Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2025/05/13 12:0 a.m.86 views

📄 WordPress Frontend Login and Registration Blocks 1.0.7 Privilege Escalation

WordPress Frontend Login and Registration Blocks plugin versions 1.0.7 and below suffer from a privilege escalation vulnerability. Exploit Title: WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation Google Dork:...

9.8CVSS9.7AI score0.06441EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/05/13 12:0 a.m.107 views

📄 Kentico Xperience 13.0.178 Cross Site Scripting

Kentico Xperience version 13.0.178 suffers from a cross site scripting vulnerability. Exploit Title: Kentico Xperience 13.0.178 - Cross Site Scripting XSS Date: 2025-05-09 Version: Kentico Xperience before 13.0.178 Exploit Author: Alex Messham Contact: [email protected] Source:...

9.8CVSS9.2AI score0.59066EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/05/12 12:0 a.m.167 views

📄 RDPGuard 9.9.9 Privilege Escalation

RDPGuard version 9.9.9 suffers from a privilege escalation vulnerability. Exploit Title: RDPGuard 9.9.9 - Privilege Escalation SYSTEM Discovered by: Ahmet Ümit BAYRAM Discovered Date: 09.05.2025 Vendor Homepage: https://rdpguard.com Software Link: https://rdpguard.com/download.aspx Tested Version...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/12 12:0 a.m.92 views

📄 DiskBoss Enterprise 7.4.28 Remtoe Buffer Overflow

DiskBoss Enterprise version 7.4.28 GET remote buffer overflow SEH exploit with egghunter shellcode. Exploit Title: DiskBoss Enterprise 7.4.28 - 'GET' Remote Buffer Overflow SEH - Egghunter Date: 2025-05-05 Exploit Author: Fernando Mengali Linkedin:...

8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/12 12:0 a.m.88 views

📄 Feng Office 3.5.1.5 SQL Injection

Feng Office version 3.5.1.5 suffers from a remote SQL injection vulnerability. Titles: fengoffice3.5.1.5 - SQLi Author: nu11secur1ty Date: 05/11/2025 Vendor: https://www.fengoffice.com/ Software: https://trials.fengoffice.com/register?edition=starter Reference:...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/09 12:0 a.m.89 views

📄 Microsoft Windows 11 Pro 23H2 Privilege Escalation

Microsoft Windows version 11 Pro 23H2 Ancillary Function Driver for WinSock privilege escalation exploit. Exploit Title: Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Elevation of Privilege Date: 2025-05-05 Exploit Author: Milad Karimi Ex3ptionaL Contact:...

7.8CVSS9.2AI score0.27561EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/05/09 12:0 a.m.93 views

📄 VirtualBox 7.0.16 Privilege Escalation

VirtualBox version 7.0.16 suffers from a privilege escalation vulnerability. Exploit Title: VirtualBox 7.0.16 - Local Privilege Escalation Date: 2025-05-06 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win x64...

7.8CVSS8.3AI score0.0178EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/05/08 12:0 a.m.100 views

📄 Easy!Appointments 1.5.1 Denial of Service

Easy!Appointments version 1.5.1 suffers from a denial of service vulnerability due to a logic flaw. CVE-2025-29448 Description booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by...

7.5CVSS9.2AI score0.00474EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/05/08 12:0 a.m.75 views

📄 ezPortal 5.6 SQL Injection

ezPortal version 5.6 for Simple Machines Forum suffers from a SQL injection issue that may be exploitable. Exploit Title: ezportal Advisory Portal Mod for SMF Local SQL injection Google Dork: inurl:index.php?action=ezportal Date: 2025-05-08 Exploit Author: Emiliano Febbi Vendor Homepage:...

8.3AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/07 12:0 a.m.104 views

📄 WordPress ConvertPlus 3.5.30 Denial of Service

The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the cpdismissnotice AJAX endpoint in all versions up to, and including, 3.5.30. CVE-2024-13800 Popup Plugin For WordPress - ConvertPlus...

8.1CVSS9.2AI score0.00434EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/05/07 12:0 a.m.176 views

📄 BeyondTrust Privileged Remote Access 24.3 Takeover

BeyondTrust Privileged Remote Access PRA version 24.3 suffers a privileged login takeover vulnerability due to a passwordless ssh tunnel. === Details ======================================================== Vendor: BeyondTrust Product: Privileged Remote Access PRA Subject: PRA connection takeover...

7.8CVSS7.5AI score0.00193EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/05/07 12:0 a.m.107 views

📄 WordPress OttoKit 1.0.82 Privilege Escalation

WordPress OttoKit plugin versions 1.0.82 and below suffer from a privilege escalation vulnerability. This plugin used to be called SureTriggers. CVE-2025-27007: OttoKit SureTriggers Privilege Escalation Vulnerability Exploitation of CVE-2025-27007, a critical vulnerability in unauthorized privile...

9.8CVSS9.7AI score0.5088EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/05/06 12:0 a.m.82 views

📄 Grokability Snipe-IT 8.0.4 Insecure Direct Object Reference

Grokability Snipe-IT versions 8.0.4 and below suffer from an insecure direct object reference vulnerability. Exploit Title: Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference IDOR Google Dork: N/A Date: 2025-05-02 Exploit Author: Sn1p3r-H4ck3r Siripong Jintung Vendor Homepage:...

5CVSS6.3AI score0.01189EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/05/06 12:0 a.m.99 views

📄 ERPNext 14.82.1 Cross Site Request Forgery

ERPNext versions 14.82.1 and below suffer from a cross site request forgery vulnerability. Exploit Title: ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery CSRF Google Dork: inurl:"/api/method/frappe" Date: 2025-04-29 Exploit Author: Ahmed Thaiban Thvt0ne Vendor Homepage:...

8.1CVSS7AI score0.00759EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/05/06 12:0 a.m.82 views

📄 Casdoor 1.901.0 Cross Site Request Forgery

Casdoor version 1.901.0 suffers from a cross site request forgery vulnerability. Exploit Title: Casdoor 1.901.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: 1.901.0 Date: 03/07/2024 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link:...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/02 12:0 a.m.230 views

📄 Erlang-Based SSH OTP Pre-Authentication Remote Code Execution

This Metasploit module detect and exploits CVE-2025-32433, a pre-authentication vulnerability in Erlang-based SSH servers that allows remote command execution. By sending crafted SSH packets, it executes a payload to establish a reverse shell on the target system. The exploit leverages a flaw in...

10CVSS8.6AI score0.97673EPSS
Exploits36
Packet Storm
Packet Storm
added 2025/05/02 12:0 a.m.90 views

📄 ZTE ZXV10 H201L Remote Code Execution

ZTE ZXV10 H201L suffers from a remote code execution vulnerability that can be leveraged via an authentication bypass. Exploit Title: ZTE ZXV10 H201L - RCE via authentication bypass Exploit Author: l34n tasos meletlidis https://i0.rs/blog/finding-0click-rce-on-two-zte-routers/ import http.client,...

8.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/01 12:0 a.m.104 views

📄 WonderCMS 3.x Remote Code Execution

This Metasploit module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS versions between 3.2.0 and 3.4.2. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class...

6.1CVSS6.5AI score0.54305EPSS
Exploits16
Packet Storm
Packet Storm
added 2025/05/01 12:0 a.m.90 views

📄 Craft CMS Image Transform Pre-Authenticaton Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 3.x, 4.x, and 5.x prior to 5.6.17 via the image transform endpoint. It injects a PHP Meterpreter payload into the Craft session, then triggers its execution by abusing the Yii behavior...

10CVSS9.4AI score0.99803EPSS
Exploits14
Packet Storm
Packet Storm
added 2025/05/01 12:0 a.m.87 views

📄 Microsoft Windows XRM-MS NTLM Hash Disclosure

Microsoft Windows suffers from another NTLM hash disclosure vulnerability. This time it is related to the xrm-ms file type. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MicrosoftWindowsxrm-msFileNTLM-HashDisclosure.tx...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/30 12:0 a.m.87 views

📄 unzip-stream 0.3.1 Arbitrary File Write

unzip-stream version 0.3.1 suffers from an arbitrary file write vulnerability. Exploit Title: unzip-stream 0.3.1 - Arbitrary File Write Date: 18th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mhr3/unzip-stream Version: unzip-stream 0.3.1 Tested on: Ubunt...

7.5CVSS9.5AI score0.03037EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/29 12:0 a.m.88 views

📄 Daikin Security Gateway 214 Remote Password Reset

The Daikin Security Gateway exposes a critical vulnerability in its password reset API endpoint. Due to an insecure direct object reference IDOR flaw, an unauthenticated attacker can send a crafted POST request to this endpoint, bypassing authentication mechanisms. Successful exploitation resets...

8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/28 12:0 a.m.217 views

📄 Inedo ProGet 2024.22 Denial of Service / Information Disclosure / CSRF

Inedo ProGet version 2024.22 suffers from cross site request forgery, denial of service, and information disclosure vulnerabilities. Inedo ProGet 2024.22 and below are vulnerable to unauthenticated denial of service and information disclosure attacks among other things because the information...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/28 12:0 a.m.238 views

📄 Ruby on Rails Cross Site Request Forgery

Ruby on Rails appears to include a one time pad for cross site request forgery protections to the user, making it possible to forge valid tokens. Good morning. All current versions and all versions since the 2022/2023 "fix" to the Rails cross-site request forgery CSRF protections continue to be...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/24 12:0 a.m.281 views

📄 AlegroCart 1.2.9 Logic Flaw

AlegroCart version 1.2.9 suffers from a business logic flaw that allows for price manipulation. Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9 Date: 04/2025 Exploit Author: Andrey Stoykov Version: 1.2.9 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Busines...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/24 12:0 a.m.291 views

📄 AlegroCart 1.2.9 Cross Site Scripting

AlegroCart version 1.2.9 suffers from persistent and reflective cross site scripting vulnerabilities. Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 Date: 04/2025 Exploit Author: Andrey Stoykov Version: 1.2.9 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ XSS via SVG Imag...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/23 12:0 a.m.500 views

📄 BentoML Runner Server Remote Code Execution

There was an insecure deserialization in BentoML's runner server prior to version 1.4.8. By setting specific headers and parameters in the POST request, it is possible to execute unauthorized arbitrary code in the context of the user running the server, which will grant initial access and...

9.8CVSS9.2AI score0.45773EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/23 12:0 a.m.313 views

📄 Online Shopping System Advanced 1.0 Shell Upload / SQL Injection

Online Shopping System Advanced version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities. Exploit Title: Online Shopping System Advanced - Remote Code Execution Date: 2025-03-11 Exploit Author: bRpsd Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=bRpsd...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/23 12:0 a.m.477 views

📄 Zyxel uOS 1.31 Privilege Escalation

The USG FLEX H Series with the operating system Zyxel uOS version 1.31 suffers from a local privilege escalation vulnerability via the setuid binary fermion-wrapper. -- HNS-2025-10 - HN Security Advisory - https://security.humanativaspa.it/ Title: Local privilege escalation via Zyxel...

7.8CVSS6.8AI score0.0093EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.2344 views

📄 OpenSSH 9.8p1 Race Condition

Proof of concept race condition exploit for OpenSSH server version 9.8p1. Exploit Title : OpenSSH server sshd 9.8p1 - Race Condition Author : Milad Karimi Ex3ptionaL Date : 2025-04-16 Description: Targets a signal handler race condition in OpenSSH's server sshd on glibc-based Linux systems. It...

8.1CVSS8AI score0.99506EPSS
Exploits68
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.84 views

📄 Microsoft Windows 11 Kernel Privilege Escalation

Microsoft Windows 11 suffers from a privilege escalation vulnerability. Exploit Title: Microsoft Windows 11 - Kernel Privilege Escalation Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win,...

7.8CVSS9.2AI score0.51865EPSS
Exploits13
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.167 views

📄 Microsoft Windows 11 23h2 Privilege Escalation

Microsoft Windows 11 23h2 CLFS.sys proof of concept privilege escalation exploit. Exploit Title:Microsoft Windows 11 23h2 - 'CLFS.sys' Elevation of Privilege Vulnerability Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...

7.8CVSS9.2AI score0.25414EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.226 views

📄 Clothing Store Management System 1.0 SQL Injection

Clothing Store Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Titles: Clothing Store Management System-1.0 SQLi Bypass Authentication Author: nu11secur1ty Date: 04/22/2025 Vendor: https://github.com/oretnom23 Software:...

8.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.259 views

📄 tar-fs 3.0.0 Arbitrary File Write

tar-fs version 3.0.0 suffers from an arbitrary file write vulnerability. Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE:...

7.5CVSS7.8AI score0.02186EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.299 views

📄 Online Exam Mastering System 1.0 Cross Site Scripting

Online Exam Mastering System version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/exam/feedback.php Date: 2025-04-19 Exploit Author: Pruthu Raut Vendor Homepage:...

6.1CVSS6.2AI score0.00722EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.536 views

📄 Android 13 Local Privilege Escalation

Android version 13 local privilege escalation proof of concept exploit. Exploit Title: Android 13 - Local Privilege Escalation Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Version: = 13 Tested on: Win,...

7.8CVSS6.6AI score0.0146EPSS
Exploits17
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.257 views

📄 WordPress 123pan Cloud Storage 1.0 File Deletion / Shell Upload / Injection

WordPress 123pan Cloud Storage plugin version 1.0 suffers from token handling, remote shell upload, file deletion, and HTTP header injection vulnerabilities. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title WordPress 123pan Cloud Storage Plugin - Multiple...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.230 views

📄 WonderCMS 3.4.2 Cross Site Scripting / Code Execution

WonderCMS version 3.4.2 proof of concept cross site scripting to code execution exploit. Exploit Title: WonderCMS v3.4.2 XSS to RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H:...

6.1CVSS6.3AI score0.54305EPSS
Exploits16
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.384 views

📄 Joomla 3.7.1 SQL Injection

Joomla version 3.7.1 proof of concept remote SQL injection exploit. Exploit Title: Joomla 3.7.1 - Sql Injection Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H:...

9.8CVSS10AI score0.99826EPSS
Exploits21
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.214 views

📄 WordPress Easy Restaurant Manager 1.0 XSS / SQL Injection / IDOR

WordPress Easy Restaurant Manager plugin version 1.0 suffers from persistent cross site scripting, insecure direct object reference, a missing access control, and remote SQL injection vulnerabilities. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title WordPress...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.280 views

📄 GitLab 16.7.2 Account Takeover

GitLab version 16.7.2 proof of concept account takeover via password reset exploit. Exploit Title: GitLab 16.7.2 - Account Takeover via Password Reset without user interactions Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...

10CVSS9.1AI score0.94955EPSS
Exploits16
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.196 views

📄 Drupal 11.x-dev Path Disclosure

Drupal version 11.x-dev suffers from a path disclosure vulnerability. !/usr/bin/env python Exploit Title: Drupal 11.x-dev - Full Path Disclosure Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H:...

5.3CVSS6.5AI score0.09269EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.266 views

📄 compop.ca 3.5.3 Arbitrary Code Execution

compop.ca version 3.5.3 suffers from an arbitrary code execution vulnerability. Exploit Title: compop.ca 3.5.3 - Arbitrary code Execution Google Dork: Terms of Use inurl:compop.vip Date: 22/12/2024 Exploit Author: dmlino Vendor Homepage: https://www.compop.ca/ Version: 3.5.3 CVE : CVE-2024-48445...

9.8CVSS9.6AI score0.01958EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.382 views

📄 WordPress MapSVG Lite 8.5.34 Shell Upload

WordPress MapSVG Lite plugin versions 8.5.34 and below suffer from a remote shell upload vulnerability. 🐚 CVE-2025-32682 - Arbitrary File Upload in MapSVG Lite = 8.5.34 📌 Plugin Details - Name: MapSVG Lite - Affected Version: = 8.5.34 - Vulnerability Type: Arbitrary File Upload - CVE ID:...

9.9CVSS8.9AI score0.00447EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.333 views

📄 Tatsu 3.3.11 Remote Code Execution

Tatsu versions 3.3.11 and below pre-authentication proof of concept remote code execution exploit. !/usr/bin/python3 coding: utf-8 Exploit Title:Tatsu = 3.3.11 pre-auth RCE exploit Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...

8.1CVSS8.4AI score0.83535EPSS
Exploits9
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.259 views

📄 UJCMS 9.6.3 Insecure Direct Object Reference

UJCMS version 9.6.3 suffers from an insecure direct object reference vulnerability that enables user enumeration. Exploit Title: UJCMS 9.6.3 User Enumeration via IDOR Exploit Author: Cyd Tseng Date: 11 Dec 2024 Category: Web application Vendor Homepage: https://dromara.org/ Software Link:...

6.3CVSS4.7AI score0.03439EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.297 views

📄 Apache Commons Text 1.10.0 Remote Code Execution

Apache Commons Text version 1.10.0 suffers from a remote code execution vulnerability. Exploit Title: Apache Commons Text 1.10.0 - Remote Code Execution Text4Shell - POST-based Date: 2025-04-17 Exploit Author: Arjun Chaudhary Vendor Homepage: https://commons.apache.org/proper/commons-text/ Softwa...

9.8CVSS8.4AI score0.99931EPSS
Exploits41
Packet Storm
Packet Storm
added 2025/04/18 12:0 a.m.255 views

📄 Blood Bank and Donor Management System 2.4 Cross Site Request Forgery

Blood Bank and Donor Management System version 2.4 suffers from a cross site request forgery vulnerability. Exploit Title: Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation Google Dork: N/A Date: 2024-12-26 Exploit Author: Kwangyun Keum Vendor Homepage:...

6.9CVSS4.8AI score0.00778EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/17 12:0 a.m.215 views

📄 TP-Link VN020 F3v(T) TT_V6.2.1021 Denial of Service

TP-Link VN020 F3vT version TTV6.2.1021 suffers from a denial of service vulnerability. Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - Denial Of Service DOS Date: 10/22/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested on:...

7.1CVSS6.5AI score0.08886EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/04/17 12:0 a.m.447 views

📄 Meshtastic Buffer Overflow

A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as...

9.4CVSS8.3AI score0.00747EPSS
Exploits2
Total number of security vulnerabilities50738