Packetstorm - Page 181 of Packetstorm Vulnerabilities List | Vulners.com

PacketstormRecent

Recent Most viewed

50637 matches found

Packet Storm•added 2021/01/22 12:0 a.m.•123 views

Selea Targa IP OCR-ANPR Camera Server-Side Request Forgery

Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD201106163745 BLD2003041709...

Packet Storm•added 2021/01/22 12:0 a.m.•145 views

CASAP Automated Enrollment System 1.0 Authentication Bypass

Exploit Title: CASAP Automated Enrollment System 1.0 - Authentication Bypass Exploit Author: Himanshu Shukla Date: 2021-01-21 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...

Packet Storm•added 2021/01/22 12:0 a.m.•145 views

ERPNext 12.14.0 SQL Injection

Exploit Title: ERPNext 12.14.0 - SQL Injection Authenticated Date: 21-01-21 Exploit Author: Hodorsec Vendor Homepage: http://erpnext.org Software Link: https://erpnext.org/download Version: 12.14.0 Tested on: Ubuntu 18.04 !/usr/bin/python3 AUTHENTICATED SQL INJECTION VULNERABILITY In short: Found...

Packet Storm•added 2021/01/22 12:0 a.m.•248 views

Selea Targa IP OCR-ANPR Camera Remote Code Execution

!/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214...

Packet Storm•added 2021/01/22 12:0 a.m.•225 views

Selea CarPlateServer 4.0.1.6 Remote Program Execution

Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...

Packet Storm•added 2021/01/22 12:0 a.m.•138 views

Selea Targa IP OCR-ANPR Camera Stream Disclosure

Selea Targa IP OCR-ANPR Camera Unauthenticated RTP/RTSP/M-JPEG Stream Disclosure Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214...

Packet Storm•added 2021/01/22 12:0 a.m.•549 views

Atlassian Confluence 6.12.1 Template Injection

Exploit Title: Atlassian Confluence Widget Connector Macro - SSTI Date: 21-Jan-2021 Exploit Author: 46o60 Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-6.12.1-x64.bin Version...

10CVSS9.8AI score0.94471EPSS

Packet Storm•added 2021/01/22 12:0 a.m.•230 views

Backdoor.Win32.Hupigon.adef Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c8f55ce7bbec784a97d7bfc6d7b1931f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.adef Vulnerability: Remote Stack Buffer Overflow Description: Backdoor Hupigo...

Packet Storm•added 2021/01/21 12:0 a.m.•309 views

Backdoor.Win32.WinShell.30 Remote Stack Buffer Overflow / Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/56a2b135c8d35561ea5b04694155eb77.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.30 Vulnerability: Remote Stack Buffer Overflow / Missing Authentication...

Packet Storm•added 2021/01/21 12:0 a.m.•148 views

Simple JobBoard Authenticated File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Simple JobBoard Authenticated File Read Vulnerability', 'Description' = %q This module exploits an authenticated directory traversal vulnerabilit...

7.6AI score0.77927EPSS

Packet Storm•added 2021/01/21 12:0 a.m.•243 views

Backdoor.Win32.Verify.f Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/119cd00c48678d63ec07762a7ff08ac7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Verify.f Vulnerability: Missing Authentication Description: Backdoor.Win32.Verify by...

Packet Storm•added 2021/01/21 12:0 a.m.•249 views

Nagios XI 5.7.5 Cross Site Scripting

Exploit Title: Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting Date: 1-20-2021 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

Packet Storm•added 2021/01/21 12:0 a.m.•400 views

Online Documents Sharing Platform 1.0 SQL Injection

Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection Date: 21.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://www.sourcecodester.com/php/14653/online-documents-sharing-platform-php-full-source-code.html Software Link:...

Packet Storm•added 2021/01/21 12:0 a.m.•223 views

Backdoor.Win32.Xel Remote Authentication Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3648c68bfe395fb9980ae547d881572c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xel Vulnerability: Remote Authentication Buffer Overflow Description: Xel listens on...

Packet Storm•added 2021/01/21 12:0 a.m.•144 views

Anchor CMS 0.12.7 Cross Site Request Forgery

Exploit Title: Anchor CMS 0.12.7 - CSRF Delete user Exploit Author: Ninad Mishra Vendor Homepage: https://anchorcms.com/ Software Link: https://anchorcms.com/download Version: 0.12.7 CVE : CVE-2020-23342 PoC the cms uses get method to perform sensitive actions hence users can be deleted via...

0.7AI score0.09213EPSS

Packet Storm•added 2021/01/21 12:0 a.m.•298 views

Apartment Visitors Management System 1.0 SQL Injection

Exploit Title: Apartment Visitors Management System 1.0 - 'email' SQL Injection Date: 20.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...

Packet Storm•added 2021/01/20 12:0 a.m.•174 views

Backdoor.Win32.Onalf Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ba815d409cd714c0eac010b5970f6408.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Onalf Vulnerability: Missing Authentication Description: WinRemoteShell Onalf listens...

Packet Storm•added 2021/01/20 12:0 a.m.•166 views

Backdoor.Win32.Whirlpool.10 Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bf0682b674ef23cf8ba0deeaf546f422.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Whirlpool.10 Vulnerability: Remote Stack Buffer Overflow Description: Whirlpool liste...

Packet Storm•added 2021/01/20 12:0 a.m.•198 views

Backdoor.Win32.Whisper.b Remote Stack Corruption

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0edb91f62c8c083ec35b32a922168d1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Whisper.b Vulnerability: Remote Stack Corruption Description: Whisper.b listens on TC...

Packet Storm•added 2021/01/20 12:0 a.m.•198 views

Backdoor.Win32.Zombam.geq Remote Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fd14cc7f025f49a3e08b4169d44a774e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.geq Vulnerability: Remote Buffer Overflow Description: Zombam.geq listens for...

Packet Storm•added 2021/01/20 12:0 a.m.•128 views

Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

Exploit Title: Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS Exploit Author: omurugur Vendor Homepage: https://www.oracle.com/security-alerts/cpujan2021.html Version: 11.1.1.7.140715 Author Web: https://www.justsecnow.com Author Social: @omurugurrr Stored XSS:...

Packet Storm•added 2021/01/20 12:0 a.m.•145 views

Church Rota 2.6.4 Shell Upload

import requests from pwn import listen CVE-2021-3164 Church Rota version 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file. The application is written primarily with PHP so we use PHP ...

8.9AI score0.20779EPSS

Packet Storm•added 2021/01/20 12:0 a.m.•205 views

Voting System 1.0 Shell Upload

Exploit Title: Voting System 1.0 - File Upload RCE Authenticated Remote Code Execution Date: 19/01/2021 Exploit Author: Richard Jones Vendor Homepage:https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

Packet Storm•added 2021/01/20 12:0 a.m.•182 views

Backdoor.Win32.Zxman Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6b2a9304d1c7a63365db0f9fd12d39b0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zxman Vulnerability: Missing Authentication Description: Backdoor.Win32.Zxman by Zx-m...

Packet Storm•added 2021/01/19 12:0 a.m.•172 views

Newfuture Trojan V.1.0 BETA 1 Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4f9376824718ff23a6238c877f73ff73.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Newfuture Trojan V.1.0 BETA 1 Vulnerability: Insecure Permissions Description: Newfuture by Wider is...

Packet Storm•added 2021/01/19 12:0 a.m.•176 views

Constructor.Win32.SMWG.c Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/47e819a6ce3d5e93819f4842cfbe23d6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.SMWG.c Vulnerability: Insecure Permissions Description: Description: SMWG - P2P...

Packet Storm•added 2021/01/19 12:0 a.m.•164 views

Constructor.Win32.SMWG.a Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/07cd532823d6ab05d6e5e3a56f7afbfd.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.SMWG.a Vulnerability: Insecure Permissions Description: Win32.SMWG VBS.sucke.gen...

Packet Storm•added 2021/01/19 12:0 a.m.•169 views

osTicket 1.14.2 Server-Side Request Forgery

Exploit Title: osTicket 1.14.2 - SSRF Date: 18-01-2021 Exploit Author: Talat Mehmood Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Version: 4. After submitting this comment, print this ticket. 5. You'll receive a hit on your malicious website from the intern...

7.5CVSS0.5AI score0.91343EPSS

Packet Storm•added 2021/01/19 12:0 a.m.•210 views

Email-Worm.Win32.Agent.gi Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/74e65773735f977185f6a09f1472ea46.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Agent.gi Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Description:...

Packet Storm•added 2021/01/19 12:0 a.m.•161 views

Backdoor.Win32.NetBull.11.a Remote Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/80e98fdf726a3e727f3414bdbf2e86bb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetBull.11.a Vulnerability: Remote Buffer Overflow Description: Netbull listens on bo...

Packet Storm•added 2021/01/18 12:0 a.m.•224 views

Inteno IOPSYS 3.16.4 Root Filesystem Access

Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...

9CVSS0.3AI score0.19814EPSS

Packet Storm•added 2021/01/18 12:0 a.m.•168 views

Cisco UCS Manager 2.2(1d) Remote Command Execution

import sys, ssl, os, time import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning Exploit Title : Cisco UCS Manager - 2.21d - Remote Command Execution Description : An unspecified CGI script in Cisco...

10CVSS9.7AI score0.16005EPSS

Packet Storm•added 2021/01/18 12:0 a.m.•194 views

Microsoft Spooler Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/powershell' class MetasploitModule 'Microsoft Spooler Local Privilege Elevation Vulnerability', 'Description' = %q This exploit leverages ...

7.2CVSS0.4AI score0.55313EPSS

Packet Storm•added 2021/01/18 12:0 a.m.•138 views

Life Insurance Management System 1.0 SQL Injection

Exploit Title: Life Insurance Management System 1.0 - 'clientid' SQL Injection Date: 15/1/2021 Exploit Author: Aitor Herrero Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14665/life-insurance-management-system-php-full-source-code.html Version:...

Packet Storm•added 2021/01/18 12:0 a.m.•167 views

Backdoor.Win32.Whgrx Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb6fd418cd3b52132ffb029b52839edf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Whgrx Vulnerability: Remote Host Header Stack Buffer Overflow Description: The specim...

Packet Storm•added 2021/01/18 12:0 a.m.•177 views

Life Insurance Management System 1.0 Shell Upload

Exploit Title: Life Insurance Management System 1.0 - File Upload RCE Authenticated Date: 15/1/2021 Exploit Author: Aitor Herrero Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14665/life-insurance-management-system-php-full-source-code.html...

Packet Storm•added 2021/01/18 12:0 a.m.•201 views

Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1e42493dcef54a62bc28e0a1338c1142.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mnets Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Proto Description: T...

Packet Storm•added 2021/01/18 12:0 a.m.•201 views

Backdoor.Win32.Nucleroot.t MaskPE 1.6 Local Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 20211 Original source: https://malvuln.com/advisory/170d3ccf9f036c552aef6690bf419b2e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nucleroot.t - MaskPE 1.6 Vulnerability: File Based Buffer Overflow Description:...

Packet Storm•added 2021/01/18 12:0 a.m.•187 views

Backdoor.Win32.Latinus.b Remote Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9adffcc98cd658a7f9c5419480013f72.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Latinus.b Vulnerability: Remote Buffer Overflow Description: Malware listens on both...

Packet Storm•added 2021/01/17 12:0 a.m.•169 views

Backdoor.Win32.Nucleroot.bi MaskPE 2.0 Local Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/25e0570cc803cd77abc2268b41237937.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nucleroot.bi - MaskPE 2.0 Vulnerability: File Based Buffer Overflow Description: Mask...

Packet Storm•added 2021/01/17 12:0 a.m.•170 views

Xwiki CMS 12.10.2 Cross Site Scripting

Exploit Title: Xwiki CMS 12.10.2 - Cross Site Scripting XSS Date: 17-01-2021 Exploit Author: Karan Keswani Vendor Homepage: https://www.xwiki.org/xwiki/bin/view/Main/WebHome Software Link: https://www.xwiki.org/xwiki/bin/view/Download/ Version: Xwiki CMS- 12.10.2 Tested on: Windows 10 Description...

Packet Storm•added 2021/01/16 12:0 a.m.•178 views

ZynOS rom-0 Flaw Scanner

!/usr/bin/perl ZynOS rom-0 Flaw Scanner Copyright 2021 c Todor Donev https://donev.eu/ $ perl zynosscanner ZynOS rom-0 Flaw Scanner zynosscanner --targets= --threads=10 --redirects=7 --help --targets | Specify the list with addresses that you want to scan. --dump | Dump rom-0 file for each target...

Packet Storm•added 2021/01/15 12:0 a.m.•506 views

EyesOfNetwork 5.3 Remote Code Execution

Exploit Title: EyesOfNetwork 5.3 - File Upload Remote Code Execution Date: 10/01/2021 Exploit Author: Ariane.Blow Vendor Homepage: https://www.eyesofnetwork.com/en Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3-10 12/9/2020-lastest !/bin/bash /!\ You...

Packet Storm•added 2021/01/15 12:0 a.m.•275 views

Online Hotel Reservation System 1.0 Cross Site Scripting

Exploit Title: Online Hotel Reservation System 1.0 - Stored Cross-site Scripting Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

Packet Storm•added 2021/01/15 12:0 a.m.•138 views

Alumni Management System 1.0 Cross Site Scripting

Exploit Title: Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS Exploit Author: Siva Rajendran Date: 2020-12-31 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

Packet Storm•added 2021/01/15 12:0 a.m.•336 views

Online Hotel Reservation System 1.0 Cross Site Request Forgery

Exploit Title: Online Hotel Reservation System 1.0 - Cross-site request forgery CSRF Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

Packet Storm•added 2021/01/15 12:0 a.m.•324 views

Backdoor.Win32.Ncx.bt Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/ad5c01b3e6d0254adfe0898c6d16f927.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ncx.bt Vulnerability: Remote Stack Buffer Overflow Description: The malware listens o...

Packet Storm•added 2021/01/15 12:0 a.m.•271 views

Netsia SEBA+ 0.16.1 Authentcation Bypass / Add Root User

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netsia SEBA+ %q This module exploits an authentication bypass in Netsia SEBA+, triggered by add new root/admin user. HTTP requests made to the...

Packet Storm•added 2021/01/15 12:0 a.m.•244 views

WordPress Easy Contact Form 1.1.7 Cross Site Scripting

Exploit Title: WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting XSS Date: 14/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://ghozylab.com/plugins/ Software Link: https://demo.ghozylab.com/plugins/easy-contact-form-plugin/ Version: 1.1.7 Tested on...

Packet Storm•added 2021/01/15 12:0 a.m.•199 views

E-Learning System 1.0 SQL Injection / Shell Upload

Exploit Title: E-Learning System 1.0 - Authentication Bypass & RCE Exploit Author: Himanshu Shukla & Saurav Shukla Date: 2021-01-15 Vendor Homepage: https://www.sourcecodester.com/php/12808/e-learning-system-using-phpmysqli.html Software Link:...

Total number of security vulnerabilities50637