Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
โ€ขadded 2025/04/17 12:0 a.m.โ€ข210 views

๐Ÿ“„ TP-Link VN020 F3v(T) TT_V6.2.1021 Buffer Overflow

TP-Link VN020 F3vT version TTV6.2.1021 suffers from a buffer overflow vulnerability. Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - Buffer Overflow Memory Corruption Date: 11/24/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested...

9.8CVSS7.2AI score0.01842EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข180 views

๐Ÿ“„ CommScope Ruckus IoT Controller 1.7.1.0 Backdoor Account

CommScope Ruckus IoT Controller version 1.7.1.0 has an undocumented backdoor account. Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage:...

9.8CVSS8.8AI score0.13773EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข255 views

๐Ÿ“„ WooCommerce Customers Manager 29.4 SQL Injection

WooCommerce Customers Manager version 29.4 suffers from a remote SQL injection vulnerability. Exploit Title: WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection Date: 2024-03-25 Exploit Author: Ivan Spiridonov - xbz0n Software Link:...

8.1CVSS9.1AI score0.02877EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข274 views

๐Ÿ“„ phpMyFAQ 3.2.10 Unintended File Download

phpMyFAQ version 3.2.10 suffers from an unintended file download vulnerability. Exploit Title: phpMyFAQ v3.2.10 - Unintended File Download Triggered by Embedded Frames Date: 13 Dec 2024 Exploit Author: George Chen Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link:...

7.2CVSS6.7AI score0.02121EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข645 views

๐Ÿ“„ BentoML 1.4.2 Remote Code Execution

A remote code execution vulnerability caused by insecure deserialization has been identified in version 1.4.2 of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS10AI score0.44358EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข363 views

๐Ÿ“„ phpMyFAQ 3.1.7 Cross Site Scripting

phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Versio...

9.8CVSS7.5AI score0.04381EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข270 views

๐Ÿ“„ Smart Manager 8.27.0 SQL Injection

Smart Manager version 8.27.0 suffers from a remote SQL injection vulnerability. Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link:...

7.2CVSS7.8AI score0.03301EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข205 views

๐Ÿ“„ NagVis 1.9.33 Arbitrary File Read

NagVis version 1.9.33 suffers from an arbitrary file read vulnerability. Exploit Title: NagVis 1.9.33 - Arbitrary File Read Date: 03/12/2024 Exploit Author: David Rodrรญguez a.k.a. xerosec Vendor Homepage: https://www.nagvis.org/ Software Link: https://www.nagvis.org/downloads/archive Version:...

9.1CVSS6.1AI score0.04135EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข251 views

๐Ÿ“„ Teedy 1.11 Cross Site Scripting

Teedy version 1.11 suffers from a persistent cross site scripting vulnerability. Exploit Title: Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting XSS Exploit Author: Ayato Shitomi @ Fore-Z co.ltd Demo Video: https://www.youtube.com/watch?v=udQgVogsmhA Vendor Homepage: https://teedy.io...

8.4CVSS6.3AI score0.02628EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข119 views

๐Ÿ“„ WebMethods Integration Server 10.15.0.0000-0092 Access Bypass

WebMethods Integration Server version 10.15.0.0000-0092 has an issue where blank credentials can allow access to the administrative panel. Exploit Title: WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page Date: 25-01-2024 Exploit Author: Rasime Ekici Vendor Homepage:...

7.5CVSS7AI score0.02332EPSS
Exploits1
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข254 views

๐Ÿ“„ Zabbix 7.0.0 SQL Injection

Zabbix version 7.0.0 suffers from a remote SQL injection vulnerability. Exploit Title: Zabbix 7.0.0 - SQL Injection Date: 06/12/2024 Exploit Author: Leandro Dias Barata @m4nb4 Vendor Homepage: https://www.zabbix.com/ Software Link: https://support.zabbix.com/browse/ZBX-25623 Version: 6.0.0 - 6.0....

9.9CVSS9.7AI score0.78831EPSS
Exploits13
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข222 views

๐Ÿ“„ Dell EMC iDRAC7/iDRAC8 2.52.52.52 Remote Code Execution

Dell EMC iDRAC7/iDRAC8 version 2.52.52.52 suffers from a remote code execution vulnerability. Exploit Title: Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution RCE via file upload Date: 2024-08-28 Exploit Author: Photubias Vendor Homepage: https://dell.com Vendor Advisory: 1...

9.8CVSS9.9AI score0.9079EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/16 12:0 a.m.โ€ข326 views

๐Ÿ“„ Hugging Face Transformers MobileViTV2 4.41.1 Remote Code Execution

Hugging Face Transformers MobileViTV2 version 4.41.1 suffers from a remote code execution vulnerability. Exploit Title: Hugging Face Transformers MobileViTV2 RCE Date: 29-11-2024 Exploit Author: The Kernel Panic Vendor Homepage: https://huggingface.co/ Software Link:...

8.8CVSS8.1AI score0.06898EPSS
Exploits4
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข230 views

๐Ÿ“„ SilverStripe 5.3.8 Cross Site Scripting

SilverStripe version 5.34.8 suffers from a persistent cross site scripting vulnerability. Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link:...

5.4CVSS6.2AI score0.01108EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข190 views

๐Ÿ“„ Rollback Rx Professional 12.8.0.0 NULL Pointer Dereference

Rollback Rx Professional version 12.8.0.0 suffers from a null pointer dereference in shieldm.sys. Title: Rollback Rx Professional 12.8.0.0 - "shieldm.sys" Null Pointer Dereference Author: Can Burak Dรถnmez Date: 14.04.2025 Vendor: https://horizondatasys.com Affected Version: 12.8.0.0 Tested: Win10...

7AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข311 views

๐Ÿ“„ GestioIP 3.5.7 Cross Site Request Forgery

GestioIP version 3.5.7 suffers from a cross site request forgery vulnerability. Exploit Title: GestioIP 3.5.7 - GestioIP Vulnerability: Auth. Cross-Site Request Forgery CSRF Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email : max.cybersecurity a...

8.8CVSS6.7AI score0.01669EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข301 views

๐Ÿ“„ Adapt Authoring Tool 0.11.3 Remote Command Execution

Adapt Authoring Tool version 0.11.3 suffers from a remote command execution vulnerability. Exploit Title: Adapt Authoring Tool 0.11.3 - Remote Command Execution RCE Date: 2024-11-24 Exploit Author: Eui Chul Chung Vendor Homepage: https://www.adaptlearning.org/ Software Link:...

9.8CVSS7.1AI score0.01526EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข282 views

๐Ÿ“„ GestioIP 3.5.7 Cross Site Scripting

GestioIP version 3.5.7 suffers from reflective and persistent cross site scripting vulnerabilities. Exploit Title: GestioIP 3.5.7 - GestioIP Vulnerability: Auth. Cross-Site Scripting XSS Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email...

6.1CVSS6.4AI score0.01172EPSS
Exploits7
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข297 views

๐Ÿ“„ Spring Boot common-user-management 0.1 Shell Upload

Spring Boot common-user-management version 0.1 suffers from a remote shell upload vulnerability. Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...

8.7CVSS7AI score0.03222EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข198 views

๐Ÿ“„ OpenCMS 17.0 Cross Site Scripting

OpenCMS version 17.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: OpenCMS 17.0 - Stored Cross Site Scripting XSS Date: 24-11-2024 Exploit Author: Siddhartha Naik Vendor Homepage: http://www.opencms.org/en/ Software Link:...

5.4CVSS6.2AI score0.00209EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข167 views

๐Ÿ“„ Plane 0.23.1 Server-Side Request Forgery

Plane version 0.23.1 suffers from a server-side request forgery vulnerability. Exploit Title: Plane - Server side request forgery SSRF Date: 2024-01-13 Exploit Author: Saud Alenazi Vendor Homepage: https://plane.so Software Link: https://github.com/makeplane/plane/releases/tag/v0.23.1 Version:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข284 views

๐Ÿ“„ WordPress Really Simple Security 9.1.1.1 Authentication Bypass

WordPress Really Simple Security plugin version 9.1.1.1 authentication bypass proof of concept exploit. !/usr/bin/env python3 Exploit Title: Really Simple Security 9.1.1.1 - Authentication Bypass Date: 2024-11-19 Exploit Author: Antonio Francesco Sardella Vendor Homepage:...

9.8CVSS7.7AI score0.81722EPSS
Exploits21
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข336 views

๐Ÿ“„ GestioIP 3.5.7 Remote Command Execution

GestioIP version 3.5.7 suffers from a remote command execution vulnerability. Exploit Title: GestioIP 3.5.7 - Remote Command Execution RCE Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email max.cybersecurity at belino.com GitHub disclosure link:...

9.8CVSS7.3AI score0.45109EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข235 views

๐Ÿ“„ Cacti 1.2.26 Remote Code Execution

Cacti version 1.2.26 proof of concept remote code execution exploit. Exploit Title: Cacti 1.2.26 - Remote Code Execution RCE Authenticated Date: 06/01/2025 Exploit Author: D3Ext Vendor Homepage: https://cacti.net/ Software Link: https://github.com/Cacti/cacti/archive/refs/tags/release/1.2.26.zip...

9.1CVSS9.8AI score0.86303EPSS
Exploits17
Packet Storm
Packet Storm
โ€ขadded 2025/04/15 12:0 a.m.โ€ข225 views

๐Ÿ“„ Pymatgen 2024.1 Remote Code Execution

Pymatgen version 2024.1 suffers from a remote code execution vulnerability. Exploit Title : Pymatgen 2024.1 - Remote Code Execution RCE Google Dork : not applicable Date : 2024-11-13 Exploit Author : Mohammed Idrees Banyamer Vendor Homepage : https ://pymatgen.org Software Link : https ://pypi.or...

9.3CVSS9.5AI score0.03816EPSS
Exploits8
Packet Storm
Packet Storm
โ€ขadded 2025/04/14 12:0 a.m.โ€ข193 views

Atlas (Havelsan) Insecure Deserialization

Atlas Havelsan suffers from a BinaryFormatter insecure deserialization vulnerability. Exploit Title: Havelsan Atlas HBYS - Insecure Deserialization RCE Date: 2025-04-14 Exploit Author: Ahmet รœmit BAYRAM Vendor: https://github.com/havelsan/atlas Version: latest Tested on: Windows 10 - 64bit CVE: N...

7.4AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2025/04/14 12:0 a.m.โ€ข398 views

๐Ÿ“„ CrushFTP 9.x / 10.8.4 / 11.3.1 Server-Side Request Forgery / Directory Traversal

CrushFTP versions 9.x, 10.x through 10.8.4, and 11.x through 11.3.1 suffer from server-side request forgery and directory traversal vulnerabilities. !-- Exploit Title: Server-Side Request Forgery SSRF in CrushFTP 10.7.1 and 11.1.0 as well as legacy 9.x Date: 2024-10-20 Exploit Author: Rafael...

5CVSS7AI score0.12216EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/14 12:0 a.m.โ€ข280 views

๐Ÿ“„ Langflow AI Remote Code Execution

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS10AI score0.99972EPSS
Exploits33
Packet Storm
Packet Storm
โ€ขadded 2025/04/14 12:0 a.m.โ€ข179 views

๐Ÿ“„ RemotePC Remote Code Execution

RemotePC suffers from an unauthenticated remote code execution vulnerability. The release for this on github offers no version information. Exploit Title: RemotePC - Unauthenticated RCE Date: 2025-04-14 Exploit Author: Ahmet รœmit BAYRAM Vendor: https://github.com/akoc95/RemotePC Version: latest...

8.4AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข303 views

๐Ÿ“„ MagnusBilling 6.x / 7.x Command Injection

MagnusBilling versions 6.x and 7.x suffer from an unauthenticated remote command injection vulnerability. Exploit Title: MagnusBilling 6.x and 7.x Unauthenticated Remote Command Injection Vulnerability Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage:...

9.8CVSS9.8AI score0.9425EPSS
Exploits15
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข313 views

๐Ÿ“„ Netman 204 Authentication Bypass / Remote Code Execution

Netman 204 allows for remote command execution without authentication. Exploit Title: Netman 204 - Remote command with out authentication Date: 2/4/2025 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: netman-204 https://www.riello-ups.com/downloads/25-netman-204 Version: netman-204 Teste...

7.4AI score
Exploits0
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข141 views

๐Ÿ“„ NEWS-BUZZ 1.0 SQL Injection

NEWS-BUZZ version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: NEWS-BUZZ News Management System - SQL Injection Google Dork: N/A Exploit Author: egsec Date: 2024-11-03 Vendor Homepage: https://code-projects.org Software Link:...

9.8CVSS7.9AI score0.01354EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข159 views

๐Ÿ“„ GetSimpleCMS Shell Upload

GetSimple CMS versions prior to 3.3.16 suffer from a remote code execution vulnerability via a PHAR file upload in admin/upload.php. Exploit Title: GetSimpleCMS 2. Write a PHP script to create the .phar file: Use the Phar class in PHP to package the index.php file into a .phar archive. Create a...

7.2CVSS7.2AI score0.07548EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข402 views

๐Ÿ“„ phpIPAM 1.6 Cross Site Scripting

phpIPAM version 1.6 suffers from a cross site scripting vulnerability. Exploit Title: phpIPAM 1.6 Reflected XSS via closeClass Parameter in popup.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam...

6.1CVSS5.9AI score0.03904EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข403 views

๐Ÿ“„ WordPress LearnPress 4.2.7 SQL Injection

WordPress LearnPress plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability. My name: Francisco Moraga BTshell @BTshell https://www.linkedin.com/in/btshell/ Exploit Title: LearnPress WordPress LMS Plugin = 4.2.7 - Unauthenticated SQL Injection via 'conlyfields' Google...

10CVSS9AI score0.61355EPSS
Exploits6
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข311 views

๐Ÿ“„ PgAdmin Query Tool Authenticated Remote Code Execution

This Metasploit module exploits a vulnerability in pgAdmin where an authenticated user can establish a connection to the query tool and send a specific payload in the querycommited POST parameter. This payload is directly executed via a Python eval statement, resulting in remote code execution in...

9.9CVSS9.6AI score0.39067EPSS
Exploits7
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข279 views

๐Ÿ“„ MiniCMS 1.1 Cross Site Scripting

MiniCMS version 1.1 suffers from a cross site scripting vulnerability. Exploit Title: MiniCMS 1.1 Cross-Site Scripting XSS in date Parameter of mc-admin/page.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:...

6.1CVSS6AI score0.02191EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข281 views

๐Ÿ“„ RosarioSIS SQL Injection

RosarioSIS versions prior to 7.6.1 suffer from a remote unauthenticated SQL injection vulnerability. Exploit Title: RosarioSIS $votesarray && if ! empty $votesarray && PortalPollsVote $pollid, $votesarray votes'; CREATE TABLE aaat text --=1...

9.8CVSS9.6AI score0.23673EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข320 views

๐Ÿ“„ Roundcube 1.6.6 Cross Site Scripting

Roundcube mail server versions earlier than 1.5.6 and 1.6 through 1.6.6 suffer from a persistent cross site scripting vulnerability. Exploit Title: Roundcube mail server exploit for CVE-2024-37383 Stored XSS Google Dork: Exploit Author: AmirZargham Vendor Homepage: Roundcube - Free and Open Sourc...

6.1CVSS6.5AI score0.73296EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข331 views

๐Ÿ“„ Gnuboard5 5.3.2.8 SQL Injection

Gnuboard5 versions 5.3.2.8 and below suffer from a remote SQL injection vulnerability. Exploit Title: Gnuboard5 = 5.3.2.8 SQL Injection via tableprefix Parameter Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/gnuboard/gnuboard5 Software Link:...

9.8CVSS9.8AI score0.05377EPSS
Exploits4
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข338 views

๐Ÿ“„ Anant Addons for Elementor 1.1.5 CSRF / Arbitrary Plugin Installation

Anant Addons for Elementor versions 1.1.5 and below cross site request forgery proof of concept that allows for arbitrary plugin installation. ๐Ÿ›ก๏ธ Anant Addons for Elementor Anant Addons for Elementor body background-color: 111; color: 0f0; font-family: monospace;...

9.6CVSS9AI score0.00264EPSS
Exploits1
Packet Storm
Packet Storm
โ€ขadded 2025/04/11 12:0 a.m.โ€ข154 views

๐Ÿ“„ flatCore Cross Site Request Forgery

flatCore versions prior to 1.5 suffer from a cross site request forgery vulnerability. Exploit Title: flatCore CSRF PoC Replace Your Domain Name...

8.8CVSS8.5AI score0.02254EPSS
Exploits4
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข89 views

๐Ÿ“„ Cisco Smart Software Manager On-Prem 8-202206 Account Takeover

Cisco Smart Software Manager On-Prem versions 8-202206 and below account takeover proof of concept exploit. Exploit Title: Cisco SSM On-Prem; Account Takeover CVE-2024-20419 Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...

10CVSS7.1AI score0.80767EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข315 views

๐Ÿ“„ Typecho 1.3.0 Race Condition

Typecho versions 1.3.0 and below suffer from a race condition vulnerability. // Exploit Title: Typecho = 1.3.0 Race Condition // Google Dork: intext:"Powered by Typecho" inurl:/index.php // Date: 18/08/2024 // Exploit Author: Michele 'cyberaz0r' Di Bonaventura // Vendor Homepage:...

6.5CVSS6.6AI score0.01445EPSS
Exploits5
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข267 views

๐Ÿ“„ CodeAstro Online Railway Reservation System 1.0 Cross Site Scripting

CodeAstro Online Railway Reservation System version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: XSS Vulnerability in Online Railway Reservation System 1.0 Date: 2024-08-15 Exploit Author: Raj Nandi Vendor Homepage: https://codeastro.com/ Software Link:...

5.1CVSS4AI score0.01128EPSS
Exploits3
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข279 views

๐Ÿ“„ AquilaCMS 1.409.20 Remote Command Execution

AquilaCMS version 1.409.20 suffers from a remote command execution vulnerability. Exploit Title: AquilaCMS 1.409.20 - Remote Command Execution RCE Unauthenticated Date: 2024-10-25 Exploit Author: Eui Chul Chung Vendor Homepage: https://www.aquila-cms.com/ Software Link:...

9.8CVSS7.1AI score0.01EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข223 views

๐Ÿ“„ WordPress Buddypress Humanity 1.2 Cross Site Request Forgery

WordPress Buddypress Humanity plugin versions 1.2 and below suffer from a cross site request forgery vulnerability. โš ๏ธ CVE-2025-31033 - CSRF in WordPress Buddypress Humanity Plugin...

9.8CVSS8.7AI score0.00364EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข240 views

๐Ÿ“„ PandoraFMS 7.0NG.772 SQL Injection

PandoraFMS version 7.0NG.772 proof of concept authenticated remote SQL injection exploit. Exploit Title: PandoraFMS console v7.0NG.772 - SQL Injection Authenticated Date: 21/11/2023 Exploit Author: Osama Yousef Vendor Homepage: https://pandorafms.com/ Software Link:...

8.8CVSS9AI score0.0073EPSS
Exploits2
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข321 views

๐Ÿ“„ Typecho 1.3.0 Cross Site Scripting

Typecho versions 1.3.0 and below suffer from a persistent cross site scripting vulnerability. // Exploit Title: Typecho = 1.3.0 Stored Cross-Site Scripting XSS // Google Dork: intext:"Powered by Typecho" inurl:/index.php // Date: 18/08/2024 // Exploit Author: Michele 'cyberaz0r' Di Bonaventura //...

9CVSS6.2AI score0.02671EPSS
Exploits4
Packet Storm
Packet Storm
โ€ขadded 2025/04/10 12:0 a.m.โ€ข255 views

๐Ÿ“„ flatCore 1.5.5 Shell Upload

flatCore version 1.5.5 suffers from a remote shell upload vulnerability. Exploit Title: flatCore Arbitrary .php File Upload via acp/acp.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/flatCore/flatCore-CMS Software Link: https://github.com/flatCore/flatCore-CMS...

7.2CVSS7.1AI score0.0709EPSS
Exploits3
Total number of security vulnerabilities50738