Lucene search
K
PacketstormRecent

50786 matches found

Packet Storm
Packet Storm
added 2020/11/18 12:0 a.m.585 views

WordPress Fancy Product Designer For WooCommerce Cross Site Scripting

About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce is a WordPress plugin which allows users to design custom products in a vendor's WooCommerce store. It is sold through the third-party marketplace "Envato Market" and boasts over 15,000 sales. Stored XSS via SVG...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/18 12:0 a.m.565 views

WordPress WP Forms 1.6.3.1 Cross SIte Scripting

Exploit Title : Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting Authenticated Exploit Author : ZwX Exploit Date : 2020-10-23 Vendor Homepage : https://wpforms.com/ Download Plugin : https://downloads.wordpress.org/plugin/wpforms-lite.1.6.3.1.zip + Description Vulnerability:...

Exploits0
Packet Storm
Packet Storm
added 2020/11/18 12:0 a.m.1087 views

WordPress Fancy Product Designer For WooCommerce 4.5.1 File Upload

About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce is a WordPress plugin which allows users to design custom products in a vendor's WooCommerce store. It is sold through the third-party marketplace "Envato Market" and boasts over 15,000 sales. Unrestricted File...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/18 12:0 a.m.631 views

Avaya Web License Manager XML Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Blind Out-Of-Band XML External Entity Injection Authenticated product: Avaya Web License Manager vulnerable version: 6.x, 7.0 through 7.1.3.6, 8.0 through 8.1.2.0.0 fixed...

0.03501EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.719 views

Aerospike Database 5.1.0.3 Remote Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

10CVSS0.3AI score0.86749EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.653 views

Apache Struts 2.5.20 Double OGNL Evaluation

Exploit Title: Apache Struts 2.5.20 - Double OGNL evaluation Date: 08/18/2020 Exploit Author: West Shepherd Vendor Homepage: https://struts.apache.org/download.cgi Version: Struts 2.0.0 - Struts 2.5.20 S2-059 CVE : CVE-2019-0230 Credit goes to reporters Matthias Kaiser, Apple InformationSecurity,...

7.5CVSS0.97399EPSS
Exploits15
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.608 views

Social Networking Site SQL Injection

Exploit Title: Social Networking Site - Authentication Bypass SQli Date: 2020-11-17 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.585 views

Online Doctor Appointment Booking System PHP And MySQL 1.0 SQL Injection

Exploit Title: Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection Google Dork: N/A Date: 11/16/2020 Exploit Author: Ramil Mustafayev Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-doctor-appointment-booking-system-php-and-mysql/ Software...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.591 views

Online News Portal Local File Inclusion

Exploit Title: Online News Portal - Local File Inclusion Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.635 views

EgavilanMedia User Registration And Login System With Admin Panel SQL Injection

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass Date: 17-11-2020 Exploit Author: Kislay Kumar Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/user-registration-and-login-system-with-admin-pane=l/ Version:...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.636 views

Medical Center Portal Management System SQL Injection

Exploit Title: Medical Center Portal Management System - SQL Injections Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.609 views

Grocy Household Management Solution 2.7.1 Cross Site Scripting

Exploit Author: Simran Sankhala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 CVE ID Alloted : CVE-2020-25454 Proof Of Concept: grocy household management solution v2.7.1, allows stored XSS , via Add recipe module, th...

5.6AI score0.00731EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.691 views

Huawei LCD_Service 1.0.1.0 Unquoted Service Path

Exploit Title: Huawei LCDService 1.0.1.0 - 'LCDService' Unquote Service Path Date: 2020-11-07 Exploit Author: Gerardo González Vendor Homepage: https://consumer.huawei.com/mx Software Link: https://consumer.huawei.com/mx Version: 1.0.1.0 Tested on: Windows 10 Home Single Language x64 Esp Step to...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.717 views

Car Rental Management System 1.0 Shell Upload

Exploit Title: Car Rental Management System 1.0 - Remote Code Execution Authenticated Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.1296 views

Fuel CMS 1.4 Remote Code Execution

!/usr/bin/env ruby Title: Fuel CMS 1.4 - Remote Code Execution Exploit Author: Alexandre ZANNI Date: 2020-11-14 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: FILE -h | --help Options: Root URL base path including...

7.5CVSS9.6AI score0.82937EPSS
Exploits17
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.753 views

Super Store Finder 3.3 Cross Site Scripting

Exploit type : XSS INJECTION Exploit title : Super Store Finder Add location XSS Injection Descriptions : XSS injection from adding store and reflected XSS in SQL error login page PHP Script affected : Super Store Finder | Mega Locator Plugin URI : http://www.superstorefinder.net/ Version : 3.3 a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.764 views

Car Rental Management System 1.0 SQL Injection

Exploit Title: Car Rental Management System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.762 views

Kaa IoT Platform 1.2.0 Cross Site Scripting

Exploit Title: Kaa IoT Platform 1.2.0 Cross Site Scripting XSS Vulnerability Date: 2020-10-01 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.kaaproject.org/ Software Link: https://cloud.kaaiot.com/ Version: 1.2.0 Tested on: Kali Linux 2020.3 CVE: CVE-2020-26701 Proof Of Concept:...

5.6AI score0.00903EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.794 views

RED-V Super Digital Signage System RXV-A740R Log Information Disclosure

RED-V Super Digital Signage System RXV-A740R Log Information Disclosure Vendor: RED-V S.R.L. Product web page: https://www.red-v.tv https://red-v.tv/digital-signage.html Affected version: Model name: RXV-A740R Android version: 5.1.1 Firmware version: 026 Player version: 7.8.6 Downloader version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.776 views

Froxlor 0.10.16 Cross Site Scripting

Document Title: =============== Froxlor v0.10.16 CP - Customer Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2241 Release Date: ============= 2020-11-12 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.723 views

SugarCRM 6.5.18 Cross Site Scripting

Document Title: =============== SugarCRM v6.5.18 - Employees Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2257 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.943 views

SIGE 3.4.1 / 3.5.3 Pro Cross Site Scripting / Remote File Inclusion

Document Title: =============== SIGE Joomla 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2265 Release Date: ============= 2020-11-11 Vulnerability Laboratory ID VL-ID: ====================================...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.1054 views

Artworks Gallery 1.0 Shell Upload

Artworks Gallery - Arbitrary File Upload - RCE Authenticated - Edit Profile Exploit Title: Artworks Gallery - Arbitrary File Upload - RCE Authenticated - Edit Profile Date: November 17th, 2020 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: Source Code & Projects...

0.1AI score0.11894EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.983 views

PMB 5.6 Local File Disclosure / Directory Traversal

Exploit Title: PMB 5.6 - 'chemin' Local File Disclosure Date: 2020-10-13 Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 Tested on: Ubuntu 18.04.1 The PMB G...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.632 views

Water Billing System 1.0 SQL Injection

Exploit Title: Water Billing System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor: https://www.sourcecodester.com/php/14560/water-billing-system-phpmysqli-full-source-code.html Version: 1.0 Tested on: Apache2 an...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.848 views

Cisco 7937G Denial Of Service / Privilege Escalation

Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.850 views

WordPress Buddypress 6.2.0 Cross Site Scripting

Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2263 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID: ===================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.802 views

SugarCRM 6.5.18 Cross Site Scripting

Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent Cross Site Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2249 Release Date: ============= 2020-11-16 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.740 views

Taskcafe 0.1.0 / 0.1.1 Cross Origin Resource Sharing

Exploit Title: Taskcafé 0.1.0 and 0.1.1- Cross-Origin Resource Sharing Date: 2020- 09- 02 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://github.com/JordanKnott/ Software Link: https://github.com/JordanKnott/taskcafe Version: 0.1.0 and 0.1.1 Tested on: Kali Linux 2020.3 POC: The web...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/16 12:0 a.m.764 views

MailDepot 2033 2.3.3022 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2020-037 Product: MailDepot Manufacturer: REDDOXX GmbH Affected Versions: 2033 2.3.3022 Tested Versions: 2033 2.3.3022 Vulnerability Type: Persistent Cross-site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer...

6.4AI score0.01032EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/15 12:0 a.m.493 views

KiteService 1.2020.1113.1 Unquoted Service Path

Exploit Title: KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path Discovery by: IRVIN GIL Discovery Date: 2020-11-14 Vendor Homepage: https://www.kite.com/ Tested Version: 1.2020.1113.1 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 x64 es Step to discover...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/14 12:0 a.m.540 views

Pandora FMS 7.0 NG 749 SQL Injection

Exploit Title: Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection Authenticated Date: 11-14-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/1258a1a63535f60924fb69b1f7812c678570cc8e Software Link:...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.205 views

Advanced System Care Service 13 Unquoted Service Path

Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/es/advancedsystemcarepro.php Version : 13.0.0.157 Tested on: Windows 10 64bitEN CVE : N/A ...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.182 views

Atheros Coex Service Application 8.0.0.255 Unquoted Service Path

Exploit Title: Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path Exploit Author : Isabel Lopez Exploit Date: 2020-11-13 Vendor Homepage : https://www.file.net/process/athcoexagent.exe.html Link Software :...

Exploits0
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.525 views

HorizontCMS 1.0.0-beta Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HorizontCMS Arbitrary PHP File Upload', 'Description' = %q This module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta ...

6.5CVSS0.2AI score0.18461EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.540 views

ASUS TM-AC1900 Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...

10CVSS0.2AI score0.03613EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.507 views

Anuko Time Tracker 1.19.23.5311 Missing Rate Limiting

Exploit Title: Anuko Time Tracker 1.19.23.5311 No rate Limit on Password Reset functionality Date: 2020-10-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5311 Patched Version: 1.19.23.5325...

0.1AI score0.06362EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.629 views

ReadyTalk Avian JVM FileOutputStream.write() Integer Overflow

Vulnerability title: Avian JVM FileOutputStream.write Integer Overflow Author: Pietro Oliva Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 before 27th October 2020 Fixed Version: 1.2.0 since 27th October 2020 Description: The issue is located in the FileOutputStream.write method...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.1144 views

Citrix ADC NetScaler Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler - Local File Inclusion Metasploit', 'Description' = % The remote device is affected by multiple vulnerabilities. An...

5CVSS0.4AI score0.88411EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.520 views

Anuko Time Tracker 1.19.23.5311 Password Reset

Exploit Title: Anuko Time Tracker 1.19.23.5311 Password Reset Vulnerability leading to Account Takeover Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version Tested: 1.19.23.5311 Patched...

0.07764EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/13 12:0 a.m.830 views

Bludit Panel Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bludit Panel Brute force', 'Description' = %q This Module performs brute force attack on Bludit Panel. , 'Author' = 'Eren Simsek ', 'License' =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/12 12:0 a.m.153 views

Logitech Solar Keyboard Service Unquoted Service Path

Title: Logitech Solar Keyboard Service - 'L4301Solar' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.logitech.com/es-mx Software Link: https://support.logi.com/hc/en-us/articles/360024692874--Downloads-Wireless-Solar-Keyboard-K750 Version : 1.10.3.0 Teste...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/12 12:0 a.m.671 views

Water Billing System 1.0 SQL Injection

Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/12 12:0 a.m.782 views

WordPress Good LMS 2.1.4 SQL Injection

Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/12 12:0 a.m.975 views

SaltStack Salt REST API Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt REST API Arbitrary Command Execution', 'Description' = %q This module exploits an authentication bypass and command injection in...

0.7AI score0.99585EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/11/11 12:0 a.m.516 views

Customer Support System 1.0 Cross Site Request Forgery

Exploit Title: Customer Support System 1.0 - Cross-Site Request Forgery Admin Account Takeover Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/11 12:0 a.m.442 views

Customer Support System 1.0 Cross Site Scripting

Exploit Title: Customer Support System 1.0 - Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/11 12:0 a.m.360 views

CMSUno 1.6.2 Remote Code Execution

Exploit Title: CMSUno 1.6.2 - 'user' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.09.30 Exploit Author: Fatih Çelik Vendor Homepage: https://github.com/boiteasite/cmsuno/ Software Link: https://github.com/boiteasite/cmsuno/ Blog:...

Exploits0
Packet Storm
Packet Storm
added 2020/11/11 12:0 a.m.523 views

Joomla SIGE 3.4.1-FREE / 3.5.3-PRO RFI / Cross Site Scripting

Title: SIGE - Simple Image Gallery Extended joomla extension 3.4.1-FREE / 3.5.3-PRO - Multi Vulnerability Remote File Inclusion RFI & Cross Site Scripting XSS date: 2020-11-11 Vendor Homepage: https://kubik-rubik.de/ Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended Softwar...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/11 12:0 a.m.956 views

Microsoft Windows Local Spooler Bypass

Windows: Local Spooler CVE-2020-1337 Bypass One way of exploiting this on Windows 10 2004 is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\windows. If you se...

7.2CVSS9AI score0.14179EPSS
Exploits10
Total number of security vulnerabilities50786