Lucene search
K
PacketstormRecent

50786 matches found

Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.277 views

Online Reviewer Management System 1.0 SQL Injection

Exploit Title: Online Reviewer Management System Authentication ByPass Exploit Author: th3d1gger Vendor Homepage: https://sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/reviewer0.zip Version: 1.0 Tested on Windows 10 Vulnerable Source Code...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.556 views

Microsoft Exchange ProxyLogon Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange ProxyLogon RCE', 'Description' = %q This module exploit a vulnerability on Microsoft Exchange Server that allows an attacker...

7.5CVSS0.3AI score0.99999EPSS
Exploits65
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.179 views

ELAN Touchpad 15.2.13.1_X64_WHQL Unquoted Service Path

Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.195 views

WordPress Mapplic 6.1 SSRF / Cross Site Scripting

Title : Mapplic Wordpress Plugins Stored XSS Injection via SSRF Date : 22/03/2021 Author : Eagle Eye Vendor Homepage : https://mapplic.com/ Version Affected : 6.1 and below Tested on : Google Chrome XSS Vuln from add/edit Map and bypass with host raw.githubusercontent.com 1.Login as user 2.Add...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.263 views

Elodea Event Collector 4.9.3 Unquoted Service Path

Exploit Title: Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-23 Vendor Homepage: https://eventlogxp.com/ Software Links : https://eventlogxp.com/ Tested Version: Version: 4.9.3 Vulnerability Type: Unquoted...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.181 views

WordPress Mapplic-Lite 1.0 SSRF / Cross Site Scripting

Title : Mapplic-Lite Wordpress Plugins Stored XSS Injection via SSRF Date : 22/03/2021 Author : Eagle Eye Download : https://wordpress.org/plugins/mapplic-lite/ Vendor Homepage : https://mapplic.com/ Version Affected : Version 1.0 Tested on : Google Chrome XSS Vuln from add/edit Map and bypass wi...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.326 views

MyBB 1.8.25 SQL Injection

Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...

6.5CVSS0.1AI score0.05072EPSS
Exploits12
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.244 views

Online Reviewer Management System 1.0 Cross Site Scripting

Exploit Title: Online Reviewer Management System Persistent Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage: https://sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/reviewer0.zip Version: 1.0 Tested on Windows 10 @attack request...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.196 views

ActivIdentity 8.2 Unquoted Service Path

Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/23 12:0 a.m.379 views

Advantech iView Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Advantech iView Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated configuration change combined...

7.5CVSS1.1AI score0.36845EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.502 views

Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure

Advisory ID: SYSS-2020-044 Product: Zoom Manufacturer: Zoom Video Communications, Inc. Affected Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Tested Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Vulnerability Type: Exposure of Resource to Wrong Sphere CWE-668 Risk Level: Medium Solution Status: Open...

4.8AI score0.16289EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.385 views

MyBB 1.8.25 Remote Command Execution

Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...

4.3CVSS7.5AI score0.1059EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.271 views

SAPSetup Automatic Workstation Update Service 750 Unquoted Service Path

Exploit Title: SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://help.sap.com/ Software Links : https://help.sap.com/ SAP Tested Version: 750 Final Release...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.373 views

Trojan-Dropper.Win32.Delf.da Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2f1adfd7a35fd0e0207a24be169b4c1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.da Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description:...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.230 views

ProFTPD 1.3.7a Denial Of Service

Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.486 views

WordPress Delightful Downloads Jquery File Tree 1.6.6 Path Traversal

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Date: 19/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3....

5CVSS0.57608EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.302 views

Trojan-Dropper.Win32.Dycler.vrp Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/06cbbff745c60c46e0996928c00ef28f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Dycler.vrp Vulnerability: Insecure Permissions Description: Dycler.vrp creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.251 views

HEUR.Trojan.Win32.Generic Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c60f00700bd73ca369195bd32a3f16a3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Permissions Description: The specimen creates a di...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.265 views

OSAS Traverse Extension 11 Unquoted Service Path

Exploit Title: OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path Exploit Auth: Tech Johnny Vendor Homepage: https://www.osas.com Version: 11 x86 Tested on: Windows 2012R2 Details: C:\Windows\system32wmic service get name, pathname, displayname, startmode | findstr /i "Auto...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.314 views

Trojan-Dropper.Win32.Demp.rft Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/db01783710e0c5aff92156a0e76deade.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Demp.rft Vulnerability: Insecure Permissions Description: The specimen creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.265 views

Winpakpro 4.8 Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.343 views

MacPaw Encrypto 1.0.1 Unquoted Service Path

Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/21 12:0 a.m.233 views

CMS Made Simple 2.2.15 Shell Upload

1 Summary Affected software CMS Made Simple-2.2.15 Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability File upload bypass with .phar extension lead to RCE 2 Vulnerability Description The vulnerability affect the FilePicker module, it is possible to bypass the restriction and upload a malicious...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/20 12:0 a.m.296 views

CMS Made Simple 2.2.15 SQL Injection

1 Summary Affected software CMS Made Simple-2.2.15 Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability SQL injection 2 Vulnerability Description The affected software is vulnerable to SQL injection via the m1sortby POST parameter of the News module, reachable via the moduleinterface.php page. T...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.227 views

LiveZilla Server 8.0.1.0 Cross Site Scripting

Exploit Title: LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS Google Dork: inurl: inurl:/mobile/index.php intitle:LiveZilla Date: 18 Mars 2021 Exploit Author: Clément Cruchet Vendor Homepage: https://www.livezilla.net Software Link: https://www.livezilla.net/downloads/en/ Version:...

4.3CVSS6.7AI score0.09052EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.567 views

SOYAL Biometric Access Control System 5.0 Master Code Disclosure

SOYAL Biometric Access Control System 5.0 Master Code Disclosure Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: AR-727 i/CM - F/W: 5.0 AR837E/EF - F/W: 4.3 AR725Ev2 - F/W: 4.3 191231 AR331/725E - F/W: 4.2 AR837E/EF - F/W: 4.1...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.196 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Factory Reset

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Factory Reset Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.147 views

Boonex Dolphin 7.4.2 Cross Site Scripting

Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.boonex.com/ Software Link: https://www.boonex.com/downloads Version: 7.4.2 Tested on: Windows 10 Reference -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.313 views

SOYAL Biometric Access Control System 5.0 Weak Default Credentials

SOYAL Biometric Access Control System 5.0 Weak Default Credentials Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: AR-727 i/CM - F/W: 5.0 AR837E/EF - F/W: 4.3 AR725Ev2 - F/W: 4.3 191231 AR331/725E - F/W: 4.2 AR837E/EF - F/W: 4...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.227 views

Online News Portal 1.0 SQL Injection

Exploit Title: Online News Portal | SQL Injection Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.210 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Hard-Coded Credentails / Shell Access

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Hard-coded Credentials Shell Access Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.214 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.206 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Privilege Escalation

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Privilege Escalation Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.292 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.200 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Remote Code Execution

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Remote Code Execution Backdoors Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.162 views

SOYAL 701Client 9.0.1 Insecure Permissions

SOYAL 701Client 9.0.1 Insecure Permissions Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1 190410 9.0.1 190115 Summary: 701 Client is the user interface software for the access control system. It is used for adding and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.210 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Weak Default WiFi Password Algorithm

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Weak Default WiFi Password Algorithm Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.734 views

Win32k ConsoleControl Offset Confusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Win32k ConsoleControl Offset Confusion', 'Description' = %q A vulnerability exists within win32k that can be leveraged by an attacker to escalate...

7.2CVSS0.80968EPSS
Exploits40
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.210 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Device Reboot

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Device Reboot DoS Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.315 views

Online News Portal 1.0 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Online News Portal | Stored XSS + CSRF Example Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.326 views

SOYAL Biometric Access Control System 5.0 Cross Site Request Forgery

SOYAL Biometric Access Control System 5.0 CSRF Change Admin Password Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: AR-727 i/CM - F/W: 5.0 AR837E/EF - F/W: 4.3 AR725Ev2 - F/W: 4.3 191231 AR331/725E - F/W: 4.2 AR837E/EF - F/W:...

Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.340 views

VestaCP 0.9.8 Command Injection

Title: VestaCP 0.9.8 - 'vsftplicence' Command Injection Date: 17.03.2021 Author: Numan Türle Vendor Homepage: https://vestacp.com Software Link: https://myvestacp.com 0.9.8-26-43 Software Link: https://vestacp.com 0.9.8-26 POST /edit/server/ HTTP/1.1 Host: TARGET:8083 Connection: close...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.315 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.223 views

Plone CMS 5.2.3 Cross Site Scripting

Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.292 views

Profiling System For Human Resource Management 1.0 Remote Code Execution

Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.297 views

BRAdmin Professional 3.75 Unquoted Service Path

Exploit Title: BRAdmin Professional 3.75 - 'BRAScheduler' Unquoted Service Path Date: 2021-03-17 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://global.brother/ Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.358 views

SOYAL 701Server 9.0.1 Insecure Permissions

SOYAL 701Server 9.0.1 Insecure Permissions Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1 190322 8.0.6 181227 Summary: 701 Server is the program used to set up and configure LAN and IP based access control systems, from...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.232 views

Online News Portal 1.0 Cross Site Scripting

Exploit Title: Online News Portal | Multiple Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.155 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Configuration Download

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Config Download Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.301 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Insecure Direct Object Reference

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Improper Access Control IDOR Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

7.4AI score
Exploits0
Total number of security vulnerabilities50786