Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’203 views

πŸ“„ Flowise 3.0.4 Remote Command Execution

Flowise versions prior to 3.0.5 suffer from a remote command execution vulnerability. Exploit Title: Flowise 3.0.4 - Remote Code Execution RCE Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/ Software Link:...

10CVSS7.3AI score0.90183EPSS
Exploits29
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’152 views

πŸ“„ dotCMS 25.07.02-1 SQL Injection

dotCMS version 25.07.02-1 suffers from an authenticated remote blind SQL injection vulnerability. !/usr/bin/env python3 Exploit Title: dotCMS 25.07.02-1 - Authenticated Blind SQL Injection Google Dork: N/A Date: 2025-09-09 Exploit Author: Matan Sandori OSCP, OSEP, OSWE Vendor...

9.4CVSS8.1AI score0.01558EPSS
Exploits4
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’151 views

πŸ“„ ClipBucket 5.5.2 Build 90 Server-Side Request Forgery

ClipBucket version 5.5.2 Build 90 suffers from a server-side request forgery vulnerability. Exploit Title: ClipBucket 5.5.2 Build 90 - Server-Side Request Forgery SSRF Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Softwa...

6.5CVSS7.1AI score0.00998EPSS
Exploits4
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’118 views

πŸ“„ Casdoor 2.55.0 Cross Site Request Forgery

Casdoor version 2.55.0 suffers from a cross site request forgery vulnerability. Exploit Title: Casdoor 2.55.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: 2.55.0 Date: 09/10/2025 Exploit Author: Van Lam Nguyen Facebook: vanlam1412 Vendor Homepage: https://casdoor.org/ Software...

6.5CVSS6.3AI score0.03093EPSS
Exploits10
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’129 views

πŸ“„ HTMLDOC 1.9.13 Stack Buffer Overflow

HTMLDOC versions 1.9.13 and below proof of concept exploit that demonstrates a stack buffer overflow vulnerability. !/usr/bin/env python3 Exploit Title: HTMLDOC 1.9.13 - Stack Buffer Overflow Google Dork: N/A Date: 2025-08-26 Exploit Author: wulfgarpro Vendor Homepage:...

7.8CVSS7.8AI score0.07349EPSS
Exploits4
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’183 views

πŸ“„ ClipBucket 5.5.0 Shell Upload

ClipBucket versions 5.5.0 and below suffer from a remote shell upload vulnerability. Exploit Title: ClipBucket 5.5.0 - Arbitrary File Upload Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Software Link:...

7.3CVSS7.2AI score0.01448EPSS
Exploits4
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’111 views

πŸ“„ Ilevia EVE X1/X5 Server 4.7.18.0.eden Default Credentials

Ilevia EVE X1/X5 Server version 4.7.18.0.eden uses a weak set of default administrative credentials that can be found and used to gain full control of the system. Ilevia EVE X1/X5 Server 4.7.18.0.eden Default Credentials Vendor: Ilevia Srl. Product web page: https://www.ilevia.com Affected versio...

9.8CVSS7.2AI score0.00533EPSS
Exploits2
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’108 views

πŸ“„ Casdoor 2.95.0 Cross Site Request Forgery

Casdoor version 2.55.0 suffers from a cross site request forgery vulnerability. Exploit Title: Casdoor 2.95.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.95.0 2025-10-22 Date: 2025-10-23 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link:...

6.5CVSS6.3AI score0.03093EPSS
Exploits10
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’229 views

πŸ“„ HTTP/2 2.0 Denial of Service

This is a testing script for the HTTP/2 Rapid Reset vulnerability as described in CVE-2023-44487. !/usr/bin/env python3 """ Exploit Title: HTTP/2 2.0 - Denial Of Service DOS Google Dork: -NA- Date: 29th August 2025 Exploit Author: Madhusudhan Rajappa Vendor Homepage: -NA- Software Link: -NA-...

7.5CVSS7.3AI score0.99999EPSS
Exploits19
Packet Storm
Packet Storm
β€’added 2025/11/03 12:0 a.m.β€’90 views

πŸ“„ Hop.bg Cross Site Scripting

Hop.bg appears to suffer from a cross site scripting vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the vendor and they have not addressed the issue, putting their users at risk, so this is being...

6.6AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/31 12:0 a.m.β€’118 views

πŸ“„ Service Upstart Persistence

This Metasploit module will create a service on the box, and mark it for auto-restart. You need enough access to write service files and potentially restart services. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/31 12:0 a.m.β€’143 views

πŸ“„ Windows Persistent Task Scheduler

This Metasploit module establishes persistence by creating a scheduled task to run a payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Persistent Task Scheduler', 'Description' =...

7AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/30 12:0 a.m.β€’207 views

πŸ“„ NCR Command Center Agent 16.3 Remote Code Execution

CMCAgent in NCR Command Center Agent version 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter within an XML document sent to port 8089 that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021...

10CVSS7.5AI score0.87383EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/30 12:0 a.m.β€’128 views

πŸ“„ LEPTON 7.4.0 Cross Site Scripting

LEPTON version 7.4.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: LEPTON 7.4.0 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya KARABAG Vendor Homepage: https://lepton-cms.org/ Software Link:...

6.4AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/30 12:0 a.m.β€’136 views

πŸ“„ LEPTON 7.4.0 Remote Code Execution

LEPTON CMS version 7.4.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands through the Droplets functionality. This vulnerability arises from improper input validation and execution control within the Droplets feature...

8.6AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/30 12:0 a.m.β€’179 views

πŸ“„ WBCE CMS 1.6.4 Cross Site Scripting

WBCE CMS version 1.6.4 suffers from a persistent cross site scripting vulnerability. Exploit Title: WBCE CMS 1.6.4 - Stored Cross-Site Scripting XSS Date: 2025-10-29 Exploit Author: Chokri Hammedi Vendor Homepage: https://wbce.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/v1.6....

6.4AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/29 12:0 a.m.β€’146 views

πŸ“„ Windows Persistent Startup Folder

This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

7AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/28 12:0 a.m.β€’144 views

πŸ“„ RiteCMS 3.1.0 Cross Site Scripting

RiteCMS version 3.1.0 suffers from a cross site scripting vulnerability. Exploit Title: RiteCMS 3.1.0 - Reflected XSS in Admin Panel Date: October 28, 2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/ritecms/ritecms Version: RiteCMS 3.1.0...

6.4AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/27 12:0 a.m.β€’152 views

πŸ“„ Wisenshop Cross Site Scripting

Wisenshop suffers from a cross site scripting vulnerability. It is unclear what version is affected as they are not published where this software is sold. Exploit Title: Wisenshop - Stored XSS Exploit Author: CraCkEr Date: 11-10-2025 Author of Script: Wisencode Infotech Vendor: Wisencode Infotech...

5.1CVSS4.6AI score0.0022EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/10/27 12:0 a.m.β€’316 views

πŸ“„ RiteCMS 3.1.0 Remote Code Execution

RiteCMS version 3.1.0 suffers from an authenticated remote code execution vulnerability. Exploit Title: RiteCMS 3.1.0 - Authenticated Remote Code Execution RCE Date: 2025-10-26 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/handylulu/RiteCMS Software Link:...

8.2AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/27 12:0 a.m.β€’165 views

πŸ“„ Dynatrace ActiveGate Command Injection

Dynatrace ActiveGate versions up to 1.016 suffer from an OS command injection vulnerability. CVE-2025-61304 "OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address" In the background the ping extension is using the command prompt of Windows to...

9.8CVSS7.5AI score0.01943EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/27 12:0 a.m.β€’143 views

πŸ“„ WBCE CMS 1.6.4 Remote Code Execution

WBCE CMS version 1.6.4 contains a critical remote code execution vulnerability in the Droplets module. Authenticated attackers with administrator privileges can inject and execute arbitrary PHP code, leading to complete system compromise. Exploit Title: WBCE CMS 1.6.4 - Remote Code Execution Date...

8.6AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/27 12:0 a.m.β€’146 views

πŸ“„ ModernShop Cross Site Scripting

ModernShop suffers from a cross site scripting vulnerability. It is unclear what version is affected as they are not published where this software is sold. Exploit Title: ModernShop - RXSS Exploit Author: CraCkEr Date: 11-10-2025 Author of Script: ABHIRAM B Vendor: ABHI CODE BOX Vendor Homepage:...

5.3CVSS4.7AI score0.00316EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/10/23 12:0 a.m.β€’143 views

πŸ“„ Easywork Enterprise 2.1.3.354 Cleartext Memory Secret Storage

Easywork Enterprise version 2.1.3.354 is vulnerable to cleartext storage of sensitive information in memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt. The keys can be obtained by attaching a debugger or analyzing the process/memory...

6.2CVSS6.7AI score0.00099EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/10/22 12:0 a.m.β€’157 views

πŸ“„ Log2Space Subscriber Management Software 1.1 SQL Injection

Log2Space Subscriber Management Software version 1.1 suffers from an unauthenticated remote SQL injection vulnerability. Author: Aditya Patil [email protected] Rohan Patil [email protected] CVE-2025-56450 Unauthenticated SQL Injection in Log2Space Subscriber Management Software...

6.5CVSS8.3AI score0.00307EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/10/22 12:0 a.m.β€’203 views

πŸ“„ Vvveb CMS 1.0.5 Remote Code Execution

Vvveb CMS is vulnerable to code injection via the Code Editor functionality. Unsanitized editing functionality allows attacker-controlled changes to existing files on the web-accessible filesystem, allowing remote authenticated attackers with access to the Code Editor to achieve code execution wh...

7.2CVSS8.7AI score0.01347EPSS
Exploits6
Packet Storm
Packet Storm
β€’added 2025/10/21 12:0 a.m.β€’178 views

πŸ“„ Campcodes Online Loan Management System 1.0 SQL Injection

Campcodes Online Loan Management System versions 1.0 and below suffer from a remote SQL injection vulnerability. -- coding: utf-8 -- Exploit Loan Management System v1.0 - SQL Injection Google Dork: N/A Date: 20/10/2025 Exploit Author: CodeB0ss Vendor: Loan Management System Software Link:...

9.8CVSS8.2AI score0.01664EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/20 12:0 a.m.β€’131 views

πŸ“„ Transmission Torrent Parsing Integer Overflows

Torrent file parsing in Transmission suffers from multiple integer overflow vulnerabilities. I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtyp...

7.6AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/20 12:0 a.m.β€’217 views

πŸ“„ Microsoft Windows Server Update Services Remote Code Execution

This is a proof of concept exploit for Microsoft Windows Server Update Services that leverages an unsafe deserialization of untrusted data in WSUS's AuthorizationCookie handling. This file demonstrates payload generation in C. using System; using System.IO; using System.Security.Cryptography; usi...

9.8CVSS6.9AI score0.99962EPSS
Exploits24
Packet Storm
Packet Storm
β€’added 2025/10/17 12:0 a.m.β€’154 views

πŸ“„ Ilevia EVE X1 Server 4.7.18.0.eden Cross Site Scripting

Ilevia EVE X1 Server versions 4.7.18.0.eden and below suffer from a reflective cross site scripting vulnerability. Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Reflected XSS Vendor: Ilevia Srl. Product web page: https://www.ilevia.com Affected version: =4.7.18.0.eden Summary: EVE is a smart...

6.1CVSS6.4AI score0.00374EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/16 12:0 a.m.β€’78 views

πŸ“„ Greenlife.bg SQL Injection

Greenlife.bg appears to suffer from a remote SQL injection vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the vendor and they have not addressed the issue, putting their users at risk, so this is being...

8.3AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/16 12:0 a.m.β€’155 views

πŸ“„ Ilevia EVE X1 Server 4.7.18.0.eden Parameter Traversal / Arbitrary File Access

An unauthenticated absolute and relative path traversal vulnerability exists in the smart home/building automation platform via the /ajax/php/getfilecontent.php endpoint of Ilevia EVE X1 Server versions 4.7.18.0.eden and below. By supplying a crafted file POST parameter, a remote attacker can rea...

8.7CVSS6.9AI score0.00604EPSS
Exploits4
Packet Storm
Packet Storm
β€’added 2025/10/16 12:0 a.m.β€’148 views

πŸ“„ Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Remote Command Injection

Ilevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the mbusfile and mbuscsv HTTP POST parameters through the /ajax/php/mbusbuildfromcsv.php script...

9.8CVSS8.4AI score0.07679EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/15 12:0 a.m.β€’197 views

πŸ“„ PerfexCRM Authentication Bypass

PerfexCRM versions prior to 3.3.1 suffer from an authentication bypass vulnerability. Security Advisory β€” PerfexCRM Authentication Bypass CVE-2025-60375, RESERVED Advisory ID: perfexcrm-auth-bypass-2025 CVE: CVE-2025-60375 RESERVED Product: PerfexCRM Affected versions: versions prior to 3.3.1 3.3...

7.3CVSS7.1AI score0.00266EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/10/13 12:0 a.m.β€’183 views

πŸ“„ Packet Storm EXIF Data Disclosure

A bad code push allowed EXIF data to remain in some photos on Packet Storm. Our analysis shows only 0.004% of uploaded pictures were affected and they have all been stripped to ensure no further exposure. Fortunately, the affected pictures only include items related to an admin of the site and th...

7.1AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/13 12:0 a.m.β€’117 views

πŸ“„ Packet Storm Missing Cache Header

Packet Storm was missing a cache control header on the user settings page, allowing for parties to click back in a browser post-logout and see the page from the local browser cache. As shared computing situations can allow this to lead to an information disclosure issue, it was immediately...

6AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/10 12:0 a.m.β€’162 views

πŸ“„ MotionEye Frontend 0.43.1b4 Remote Code Execution

This Metasploit module exploits a template injection vulnerability in the MotionEye Frontend. MotionEye Frontend versions 0.43.1b4 and prior are vulnerable to OS command injection in configuration parameters such as imagefilename. Unsanitized user input is written to MotionEye Frontend...

7.2CVSS8.5AI score0.2442EPSS
Exploits16
Packet Storm
Packet Storm
β€’added 2025/10/10 12:0 a.m.β€’204 views

πŸ“„ Perfex CRM Chatbot Cross Site Scripting

Perfex CRM's chatbot feature suffers from a persistent cross site scripting vulnerability. CVE-2025-60374 CVE-2025-60374: Stored Cross-Site Scripting XSS in Perfex CRM Chatbot ⚠️ Security Advisory A critical Stored Cross-Site Scripting vulnerability in Perfex CRM's chatbot feature --- πŸ“‹ Overview A...

6.1CVSS6.4AI score0.00318EPSS
Exploits2
Packet Storm
Packet Storm
β€’added 2025/10/07 12:0 a.m.β€’355 views

πŸ“„ Malicious Windows Script Host Script File

This Metasploit module creates a Windows Script Host WSH Windows Script File .wsf. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host Script File .wsf', 'Description'...

7.1AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/06 12:0 a.m.β€’806 views

πŸ“„ GNU Screen 4.5.0 Local Privilege Escalation

GNU Screen version 4.5.0 local privilege escalation exploit that leverages shared library loading. GNU Screen 4.5.0 Local Privilege Escalation Exploit CVE-2017-5618 πŸ“Œ Overview Local privilege escalation exploit for GNU Screen 4.5.0 that hijacks shared library loading to gain root access via...

7.8CVSS7.1AI score0.01253EPSS
Exploits6
Packet Storm
Packet Storm
β€’added 2025/10/06 12:0 a.m.β€’130 views

πŸ“„ Mac OS X Persistent Payload Installer

This Metasploit module provides a persistent boot payload by creating a launch item, which can be a LaunchAgent or a LaunchDaemon. LaunchAgents run with user level permissions and are triggered upon login by a plist entry in /Library/LaunchAgents. LaunchDaemons run with elevated privileges, and a...

6.9AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/06 12:0 a.m.β€’135 views

πŸ“„ GaatiTrack 1.0 SQL Injection

GaatiTrack version 1.0 suffers from multiple remote SQL injection vulnerabilities. Metasploit module included. Titles: GaatiTrack-1.0 CopyrightΒ©2025-Multiple-SQLi - Metasploit module Author: nu11secur1ty Date: 10/06/2025 Vendor: https://www.mayurik.com/ Software:...

8.5AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2025/10/06 12:0 a.m.β€’140 views

πŸ“„ WordPress KKProgressbar2 1.1.4.2 Cross Site Request Forgery

WordPress KKProgressbar2 version 1.1.4.2 cross site request forgery proof of concept exploit. Exploit Title: WordPress Plugin KKProgressbar2 - Cross-Site Request Forgery CSRF Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...

8.8CVSS6.6AI score0.00324EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/06 12:0 a.m.β€’160 views

πŸ“„ FortiWeb Fabric Connector 7.6.x SQL Injection

FortiWeb Fabric Connector versions 7.6.x suffer from a pre-authentication remote SQL injection vulnerability. Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact:...

9.8CVSS9.9AI score0.9671EPSS
Exploits18
Packet Storm
Packet Storm
β€’added 2025/10/03 12:0 a.m.β€’472 views

πŸ“„ ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting

ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 β€” Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 πŸ“Œ Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...

5.4CVSS6.4AI score0.00382EPSS
Exploits2
Packet Storm
Packet Storm
β€’added 2025/10/03 12:0 a.m.β€’200 views

πŸ“„ Apache Pyfory 0.12.2 Remote Code Execution

This proof of concept exploit demonstrates the remote code execution vulnerability in Apache Pyfory versions 0.12.0 through 0.12.2 and legacy PyFury versions 0.1.0 through 0.10.3 due to an insecure pickle fallback deserialization. !/usr/bin/env python3 """...

9.8CVSS8.2AI score0.41255EPSS
Exploits2
Packet Storm
Packet Storm
β€’added 2025/10/02 12:0 a.m.β€’535 views

πŸ“„ ERPNext 15.67.0 / Frappe 15.72.4 Blind SQL Injection

A time-based blind SQL injection vulnerability was discovered in the frappe.client.getvalue API endpoint in Frappe Framework version 15.72.4 and it is also present in ERPNext version 15.67.0. An authenticated user with access to the reporting/client API can inject SQL via the fieldname parameter...

6.5CVSS7.6AI score0.00293EPSS
Exploits3
Packet Storm
Packet Storm
β€’added 2025/10/01 12:0 a.m.β€’206 views

πŸ“„ Fiora Chat 1.0.0 Cross Site Scripting

Fiora Chat version 1.0.0 suffers from a cross site scripting vulnerability. CVE-2025-56514: Cross Site Scripting XSS Vulnerability in Fiora Chat Application Overview A Cross Site Scripting XSS vulnerability, identified as CVE-2025-56514, affects the Fiora chat application version 1.0.0. This...

5.4CVSS6.4AI score0.00262EPSS
Exploits2
Packet Storm
Packet Storm
β€’added 2025/09/30 12:0 a.m.β€’212 views

πŸ“„ Trivision NC-227WF Username Enumeration

Trivision NC-227WF with firmware version 5.80 build 0141010 has a login mechanism that reveals whether a username exists or not by returning different error messages. CVE-2025-56764 β€” Trivision NC-227WF Summary Trivision NC-227WF firmware 5.80 build 20141010 login mechanism reveals whether a...

5.3CVSS7AI score0.00244EPSS
Exploits1
Packet Storm
Packet Storm
β€’added 2025/09/30 12:0 a.m.β€’149 views

πŸ“„ CPAS Audit Management Information System 4.9 SQL Injection

CPAS Audit Management Information System versions 4.9 and below suffer from a remote SQL injection vulnerability. CPAS-bug CPAS audit management information system has SQL injection vulnerability Beijing YouDataSum Technology Co., Ltd. domain: http://youdatasum.com Affected versions...

8.1AI score0.00555EPSS
Exploits3
Total number of security vulnerabilities50738