Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.148 views

📄 MyPRO Manager 1.2 Command Injection

MyPRO Manager versions 1.2 and below suffer from an unauthenticated command injection vulnerability. ============================================================================================================================================= | Title : MyPRO Manager 1.2 php code injection | |...

10CVSS7.4AI score0.64414EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.176 views

📄 LibreChat MCP 0.8.2-rc2 Remote Code Execution

This proof of concept exploit targets the LibreChat MCP remote code execution vulnerability known as CVE-2026-22252. It provides a comprehensive and professional framework for detecting, testing, and exploiting the vulnerability with multiple extraction modes...

9.9CVSS6.5AI score0.03678EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.178 views

📄 Monsta FTP 2.11 Remote File Injection

This Metasploit module exploits a vulnerability in Monsta FTP version 2.11 and enables remote file injection by creating a malicious FTP server. The application builds this server to upload a malicious PHP file reverse shell. After the file is uploaded, the module immediately verifies the...

9.8CVSS5.9AI score0.72536EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.188 views

📄 libarchive RAR Double Free / Use-After-Free

This proof of concept demonstrates a memory management flaw in libarchive versions prior to 3.8.0 when handling malformed RAR headers. By supplying a corrupted RAR structure, the code forces error paths during archive parsing, leading to improper cleanup. As a result, the archive object may be...

7.8CVSS5.9AI score0.00326EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.154 views

📄 Microsoft Windows 11 build 10.0.27898.1000 Local Privilege Escalation

Proof of concept exploit designed to test a potential local privilege escalation vulnerability in Windows, specifically targeting a feature called AiRegistrySync. It checks if modifications made by a standard user in their own Registry profile can be automatically synchronized propagated into the...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.169 views

📄 Next.js 13.5.9 Middleware Bypass Scanner

This is an authorization bypass scanner for Next.js versions 13.5.9 and below. A vulnerability exists in the Next.js middleware handling mechanism, where requests containing the "x-middleware-subrequest" header are processed differently compared to normal requests...

9.1CVSS7.3AI score0.99621EPSS
Exploits58
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.154 views

📄 Oracle E-Business Suite 12.2.3 Request Smuggling

This script is a refined proof of concept targeting Oracle E‑Business Suite EBS vulnerability CVE‑2025‑61882. It corrects logical flaws in request smuggling payload construction, particularly around request termination and CRLF preservation, ensuring reliable proxy/backend desynchronization. The...

9.8CVSS5.9AI score0.99722EPSS
Exploits14
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.146 views

📄 Advantech IoTSuite / IoT Edge SQL Injection

A critical unauthenticated SQL injection vulnerability was identified in Advantech WISE-IoTSuite / SaaS Composer. The issue resides in the /displays/filename.json endpoint, where the filename parameter is improperly sanitized before being concatenated into a backend PostgreSQL query. An attacker...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.204 views

📄 Samsung libimagecodec.quram.so Buffer Overflow / Denial of Service

This proof of concept demonstrates a denial of service vulnerability in Samsung's libimagecodec.quram.so JPEG decoder. By crafting a structurally valid JPEG file with maliciously large image dimensions height 65535, width 2862 in the SOF0 marker, the decoder performs unsafe size calculations duri...

7.5CVSS5.9AI score0.00223EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.163 views

📄 Zabbix Agent Binaries 7.4 OpenSSL Path Scanner

This tool performs static analysis on Zabbix Agent binaries to identify hardcoded OpenSSL paths such as OPENSSLDIR, ENGINESDIR, and MODULESDIR. It leverages strings and radare2 to extract embedded configuration paths, OpenSSL version information, and indicators of dynamic engine or module loading...

7.3CVSS5.9AI score0.00325EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.218 views

📄 FreePBX Endpoint SQL Injection / Remote Code Execution

FreePBX is an open-source IP PBX management tool that provides a modern phone system for businesses that use VoIP to make and receive phone calls. Versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are vulnerable to CVE-2025-61675. The...

9.8CVSS6.5AI score0.3896EPSS
Exploits8
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.138 views

📄 Zimbra Collaboration Suite Postjournal 10.0.x Remote Code Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.194 views

📄 OpenSSL 3.x ASN.1 AES‑GCM Nonce Stack Corruption

This Metasploit auxiliary module generates a specially crafted CMS file encoded in DER format to test a stack-based buffer overflow vulnerability in OpenSSL's ASN.1 parser related to improper handling of oversized AES-GCM nonce IV values within AES-GCM-Parameters as defined in RFC 5084. The...

9.8CVSS6.3AI score0.47621EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.218 views

📄 LibreChat MCP 0.8.2-rc2 Remote Code Execution

Proof of concept exploit for a remote code execution vulnerability in LibreChat MCP version 0.8.2-rc2 that leverages an unsanitized stdio server configuration issue...

9.9CVSS6.5AI score0.03678EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.159 views

📄 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow

Proof of concept Metasploit module that exploits a macOS version 10.13.4 heap overflow vulnerability. A kernel heap overflow exists in fgetattrlist due to missing lower-bound buffer size validation when writing returned attributes to caller-supplied memory...

9.3CVSS6.1AI score0.18765EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.148 views

📄 Alicorn Circa 2004 SQL Injection / Command Injection / XSS

This document articulates an overview of remote SQL injection, command injection, and cross site scripting vulnerabilities found in the Alicorn version from 2004...

5.3AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.136 views

📄 MaNGOSWeb 4.0.6 SQL Injection

MaNGOSWeb version 4.0.6 remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : MaNGOSWeb V4 4.0.6 Sql Injection | | Author : indoushka | | Tested on :...

6.1CVSS5.9AI score0.02574EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.156 views

📄 FreePBX Firmware Shell Upload

FreePBX versions prior to 16.0.44,16.0.92 and 17.0.6,17.0.23 are vulnerable to multiple CVEs, specifically CVE-2025-66039 and CVE-2025-61678, in the context of this Metasploit module. The versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0....

9.8CVSS6.5AI score0.50159EPSS
Exploits10
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.148 views

📄 FreeBSD 15.x rtsold DNSSL Command Injection

This Metasploit module targets a command injection vulnerability in the FreeBSD rtsold daemon related to the handling of DNSSL DNS Search List options in IPv6 Router Advertisements. Due to improper validation of domain names, attacker-controlled DNSSL values can inject shell commands via $...

6.1AI score0.06272EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.148 views

📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner

This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.123 views

📄 AVideo 14.3.1 Cross Site Scripting

AVideo version 14.3.1 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : AVideo 14.3.1 XSS vulnerability | | Author : indoushka | | Tested on :...

5.4AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.163 views

📄 Papermark 0.20.0 Path Traversal

Papermark version 0.20.0 suffers from an authenticated path traversal vulnerability. // Exploit Title: Papermark 0.20.0 - Path Traversal Authenticated // Date: 2026-01-28 // Exploit Author: Eui Chul Chung // Vendor Homepage: https://www.papermark.com/ // Software Link:...

6.5CVSS5.9AI score0.00645EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.204 views

📄 Qualcomm CVP Kernel Pointer Leak

The Qualcomm CVP driver exposes kernel pointers to userland by returning a hashed session ID derived from a kernel pointer using hash32ptr. This function is not a cryptographic hash but a reversible fold that XORs the upper and lower 32 bits of the pointer. Due to predictable ARM64 kernel virtual...

5.5CVSS5.8AI score0.00069EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.177 views

📄 GNU Inetutils 2.7 Telnet Authentication Bypass Scanner

GNU Inetutils version 2.7 telnet authentication bypass scanner that leverages a crafted USER value. This vulnerability is tracked as CVE-2026-24061 and is conceptually related to historical Telnet NEW-ENVIRON issues such as CVE-1999-0192, but affects modern GNU Inetutils implementations...

10CVSS5.9AI score0.98871EPSS
Exploits61
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.208 views

📄 MCPJam 1.4.2 Command Injection

This Metasploit exploit module targets the MCP Model Context Protocol server, specifically exploiting a command injection vulnerability in the /api/mcp/connect endpoint. The vulnerability allows unauthorized remote command execution by sending crafted JSON payloads that are executed by the server...

9.8CVSS6.1AI score0.38374EPSS
Exploits29
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.145 views

📄 MikroTik RouterOS 6.40.10 Denial of Service

This exploit targets a vulnerability in the MikroTik RouterOS SMB service, allowing remote attackers to crash the SMB process and render services unavailable. Specially crafted SMB packets trigger an abnormal condition, leading to a denial of service, requiring manual restart or reboot of the...

5.5AI score0.00591EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.167 views

📄 Ivanti Connect Secure 9.x / 22.x Command Injection

The provided PHP script targets CVE‑2024‑21887, a command injection vulnerability in Ivanti Connect Secure versions 9.x and 22.x It is designed to identify and exploit vulnerable systems through a crafted API request. It initializes a reusable cURL session to send malicious JSON payloads to a...

9.1CVSS5.9AI score0.99999EPSS
Exploits18
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.184 views

📄 Lighttpd 1.4.66 FastCGI Resource Exhaustion

Proof of concept exploit for a resource exhaustion vulnerability that exists in lighttpd versions 1.4.56 through 1.4.66 affecting FastCGI and other gateway backends. When processing HTTP/1.1 requests using chunked transfer encoding with request-body streaming enabled, an anomalous client disconne...

7.5CVSS5.9AI score0.02714EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.173 views

📄 PLY 3.11 Arbitrary Code Execution

An undocumented and unsafe feature in the PyPI‑distributed version of PLY version 3.11 allows arbitrary code execution when the yacc function is invoked with the picklefile parameter. 🚨 Undocumented Remote Code Execution in PLY CVE‑2025‑56005 CVE ID: CVE‑2025‑56005 Reported by: Ahmed Abd Disclosu...

9.8CVSS6.3AI score0.16903EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.191 views

📄 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow

CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. The vulnerability allows local attackers to trigger kernel heap corruption, potentially leading to kernel panic, privilege escalation, or arbitrary code execution. This particul...

9.3CVSS6.2AI score0.18765EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.152 views

📄 MinIO RELEASE.2023-03-20T20-16-18Z Vulnerability Scanner

This PHP script is a command-line vulnerability scanner designed to detect CVE-2023-28432 in MinIO servers. The vulnerability allows unauthenticated access to sensitive environment variables through the /minio/bootstrap/v1/verify endpoint...

7.5CVSS5.9AI score0.83957EPSS
Exploits13
Packet Storm
Packet Storm
added 2026/01/27 12:0 a.m.143 views

📄 MaNGOSWeb 4.0.6 Host Header Injection / XML Injection

MaNGOSWeb version 4.0.6 host header proof of concept exploit that a code injection vulnerability. It shows that it can be leveraged for more than cross site scripting and can be used to perform XML external entity injection leading to a file write that can assist in remote code execution...

6.1CVSS5.7AI score0.02574EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.235 views

📄 Magento 2 / Adobe Commerce 2.4.x SessionReaper

This PHP script is a proof of concept exploit targeting Magento for CVE‑2025‑54236, commonly referred to as SessionReaper. It is a PHP port of an original Metasploit module and is designed for security testing...

9.1CVSS5.9AI score0.96742EPSS
Exploits9
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.146 views

📄 Magento Adobe Commerce 2.4.6-p5 Arbitrary File Read

Magento Adobe Commerce version 2.4.6-p5 arbitrary file read proof of concept exploit. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.6-p5 arbitrary file read...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.140 views

📄 ManageEngine DeviceExpert 5.6 Traversal / Code Execution

Proof of concept exploit for ManageEngine DeviceExpert version 5.6 that injects PHP code into a user agent and uses a path traversal vulnerability to execute code...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.189 views

📄 AVideo 14.3.1 notify.ffmpeg.json.php Remote Code Execution

AVideo version 14.3.1 unauthenticated remote code execution exploit that leverages notify.ffmpeg.json.php. ============================================================================================================================================= | Title : AVideo 14.3.1 via notify.ffmpeg.json.p...

9.3CVSS6.5AI score0.01457EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.151 views

📄 macOS 10.13.6 Reference Leak

This is a proof of concept for an older flaw that targets macOS 10.13.6. A flaw in the MIG ownership model within the ioserviceaddnotificationool routine of IOKit allows a malicious user to leak Mach port send-right references. By repeatedly invoking notifications with malformed matching data, MI...

9.3CVSS5.9AI score0.14888EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.134 views

📄 macOS Sierra 10.12 Build 16A323 Double-Free / Privilege Escalation

macOS Sierra version 10.12 Build 16.A323 local privilege escalation proof of concept exploit. A flaw in the MIG ownership model within the ioserviceaddnotificationool routine of IOKit allows a malicious user to leak Mach port send-right references. By repeatedly invoking notifications with...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.148 views

📄 Ivanti 11.10 MobileIron Vulnerability Scanner

This PHP-based scanner detects unauthenticated access vulnerabilities in Ivanti EPMM / MobileIron products. The issue allows attackers to retrieve sensitive user information via exposed API endpoints. Version 11.10 is affected...

10CVSS5.9AI score0.99999EPSS
Exploits14
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.133 views

📄 Juniper JunOS 23.4 Module Scanner / Exploitation Framework

This PHP script is a modular scanner and exploitation framework targeting Juniper JunOS CVE‑2023‑36846, an arbitrary file upload vulnerability due to missing authentication.. It is designed with a clear separation of responsibilities and supports single‑target testing, interactive exploitation, a...

5.3CVSS5.9AI score0.94205EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.218 views

📄 WordPress SureForms 2.2.0 Cross Site Scripting

WordPress SureForms plugin versions 2.2.0 and below suffer from a persistent cross site scripting vulnerability. CVE-2025-14855: SureForms WordPress Plugin Stored XSS Proof of Concept - Target: WordPress Plugin "SureForms" - Plugin Wordpress: https://wordpress.org/plugins/sureforms/ - Vulnerabili...

7.2CVSS5.4AI score0.00312EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.144 views

📄 GNU Inetutils 2.7 telnet Privilege Escalation

Although Packet Storm has multiple exploits relating to this issue, this advisory keeps the details on the GNU Inetutils 2.7 telnetd privilege escalation vulnerability quite simple. Titles: Telnet Argument Injection Privilege Escalation - RCE Author: nu11secur1ty Date: 1/24/2026 Vendor:...

9.8CVSS5.9AI score0.98871EPSS
Exploits60
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.147 views

📄 macOS 10.13.4 Heap Overflow

Proof of concept exploit for an old macOS version 10.13.4 heap overflow vulnerability. A kernel heap overflow exists in fgetattrlist due to missing lower-bound buffer size validation when writing returned attributes to caller-supplied memory. When triggered it causes a kernel panic...

9.3CVSS5.8AI score0.18765EPSS
Exploits6
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.196 views

📄 Siklu EtherHaul EH-8010 / EH-1200 Vulnerability Scanner

This PHP-based scanner safely detects an unauthenticated remote command execution vulnerability in Siklu EtherHaul EH-8010 and EH-1200 devices by sending a non-destructive encrypted probe command and validating the response. The scanner does not alter device state and is suitable for large-scale...

9.8CVSS5.8AI score0.01219EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.135 views

📄 AVideo 18.0 Cross Site Scripting

AVideo version 18.0 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : AVideo 18.0 XSS vulnerability | | Author : indoushka | | Tested on : windo...

4.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.222 views

📄 Lighttpd 1.4.66 Resource Leak Denial of Service

Lighttpd versions 1.4.56 through 1.4.66 has a resource exhaustion vulnerability affecting gateway backends such as FastCGI. When handling an HTTP/1.1 request with chunked transfer encoding and request-body streaming enabled, lighttpd mishandles an anomalous client disconnect RDHUP / half-closed T...

7.5CVSS5.6AI score0.02714EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.152 views

📄 SmarterTools SmarterMail GUID File Upload

This Metasploit module exploits a pre-authentication remote code execution vulnerability in SmarterTools SmarterMail before version 100.0.9413. The endpoint /api/upload fails to sanitize the contextData POST parameter which can contain JSON data with a "guid" key that allows directory traversal. ...

10CVSS6.6AI score0.85457EPSS
Exploits15
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.174 views

📄 ZITADEL 4.7.0 Server-Side Request Forgery

This is a ZITADEL version 4.7.0 server-side request forgery proof of concept exploit written in PHP. ============================================================================================================================================= | Title : ZITADEL 4.7.0 SSRF Exploit - PHP Version | |...

9.3CVSS5.5AI score0.00452EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.130 views

📄 Soosyze CMS 2.0 Brute Forcer

Soosyze CMS version 2.0 authentication brute forcing tool that leverages an absence of rate limiting on the /user/login endpoint. ============================================================================================================================================= | Title : Soosyze CMS 2.0...

5.4CVSS5.5AI score0.0081EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.144 views

📄 OpenKM Community Edition 6.3.10 Code Execution / LFI / SQL Injection

OpenKM Community Edition version 6.3.10 proof of concept Metasploit module that exploits local file inclusion, remote code execution, and SQL injection vulnerabilities...

6.1AI score
Exploits0
Total number of security vulnerabilities50738