Lucene search
K
PacketstormRecent

50786 matches found

Packet Storm
Packet Storm
added 2021/02/24 12:0 a.m.830 views

Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation

!/usr/bin/env python3 """ Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability CVE: CVE-2021-24085 Summary This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and...

0.7AI score0.04627EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.138 views

Product Key Explorer 4.2.7 Denial Of Service

Exploit Title: Product Key Explorer 4.2.7 - 'multiple' Denial of Service PoC Exploit Author : Sinem Şahin Exploit Date: 2021-02-23 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Version: 4.2.7 Tested on: Windows 7 x64...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.200 views

Apache Flink JAR Upload Java Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink JAR Upload Java Code Execution', 'Description' = %q This module uses job functionality in Apache Flink dashboard web interface to...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.233 views

Backdoor.Win32.Agent.xs Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c51a5ba17ffd317ad08541e20131ef3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.xs Vulnerability: Insecure Permissions Description: The malware creates a hidde...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.278 views

Monica 2.19.1 Cross Site Scripting

Exploit Title: Monica 2.19.1 - 'lastname' Stored XSS Date: 22-02-2021 Exploit Author: BouSalman Vendor Homepage: https://www.monicahq.com/ Software Link: https://github.com/monicahq/monica/releases Version: Monica 2.19.1 Tested on: Ubuntu 18.04 CVE : CVE-2021-27370 POST /people HTTP/1.1 Host:...

5.5AI score0.03271EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.816 views

HFS (HTTP File Server) 2.3.x Remote Code Execution

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

7.5CVSS9.5AI score0.99323EPSS
Exploits23
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.254 views

LogonExpert 8.1 Unquoted Service Path

Exploit Title: LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.logonexpert.com/LogonExpertSetup64.msi Tested Version: 8.1 Vulnerability Type: Unquoted...

Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.152 views

SpotAuditor 5.3.5 Denial Of Service

Exploit Title: SpotAuditor 5.3.5 - 'multiple' Denial Of Service PoC Exploit Author : Sinem Şahin Exploit Date: 2021-02-10 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on: Windows 7 x64 Version: 5.3.5 Steps: 1- R...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.311 views

eChat 1.0 SQL Injection

Exploit Title: eChat | Time-Based Blind SQL Injection Exploit Author: [email protected] Date: 2021-02-21 Vendor Homepage: https://www.sourcecodester.com/php/10498/echat-simple-chat-system-app-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/23 12:0 a.m.237 views

Batflat CMS 1.3.6 Cross Site Scripting

Exploit Title: Batflat CMS 1.3.6 - 'multiple' Stored XSS Date: 22/02/2021 Exploit Author: Tadjmen Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Version: 1.3.6 Tested on: Xammpp on Windows, Firefox Newest CVE : N/A Multiple Stored XSS...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.333 views

Backdoor.Win32.Inject.tyq Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/833868d3092bea833839a6b8ec196046.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Inject.tyq Vulnerability: Insecure Permissions Description: The backdoor creates an d...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.391 views

Backdoor.Win32.DarkKomet.irv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.irv Vulnerability: Insecure Permissions Description: DarkKomet.irv creates ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.366 views

Trojan.Win32.Pluder.o Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee22eea131c0e00162e4ba370f396a00.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Pluder.o Vulnerability: Insecure Permissions Description: Creates an insecure dir named...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.346 views

Trojan.Win32.Pincav.cmfl Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Pincav.cmfl Vulnerability: Insecure Permissions Description: The trojan creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/22 12:0 a.m.491 views

Backdoor.Win32.Ketch.h Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.h Vulnerability: Remote Stack Buffer Overflow SEH Description: Ketch makes HTTP...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/21 12:0 a.m.305 views

Trojan-Proxy.Win32.Daemonize.i Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/61bec9f22a5955e076e0d5ddf6232f3f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Daemonize.i Vulnerability: Remote Denial of Service Description: Daemonize.i...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/20 12:0 a.m.378 views

Apache MyFaces 2.x Cross Site Request Forgery

Ceritude Securiy Advisory - CSA-2021-001 PRODUCT : Apache MyFaces VENDOR : The Apache Software Foundation SEVERITY : High AFFECTED VERSION : =2.2.13, =2.3.7, =2.3-next-M4, =2.1 branches IDENTIFIERS : CVE-2021-26296 PATCH VERSION : 2.2.14, 2.3.8, 2.3-next-M5, 3.0.0 FOUND BY : Wolfgang Ettlinger,...

0.7AI score0.03026EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.375 views

Backdoor.Win32.DarkKomet.apcc Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.apcc Vulnerability: Insecure Permissions Description: DarkKomet.apcc create...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.249 views

dataSIMS Avionics ARINC 664-1 4.5.3 Buffer Overflow

Exploit Title: dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow PoC Exploit Author: Kagan Capar Date: 2020-02-17 Vendor Homepage: https://www.ddc-web.com/ Software Link: https://www.ddc-web.com/en/connectivity/databus/milstd1553-1/software-1/bu-69414?partNumber=BU-69414 Version: 4.5.3 Tested...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.351 views

Beauty Parlour Management System 1.0 Cross Site Scripting

Exploit Title: Beauty Parlour Management System 1.0 - 'Add Services' Cross-Site Scripting Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.330 views

Backdoor.Win32.DarkKomet.bhfh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh create...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.614 views

Backdoor.Win32.Bionet.10 Anonymous Login

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bionet.10 Vulnerability: Anonymous Logon Description: The backdoor listens on TCP por...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.247 views

Online Exam System With Timer 1.0 SQL Injection

Exploit Title: Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass Date: 2021-02-18 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13877/online-exam-timer.html Tested On: Windows 10 Pro 10.0.18363 N...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.456 views

Beauty Parlour Management System 1.0 SQL Injection

Exploit Title: Beauty Parlour Management System 1.0 - 'Service Name' SQL Injection Google Dork: N/A Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.239 views

Comment System 1.0 Cross Site Scripting

Exploit Title: Comment System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-18 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14713/comment-system-phpmysqli-full-source-code.html Software: : Comment...

Exploits0
Packet Storm
Packet Storm
added 2021/02/19 12:0 a.m.682 views

OpenText Content Server 20.3 Cross Site Scripting

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.244 views

Apport 2.20 Privilege Escalation

Exploit Title: Apport 2.20 - Local Privilege Escalation Date: 18/02/21 Exploit Author: Gr33nh4t Vendor Homepage: https://ubuntu.com/ Version: Apport: Ubuntu 20.10 - Before 2.20.11-0ubuntu50.5 Apport: Ubuntu 20.04 - Before 2.20.11-0ubuntu27.16 Apport: Ubuntu 18.04 - Before 2.20.9-0ubuntu7.23 Appor...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.437 views

Gitea 1.12.5 Remote Code Execution

Exploit Title: Gitea 1.12.5 - Remote Code Execution Authenticated Date: 17 Feb 2020 Exploit Author: Podalirius PoC demonstration article: https://podalirius.net/articles/exploiting-cve-2020-14144-gitea-authenticated-remote-code-execution/ Vendor Homepage: https://gitea.io/ Software Link:...

6.5CVSS0.3AI score0.93691EPSS
Exploits12
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.394 views

Backdoor.Win32.Agent.aak Code Execution / Cross Site Request Forgery

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582aB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Cross Site Request Forgery CSRF - Code Execution Descriptio...

Exploits0
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.325 views

Backdoor.Win32.Agent.aak Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582aC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Remote Buffer Overflow Description: The HTTP backdoor serve...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.354 views

Backdoor.Win32.Agent.aak Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Weak Hardcoded Credentials Description: The HTTP backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.272 views

Batflat CMS 1.3.6 Remote Code Execution

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

7AI score0.06772EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/02/17 12:0 a.m.199 views

Faulty Evaluation System 1.0 Cross Site Scripting

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/17 12:0 a.m.645 views

Billing Management System 2.0 SQL Injection

Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.175 views

Online Internship Management System 1.0 SQL Injection

Exploit Title: Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass Date: 16-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.392 views

Backdoor.Win32.Burbul.b Anonymous Login

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3ee4cb2e06eb1f7fe54c89db903f3e7a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Burbul.b Vulnerability: Anonymous Logon Description: Backdoor Burbul.b listens on TCP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.163 views

Nsauditor 3.2.2.0 Denial Of Service

Exploit Title: Nsauditor 3.2.2.0 - 'Event Description' Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.2.0 Tested on: Windows 10 Home x64 STEPS Open the...

Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.267 views

Backdoor.Win32.Bifrose.ahvb Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/39e22b8b19f6aed59d2def00c4228d56.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.ahvb Vulnerability: Insecure Permissions Description: The backdoor creates an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.175 views

Managed Switch Port Mapping Tool 2.85.2 Denial Of Service

Exploit Title: Managed Switch Port Mapping Tool 2.85.2 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download.htm Version: 2.85.2 Tested on: Windows 10 Home x64 STEPS Open the program...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.178 views

AgataSoft PingMaster Pro 2.1 Denial Of Service

Exploit Title: AgataSoft PingMaster Pro 2.1 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: http://agatasoft.com/ Software Link: http://agatasoft.com/PingMasterPro.exe Version: 2.1 Tested on: Windows 10 Home x64 STEPS Open the program AgataSoft PingMaster Pro...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.314 views

Trojan-Spy.Win32.WinSpy.wlt Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/00e1c4a654756dd6c9c81437c01ee3dd.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.WinSpy.wlt Vulnerability: Insecure Permissions Description: WinSpy.wlt trojan drops...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.407 views

BlackCat CMS 1.3.6 Cross Site Scripting

Exploit Title: BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting XSS Date: 16-02-2021 Exploit Author: Kamaljeet Kumar - TATA Advanced Systems Limited Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Tested on...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.328 views

Backdoor.Win32.Azbreg.aant Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/dcc1855744f2d740745f096e4f031143.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Azbreg.aant Vulnerability: Insecure Permissions Description: Azbreg.aant backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.303 views

Backdoor.Win32.Cabrotor.21 Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/af7001c2d6284a1295638576bc138cb2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cabrotor.21 Vulnerability: Insecure Permissions Description: Cabrotor.21 backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.304 views

Backdoor.Win32.Indexer.a Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2b576e7551afe1c7575dc680396f1b5bB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Indexer.a Vulnerability: Remote Denial Of Service Description: Indexer.a runs an FTP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.284 views

Backdoor.Win32.Indexer.a Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2b576e7551afe1c7575dc680396f1b5b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Indexer.a Vulnerability: Hardcoded Weak Credentials Description: Indexer.a backdoor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/16 12:0 a.m.325 views

CASAP Automated Enrollment System 1.0 Cross Site Scripting

Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Author: nu11secur1ty Date: 02.15.2021 Vendor: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Athor: https://www.sourcecodester.com/users/yna-ecole Link:...

3.5CVSS0.1AI score0.02826EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.403 views

Micro Focus Operations Bridge Manager Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Manager Local Privilege Escalation', 'Description' = %q This module exploits an incorrectly permissioned folder in...

4.6CVSS0.6AI score0.02687EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.584 views

Backdoor.Win32.Cafeini.08.b Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8225bb6b430d5cdf523c4d0cabbe5793.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.08.b Vulnerability: Missing Authentication Description: The backdoor is writt...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.183 views

Klog Server 2.4.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server authenticate.php user Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injectio...

10CVSS0.1AI score0.87987EPSS
Exploits8
Total number of security vulnerabilities50786