Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.270 views

📄 macOS 10.12.2 XNU Kernel Privilege Escalation

This proof of concept targets a race‑condition vulnerability in the XNU kernel affecting macOS/iOS. By forcing a use‑after‑free condition on kernel ports, the exploit manipulates freed memory through a controlled spray, allowing a user‑controlled replacement object. Successful exploitation yields...

9.3CVSS8.5AI score0.0676EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.237 views

📄 Litespeed Cache 6.4.0.1 Privilege Escalation

WordPress Litespeed Cache plugin version 6.4.0.1 allows attackers to brute-force authentication hashes and create administrative users without any initial credentials...

9.8CVSS7.3AI score0.67925EPSS
Exploits8
Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.178 views

📄 LINQPad 5.48.00 Insecure Deserialization

LINQPad versions up to 5.48.00 contain an insecure deserialization vulnerability in the paid version of the software that allows attackers to achieve persistent remote code execution by manipulating cache files containing serialized .NET objects. The vulnerability exists in the AutoRefCache...

8.6AI score0.00488EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.240 views

📄 MagnusBilling 6 Server-Side Request Forgery / Path Traversal

Proof of concept exploit for MagnusBilling 6 vulnerabilities including server-side request forgery, path traversal, and cryptographic weaknesses. ============================================================================================================================================= | Title :...

9.8CVSS9.6AI score0.9425EPSS
Exploits15
Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.166 views

📄 HP ProCurve SNAC Domain Controller Shell Upload

This proof of concept exploits a PHP code injection vulnerability in the HP ProCurve SNAC Domain Controller. ============================================================================================================================================= | Title : HP ProCurve SNAC Domain Controller P...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.157 views

📄 Textpattern 4.9.0 Cross Site Scripting

Textpattern CMS version 4.9.0 contains a persistent cross site scripting vulnerability in the administrative interface. The vulnerability allows authenticated attackers with administrative privileges to inject malicious JavaScript payloads into site preferences under the Site URL field, which is...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.147 views

📄 Institute Admission Software 2.5 SQL Injection

Institute Admission Software version 2.5 suffers from a remote SQL injection vulnerability. ============================================================================================================================================= | Title : Institute Admission Software 2.5 SQL INjection...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.151 views

📄 Backdoor.Win32.Poison.jh MVID-2025-0704 Insecure Permissions

Backdoor.Win32.Poison.jh malware creates the directory 28463 under C:\Windows\SysWOW64, granting Full F permissions to the Everyone user group. This allows any local user to modify or replace any dropped files, enabling trivial malware disruption or execution hijacking. This reflects poor...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.149 views

📄 HP ProCurve 4.00 Credential Disclosure

Proof of concept code that performs a credential dumping attack against vulnerable HP ProCurve SNAC systems. ============================================================================================================================================= | Title : HP ProCurve 4.00 Credential Dumping...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.182 views

📄 Backdoor.Win32.Netbus.170 MVID-2025-0703 Insecure Credential Storage

Backdoor.Win32.Netbus.170 malware listens on TCP ports 12632 and 12631. The backdoor server password "ecoli" is stored in cleartext in an .INI textfile, stored under "C:\Windows" having the same name as the malware. Third party attackers who have knowledge of the password can login and issue...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.201 views

📄 PKP-WAL 3.5.0-3 X-Forwarded-Host LESS Code Injection

PKP-WAL versions 3.5.0-3 and below suffer from a LESS X-Forwarded-Host related code injection vulnerability. ----------------------------------------------------------------------- PKP-WAL getBaseUrl method, can be manipulated by unauthenticated attackers through the X-Forwarded-Host HTTP header,...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.164 views

📄 GALAYOU G2 IP Camera Authentication Bypass

A critical authentication bypass vulnerability exists in the RTSP service of the GALAYOU G2 IP camera. The device exposes multiple RTSP stream endpoints that can be accessed without valid credentials, even when authentication is enabled...

7.1CVSS7AI score0.00636EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.252 views

📄 Open Journal Systems 3.5.0-1 Path Traversal

Open Journal Systems versions 3.5.0-1 and below suffer from a path traversal vulnerability in NativeXmlIssueGalleyFilter.php. --------------------------------------------------------------------------------------------- Open Journal Systems issuegalleys - issuegalley - issuefile - filename tag of...

7AI score
Exploits1
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.229 views

📄 PKP-WAL 3.5.0-1 SQL Injection

PKP-WAL versions 3.5.0-1 and below suffer from a remote SQL injection vulnerability in the Institution Collector. ---------------------------------------------------------------------- PKP-WAL = 3.5.0-1 Institution Collector SQL Injection Vulnerability...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.416 views

📄 Crafty Controller 4.6.1 Remote Code Execution / Server-Side Template Injection

Crafty Controller version 4.6.1 allows authenticated remote attackers to execute arbitrary system commands on the target server through server-side template injection the webhook configuration feature...

9.9CVSS7.8AI score0.05995EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.157 views

📄 PKP-WAL 3.5.0-1 Cross Site Request Forgery

PKP-WAL versions 3.5.0-1 and below suffer from a cross site request forgery vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 Login Cross-Site Request Forgery Vulnerability ----------------------------------------------------------------- - Softwar...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.191 views

📄 PKP-WAL 3.5.0-1 baseColour LESS Code Injection

PKP-WAL versions 3.5.0-1 and below suffer from a LESS baseColour related code injection vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 baseColour LESS Code Injection Vulnerability -----------------------------------------------------------------...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.1234 views

📄 Apache mod_ssl TLS 1.3 Client Certificate Authentication Bypass

Apache modssl TLS 1.3 client certificate authentication bypass proof of concept exploit. ============================================================================================================================================= | Title : Apache modssl TLS 1.3 Client Certificate Authentication...

9.1CVSS8.2AI score0.0097EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.147 views

📄 Adobe DNG SDK 1.5 Remote Delivery Integer Overflow

This exploit demonstrates practical real-world exploitation scenarios of the Adobe DNG SDK integer overflow vulnerability CVE-2025-64783 through third-party applications and network-based delivery mechanisms. Version 1.5 is affected...

7.8CVSS6.9AI score0.00172EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.159 views

📄 Adobe DNG SDK 1.5 DNG File Integer Overflow

A critical integer overflow vulnerability exists in Adobe DNG SDK version 1.5 during the parsing of crafted DNG files. The flaw occurs in the handling of OpcodeList processing, specifically within the ScalePerColumn opcode, where insufficient validation of signed and unsigned integer values leads...

7.8CVSS6.9AI score0.00172EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.160 views

📄 Adobe DNG SDK Missing Validation Out-Of-Bounds Read

An out of bounds read vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 due to improper handling of raw images containing exactly two color planes fSrcPlanes = 2. The flaw occurs during image rendering when the SDK assumes a four-plane layout and reads memory beyond the allocated...

7.1CVSS6.5AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.170 views

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read

This report details the creation of a specification-compliant, engineering-grade proof of concept file that reliably triggers the out-of-bounds read vulnerability documented as CVE-2025-64893 in Adobe DNG SDK versions 1.7.1 and below...

7.1CVSS6.5AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.186 views

📄 IGEL OS Workspace Edition 11.10.430 Privilege Escalation

IGEL OS Workspace Edition version 11.10.430 suffers from a privilege escalation vulnerability. This vulnerability demonstrates how architectural trust in custom configuration frameworks can be abused to establish long-term persistence, even on systems designed to be non-persistent and hardened by...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.204 views

📄 HPE OneView Unauthenticated Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability against Hewlett Packard Enterprise HPE OneView. All versions below 11.00 are vulnerable so long as the vendor supplied hotfix has not been applied, however some VM product versions do not enable the vulnerable...

10CVSS8.4AI score0.89733EPSS
Exploits8
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.180 views

📄 FortiWeb Fabric Connector 7.6.x SQL Injection / Remote Code Execution

This proof of concept exploit demonstrates a pre-authentication remote SQL injection vulnerability in Fortinet FortiWeb Fabric Connector versions 7.0 through 7.6.x. The flaw allows unauthenticated attackers to achieve remote code execution through malicious SQL queries in the Authorization header...

9.8CVSS10AI score0.9671EPSS
Exploits18
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.167 views

📄 Adobe DNG SDK 1.5 Integer Overflow / Local Crash

This proof of concept exploit demonstrates a local crash condition caused by an integer overflow vulnerability in the Adobe DNG SDK versions 1.5 through 1.7.0. The provided Bash script dynamically generates a malformed DNG image file containing a crafted opcode list that abuses the ScalePerColumn...

7.8CVSS6.6AI score0.00172EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.168 views

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read / Information Disclosure

This work presents a technical, research‑grade proof of concept demonstrating CVE‑2025‑64893, an out of bounds read vulnerability in Adobe DNG SDK versions prior to 1.7.1.2410. The vulnerability is caused by a logic flaw in the rendering pipeline where a crafted but specification‑compliant DNG fi...

7.1CVSS6.4AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.159 views

📄 Adobe DNG SDK Linearize Out-Of-Bounds Read

A memory safety vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 that affects the Linearize image processing routine. When handling trimmed source images, the function erroneously performs operations using full image dimensions, resulting in an out‑of‑bounds read condition. This...

7.1CVSS7.4AI score0.00165EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.170 views

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read / Information Disclosure

This work presents a technical, research‑grade proof of concept demonstrating CVE‑2025‑64893, an out of bounds read vulnerability in Adobe DNG SDK versions prior to 1.7.1.2410. The vulnerability is caused by a logic flaw in the rendering pipeline where a crafted but specification‑compliant DNG fi...

7.1CVSS6.4AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.196 views

📄 Headlamp 0.38.0 Unauthenticated Cached Credentials Access

Proof of concept exploit for a flaw in Headlamp Kubernetes dashboard versions 0.38.0 and below that allows unauthenticated users to access sensitive Helm release data, including secrets, tokens, and passwords, due to improper server-side caching...

6.9AI score
Exploits2
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.162 views

📄 Adobe DNG SDK Missing Validation Heap Buffer Overflow

A heap buffer overflow vulnerability exists in Adobe's DNG SDK versions 1.7.1 and below due to improper handling of raw images with two color planes fSrcPlanes = 2...

7.1CVSS7.1AI score0.00147EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.161 views

📄 Assistive Technologies Persistence

This Metasploit module achieves persistence by registering a custom Assistive Technology AT in the Windows registry. Then it configures the system to launch the AT executable during user logon or desktop switch such as with an admin privileged program. Requires Windows 8 or higher and...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.151 views

📄 Adobe DNG SDK 1.5 Web Upload Integer Overflow

Adobe DNG SDK versions 1.5 through 1.7.0 can have an integer overflow triggered via a web upload. If the backend processes the uploaded file with a vulnerable version of the DNG SDK, the malformed opcode data may result in an application crash or unexpected behavior...

7.8CVSS7AI score0.00172EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.160 views

📄 HEUR.Backdoor.Win32.Poison.gen MVID-2025-0701 DLL Hijacking

HEUR.Backdoor.Win32.Poison.gen malware looks for and executes a x32-bit "WININET.dll" PE file in its current directory. Therefore, we can hijack the DLL and execute our own c ode to intercept and terminate the malware. It is suggested that RansomLordNG be leveraged for this purpose. Discovery /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.189 views

📄 Adobe DNG SDK Image Processing Logic

Proof of concept exploit that demonstrates a heap out-of-bounds read / write leading to memory corruption and potential code execution in the Image Processing Logic of Adobe DNG SDK versions prior to 1.7.1.2410...

7.1CVSS7.4AI score0.00165EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.145 views

📄 Backdoor.Win32.ControlTotal.t MVID-2025-0702 Insecure Credential Storage

Backdoor.Win32.ControlTotal.t malware listens on TCP port 2032 and requires authentication. The password "jdf4df4vdf" is stored in cleartext within the PE file. Discovery / credits: Malvuln John Page aka hyp3rlinx c 2025 Original source:...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.163 views

📄 Pi-hole 5.18.3 Remote Code Execution

This PHP script is an authenticated remote code execution exploit targeting Pi-hole's web admin interface. It requires valid administrator credentials to log in, obtains a CSRF token, and abuses the adlist management feature by injecting a crafted gopher:// URL. The payload forces the server to...

8.8CVSS7.9AI score0.02828EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.148 views

📄 LibreNMS 24.9.1 Code Injection

LibreNMS version 24.9.1 suffers from a remote command execution vulnerability. ============================================================================================================================================= | Title : LibreNMS 24.9.1 PHP Code Injection Vulnerability | | Author :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.176 views

📄 libtransmission 2.93 Integer Overflow

libtransmission versions 2.93 and below suffer from multiple integer overflows. A remote attacker could create a specially crafted .torrent file which may be small when compressed that exploits these overflows when a victim loads it via Transmission or its command-line interface transmission-cli...

9.8CVSS7AI score0.05827EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.156 views

📄 Cisco ISE API 3.2 Command Injection

Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.2. ============================================================================================================================================= | Title : Cisco ISE API 3.2 command injection Exploits | |...

10CVSS7.9AI score0.96732EPSS
Exploits10
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.139 views

📄 Institute Admission Software 2.5 Shell Upload

Institute Admission Software version 2.5 fails to properly validate and restrict uploaded files in the gallery upload functionality within the admin panel. =============================================================================================================================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.151 views

📄 Lepton CMS 7.4.0 Cross Site Scripting / Code Execution

Lepton CMS version 7.4.0 has a vulnerability which allows for a persistent cross site scripting payload to escalate into PHP execution through the droplet engine...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.223 views

📄 WordPress ACF 0.9.1.1 Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Advanced Custom Fields: Extended ACF Extended WordPress plugin versions 0.9.0.5 through 0.9.1.1. The vulnerability exists in the prepareform function of the acfemoduleformfrontrender class, which accepts...

9.8CVSS8.6AI score0.73557EPSS
Exploits10
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.505 views

📄 Dahua TPC-AEBF5201 P2P Camera ToolsComplete Security Analysis Suite

This PHP proof-of-concept provides defensive tooling to analyze DH-P2P / Easy4IP behaviors observed during DFIR activities. It includes routines to decrypt Account1SecEData, derive device-specific cryptographic keys, and reproduce authentication code generation logic. The project is intended to...

6.8CVSS7.2AI score0.00275EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.144 views

📄 Kalmia CMS 0.2.0 User Enumeration

Proof of concept exploit that demonstrates a user enumeration vulnerability via the JWT authentication API on Kalmia CMS version 0.2.0. ============================================================================================================================================= | Title : Kalmia CM...

6.5CVSS6.9AI score0.00314EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.701 views

📄 Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass

There is a complete authentication bypass in the ONVIF implementation of Xiongmai XM530-series IP cameras that allows unauthenticated remote access to sensitive device information, configuration, and video streams. CVE-2025-65856 Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass ---...

10CVSS9.5AI score0.40386EPSS
Exploits13
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.155 views

📄 JSONPath Plus Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in JSONPath Plus library versions prior to 10.3.0 The vulnerability allows arbitrary JavaScript code execution through malicious JSONPath expressions...

9.8CVSS9AI score0.10701EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.384 views

📄 Xiongmai XM530 IP Camera Hardcoded RTSP Credential Exposure

The GetStreamUri ONVIF endpoint in Xiongmai XM530-series IP cameras exposes RTSP URIs containing hardcoded credentials, enabling direct unauthorized access to live video streams. CVE-2025-65857 Xiongmai XM530 IP Camera Hardcoded RTSP Credentials Exposure --- Summary The GetStreamUri ONVIF endpoin...

10CVSS8.5AI score0.40386EPSS
Exploits15
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.476 views

📄 C‑Bitrix 25.100.500 Translate Module Arbitrary File Upload

C‑Bitrix version 25.100.500 proof of concept exploit that demonstrates an arbitrary file upload vulnerability in the translate module. ============================================================================================================================================= | Title : C‑Bitrix...

7.2AI score0.01549EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.159 views

📄 AVAST Antivirus 25.11 Unquoted Service Path

AVAST Antivirus version 25.11 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with...

7.1AI score
Exploits0
Total number of security vulnerabilities50738