added 2021/05/06 12:0 a.m.158 views

Freeter 1.2.1 Cross Site Scripting / Code Execution

Exploit Title: Freeter 1.2.1 XSS to RCE Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://freeter.io/ Version: 1.2.1 Tested on: Windows, Linux, MacOs Software Description:...

0.1AI score
Exploits0
Total number of security vulnerabilities50784