Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.275 views

KubeSphere 3.4.0 Insecure Direct Object Reference

KubeSphere version 3.4.0 and KubeSphere Enterprise version 4.1.1 suffer from an insecure direct object reference vulnerability. Exploit Title: IDOR Vulnerability in KubeSphere v3.4.0 & KubeSphere Enterprise v4.1.1 Date: 3 September Exploit Author: Okan Kurtulus Vendor Homepage:...

4.3CVSS7AI score0.01618EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.218 views

NVIDIA Container Toolkit 1.16.1 Breakout

NVIDIA Container Toolkit versions 1.16.1 and below contain a Time-of-check Time-of-Use TOCTOU vulnerability when used with a default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful...

9CVSS7.5AI score0.37055EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.203 views

Solstice Pod 5.5 / 6.2 Information Disclosure

Solstice Pod versions 5.5 and 6.2 expose sensitive information such as the session key, server version, product details, and display name via an unauthenticated API. Exploit Title: Solstice Pod API Session Key Extraction via API Endpoint Google Dork: N/A Date: 1/17/2025 Exploit Author: The Baldwi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.340 views

X2CRM 8.5 Cross Site Scripting

X2CRM version 8.5 suffers from a persistent cross site scripting vulnerability. Exploit Title: X2CRM v8.5 – Stored Cross-Site Scripting XSS Authenticated Date: 12 September 2024 Exploit Author: Okan Kurtulus Vendor Homepage: https://x2engine.com/ Software Link: https://github.com/X2Engine/X2CRM...

5.4CVSS6.4AI score0.00624EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.262 views

moziloCMS 3.0 Shell Upload

moziloCMS version 3.0 suffers from a remote shell upload vulnerability. Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Authenticated Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link:...

7.2CVSS7.2AI score0.16249EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.291 views

XWiki Standard 14.10 Remote Code Execution

XWiki Standard version 14.10 proof of concept remote code execution exploit. Exploit Title: CVE-2023-48292 Remote Code Execution Exploit Google Dork: N/A Date: 23 March 2025 Exploit Author: Mehran Seifalinia Vendor Homepage: https://www.xwiki.org/ Software Link:...

9.6CVSS7.9AI score0.22938EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.275 views

WordPress Pipe Audio Video and Screen Recorder 1.0.6 Bypass / LFI / SSRF

WordPress Pipe Audio Video and Screen Recorder plugin version 1.0.6 suffers from webhook signature bypass, denial of service, local file inclusion, and server-side request forgery vulnerabilities. Exploit Title: WordPress Pipe Audio Video and Screen Recorder 1.0.6 - Multiple Vulnerabilities Date:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.272 views

CodeCanyon Rise CRM 3.7.0 SQL Injection

CodeCanyon Rise CRM version 3.7.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. PROOF OF CONCEPT CVE: CVE-2024-8945 Exploit Title: RISE Ultimate Project Manager 3.7 sql injection POC Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed...

5.3CVSS8.4AI score0.14545EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.342 views

Litespeed Cache 6.5.0.1 Authentication Bypass

Litespeed Cache version 6.5.0.1 suffers from an authentication bypass vulnerability. Exploit Title: Litespeed unauthorized account takeover Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link:...

9.8CVSS7.5AI score0.83178EPSS
Exploits7
Packet Storm
Packet Storm
added 2025/03/28 12:0 a.m.394 views

Sitecore CVE-2025-27218 BinaryFormatter Deserialization

This Metasploit module exploits a .NET deserialization vulnerability in Sitecore Experience Manager XM and Experience Platform XP 10.4 by injecting a malicious Base64-encoded BinaryFormatter payload into an HTTP header. This module requires Metasploit: https://metasploit.com/download Current...

5.3CVSS7.3AI score0.6356EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/03/28 12:0 a.m.174 views

Online Medicine Ordering System 1.0 Authentication Bypass / SQL Injection

Online Medicine Ordering System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Titles: OMOS-1.0-Copyright©2025-Multiple-SQLi Author: nu11secur1ty Date: 03/28/2025 Vendor: https://github.com/oretnom23 Software:...

8.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/28 12:0 a.m.261 views

CMS Made Simple 2.2.21 Remote Code Execution

CMS Made Simple versions 2.2.21 and below allow an authenticated administrator to upload files with the .phar or .phtml extensions, enabling execution of PHP code leading to remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

8.8CVSS9.4AI score0.44811EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/28 12:0 a.m.227 views

Kyaan 1.0 SQL Injection

Kyaan version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: kyaan - Multiple Vulnerabilities Date: March 27, 2025 Exploit Author: wa03 Telegram: @wa03 Vendor Homepage: https://kyaan.co Version: 1.0 Tested on: Windows local xampp DBMS: MySQL CVE: N/A Google Dork:...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/27 12:0 a.m.202 views

Webworx CMS 1.0 SQL Injection / Cross Site Scripting

Webworx CMS version 1.0 suffers from remote SQL injection and cross site scripting vulnerabilities. Exploit Title: WebWorx CMS - SQL Injection & Cross-Site Scripting XSS Vulnerabilities Date: 2025-03-25 Exploit Author: wa03/@td9l Telegram: @wa03 Vendor Homepage: https://webworx.technology/ Versio...

7.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/27 12:0 a.m.184 views

University Registration System 1.0 Insecure Direct Object Reference

University Registration System version 1.0 suffers from an insecure direct object reference vulnerability that allows for information disclosure. Exploit Title: University Registration System - IDOR Leads to Information Disclosure Date: 2025-03-25 Exploit Author: wa03/td9l Telegram: @wa03/@td9l...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/27 12:0 a.m.891 views

Kernel Live Patch Security Notice LSN-0110-1

A half dozen vulnerabilities have been addressed in the Linux kernel including use-after-free and heap overflow issues. Linux kernel vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 22.04 LTS -...

7.8CVSS8.2AI score0.03301EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/03/27 12:0 a.m.246 views

Geovision GV-ASManager 6.1.10 Cross Site Request Forgery

Geovision GV-ASManager versions 6.1.10 and below suffer from a cross site request forgery vulnerability. CVE-2024-56901 CVE-2024-56901 - A Cross-Site Request Forgery CSRF vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily...

8.8CVSS6.7AI score0.22168EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/03/26 12:0 a.m.211 views

WordPress Modal 1.5.8 Code Execution / Denial of Service

WordPress Modal plugin versions 1.5.8 and below suffer from remote code execution and denial of service vulnerabilities due to unsafe deserialization. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title Wordpress Modal Popup Box Plugin - Multiple Vulnerabilities...

8.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/26 12:0 a.m.303 views

Eramba Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...

8.8CVSS8.5AI score0.57359EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/03/25 12:0 a.m.250 views

WordPress Iron Security 2.2.3 IP Spoofing

WordPress Iron Security plugin versions 2.2.3 and below suffer from a source IP spoofing vulnerability. Wordpress Plugin Iron Security - IP Spoofing Exploit Author: bRpsd | cyatlive.no Date: March 20, 2025 Product: https://wordpress.org/plugins/iron-security/ Version: 2.2.3 and below CVE : N/A...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/25 12:0 a.m.210 views

Dolphin Pro 7.4.2 Cross Site Scripting

Dolphin Pro version 7.4.2 suffers from a persistent cross site scripting vulnerability. Exploit Title: Stored XSS via Send Message Functionality - dolphin.prov7.4.2 Date: 03/2025 Exploit Author: Andrey Stoykov Version: 7.4.2 Date: 03/2025 Tested on: Debian 12 Blog:...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/25 12:0 a.m.253 views

Dolphin Pro 7.4.2 SQL Injection

Dolphin Pro version 7.4.2 suffers from a remote SQL injection vulnerability. Exploit Title: SQL Injection in Admin Functionality - dolphin.prov7.4.2 Date: 03/2025 Exploit Author: Andrey Stoykov Version: 7.4.2 Date: 03/2025 Tested on: Debian 12 Blog:...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.130 views

Chamilo LMS 1.11.24 Shell Upload

Chamilo LMS versions 1.11.24 and below remote shell upload exploit. Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version:...

8.1CVSS7.5AI score0.76084EPSS
Exploits27
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.224 views

WordPress Advanced Form Integration 1.82.0 SQL Injection / Cross Site Scripting

WordPress Advanced Form Integration plugin versions 1.82.0 and below suffer from a remote SQL injection vulnerability that can be leveraged for cross site scripting attacks. CVE-2024-2387 Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms =...

6.1CVSS7.8AI score0.01653EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.3326 views

Fail2Ban 0.11.2 Privilege Escalation / Command Execution

If a user can execute fail2ban-client with sudo, they can achieve local privilege escalation and command injection via user-modified actions. Author: Raed Ahsan Date: 24/03/2025 Fail2Ban-client privilege-escalation """ Fail2Ban Automated Exploit Script - CVE Candidate...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.131 views

Gitea 1.24.0 Cross Site Scripting

Gitea version 1.24.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.134 views

TranzAxis 3.2.41.10.26 Cross Site Scripting

TranzAxis version 3.2.41.10.26 suffers from a persistent cross site scripting vulnerability. Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version:...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.218 views

WordPress Extensive VC Addons for WPBakery Page Builder 1.9.0 Code Execution

WordPress Extensive VC Addons for WPBakery Page Builder version 1.9.0 suffers from a remote execution vulnerability. Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested...

7.5CVSS7.6AI score0.55736EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.137 views

VeeVPN 1.6.1 Unquoted Service Path

VeeVPN version 1.6.1 suffers from an unquoted service path vulnerability. Exploit Title: VeeVPN 1.6.1 - 'VeePNService' Unquoted Service Path Date: 2024-12-27 Exploit Author: Doğukan Orhan Vendor Homepage: https://veepn.com/ Version: 1.6.1 Tested on: Windows 10 Pro x64 Step to discover Unquoted...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.135 views

Aztech DSL5005EN Authentication Bypass

Aztech DSL5005EN authentication bypass exploit that changes the administrative password. Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.205 views

TeamPass 3.0.0.21 SQL Injection

TeamPass version 3.0.0.21 suffers from a remote SQL injection vulnerability. Exploit Title: TeamPass SQL Injection Google Dork: intitle:"Teampass" + inurl:index.php?page=items Date: 02/23/2025 Exploit Author: Max Meyer - Rivendell Vendor Homepage: http://www.teampass.net Software Link:...

7.5CVSS8.5AI score0.08354EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.134 views

Jasmin Ransomware Arbitrary File Download

Jasmin Ransomware suffers from an arbitrary file download vulnerability. Exploit Title: Jasmin Ransomware - Authenticated Arbitrary File Download Google Dork: N/A Date: 22-03-2025 Exploit Author: bRpsd cyatlive.no Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link:...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/21 12:0 a.m.447 views

WordPress iSpring Embedder 1.0 CSRF / Shell Upload

WordPress iSpring Embedder plugin versions 1.0 and below suffer from a cross site request forgery vulnerability that can be leveraged to upload a PHP web shell. CVE-2025-23922 - WordPress iSpring Embedder CSRF to Arbitrary File Upload 📌 CVE Details - CVE ID: CVE-2025-23922 - Published: 2025-01-16...

10CVSS6.8AI score0.01035EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/21 12:0 a.m.411 views

Edunext Systems + School Management Software 1.0 SQL Injection

Edunext Systems + School Management Software version 1.0 suffers from multiple remote SQL injection vulnerabilities. Exploit Title: Edunext Systems + School Management Software Multiple SQL injection Google Dork: inurl:/page.php?PAGE= , inurl:/image-gallery-detail.php?galid= , intext:Powered by...

8.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/20 12:0 a.m.347 views

Tripp Lite SU750XL UPS Privilege Escalation / Missing Authentication

Tripp Lite SU750XL UPS suffers from multiple privilege escalation issues due to missing authentication. Although these issues were previously found on PDUs back in 2019, it appears the UPSes are also affected. Author: Lucas Lalumiere Contact: [email protected] Date: 2025-3-17 Vendor: Tripp Li...

9.1CVSS7.4AI score0.02755EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/19 12:0 a.m.659 views

libxslt xsltParseStylesheetProcess Use-After-Free

libxslt suffers from a use-after-free vulnerability in xsltParseStylesheetProcess. There is a use-after-free issue in libxslt read on a namespace URL stored in exclPrefixTab. The issue was reproduced on the latest Git version. The proof of concept and ASAN log are provided at the end of the repor...

7.8CVSS7AI score0.00324EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/19 12:0 a.m.376 views

Koha SQL Injection

Koha versions prior to 24.11.02 suffer from a remote SQL injection vulnerability in C4/Serials.pm. Koha CVE-2025-22954: SQL Injection in lateissues-export.pl Overview This repository contains a proof of concept for CVE-2025-22954, a critical severity CVSS 10.0 SQL injection vulnerability in Koha...

10CVSS8AI score0.23247EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/18 12:0 a.m.285 views

Apache Tomcat Remote Code Execution / Information Disclosure

This is the formal advisory from Apache regarding the recent partial PUT vulnerability that allows for potential remote code execution or information disclosure. Apache Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, and 9.0.0.M1 to 9.0.98 are affected. CVE-2025-24813 Potential RCE...

9.8CVSS7.5AI score0.99945EPSS
Exploits46
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.234 views

Semantic Segmentation Editor 1.6.0 Directory Traversal

Semantic Segmentation Editor version 1.6.0 suffers from multiple directory traversal vulnerabilities. Exploit Title: Semantic Segmentation Editor 1.6.0 - Directory Traversal File Upload Date: 2025-03-14 Exploit Author: Fatih Türüt defendzero.com Vendor Homepage: Hitachi Automotive & Industry Lab...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.467 views

Linux io_uring Out-Of-Bounds Access

iouaddrmap in iouring handles multi-page region dangerously in a way that may allow for out-of-bounds access. iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. ...

5.5CVSS6.9AI score0.00282EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.252 views

PowerVR Patch Security Issues

A couple security issues were discovered in PowerVR during a patch review. While reviewing a preview patch for https://bugs.chromium.org/p/project-zero/issues/detail?id=2540 , I noticed some issues - most of them minor, but the following two seem like they probably have bigger security impact: F....

8.4CVSS7.2AI score0.00082EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.145 views

Azon Dominator 6.0 HTML Injection

Azon Dominator version 6.0 suffers from an html injection vulnerability. Hi There, Azon Dominator is vulnerable to an HTML Injection vulnerability in its search functionality. The issue arises due to insufficient input validation in the q parameter, allowing an attacker to inject arbitrary HTML...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.344 views

Linux Landlock Disable

A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...

6.8AI score0.00287EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.311 views

Linux watch_queue Filter Out-Of-Bounds Write

The Linux watchqueue filter suffers from an out of bounds write vulnerability amongst other issues that are also noted. This bug report is about things in the watchqueue subsystem, which is only enabled under CONFIGWATCHQUEUE. That seems to be disabled e.g. on Debian, but Ubuntu and Fedora enable...

7.8CVSS7AI score0.06197EPSS
Exploits10
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.256 views

Linux 6.4 mbind() Use-After-Free / Race Condition

There is a race between mbind and VMA-locked page faults that leads to a use-after-free condition. tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leading to UAF. You can quickly hit this with a straightforward reproducer that just...

7CVSS7AI score0.00255EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.174 views

Linux 5.6 Cred Refcount Overflow

Linux 5.6 suffers from a cred refcount overflow at approximately 39 gigs of memory usage via iouring. see also my related prior bug reports about overflowing refcounts with lots of RAM usage: https://crbug.com/project-zero/809: BPF program refcount, with 32GiB RAM...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.236 views

Linux i915 PTE Use-After-Free

i915 code in Linux has an out-of-bounds PTE write in vmfaultgtt that leads to a PTE use-after-free condition. I found a bug in the i915 code that allows a process with access to a render node /dev/dri/renderD128 to corrupt kernel memory. This bug is subject to a 90-day disclosure deadline. If a f...

5.5CVSS7.2AI score0.00256EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.560 views

Linux 6.4 io_uring Use-After-Free

iouring in Linux 6.4 suffers from a iouring page use-after-free condition via buffer ring mmap. Since commit c56e022c0a27 "iouring: add support for user mapped provided buffer ring", landed in Linux 6.4, iouring makes it possible to allocate, mmap, and deallocate "buffer rings". A "buffer ring" c...

7.8CVSS7.1AI score0.12836EPSS
Exploits9
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.320 views

Linux DRM Race Condition / Use-After-Free

Linux has an issue where drmfileupdatepid calls getpid too late, which creates a race condition that can lead to use-after-free of a struct pid. I am sending this to security@ and to the drm-misc maintainers - based on...

7CVSS5.8AI score0.00879EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/03/14 12:0 a.m.483 views

InvoiceShelf 1.3.0 Remote Code Execution

This Metasploit module exploits a PHP deserialization vulnerability in InvoiceShelf versions 1.3.0 and below that results in remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModul...

9.8CVSS7.9AI score0.4356EPSS
Exploits2
Total number of security vulnerabilities50738