Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/10/10 12:0 a.m.587 views

Android GKI Kernels Use-After-Free

A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode for an extended amount of time, other threads will block as soon as they try to...

7.8CVSS7AI score0.00217EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/10/10 12:0 a.m.605 views

Palo Alto Networks GlobalProtect Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: Palo Alto Networks GlobalProtect vulnerable version: 5.1.x, 5.2.x, 6.0.x, 6.1.x, =6.2.5, all other versions are not...

7.8CVSS9.7AI score0.06008EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/10/08 12:0 a.m.323 views

PHP-Nuke Top Module SQL Injection

Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/08 12:0 a.m.275 views

ABB Cylon Aspect 3.08.01 calendarFileDelete.php Arbitrary File Deletion

ABB Cylon Aspect 3.08.01 calendarFileDelete.php Arbitrary File Deletion Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.292 views

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.400 views

OpenMediaVault 7.4.2-2 Code Injection

============================================================================================================================================= | Title : OpenMediaVault 7.4.2-2 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.338 views

ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution

ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.347 views

Hikvision IP Camera Cross Site Request Forgery

============================================================================================================================================= | Title : Hikvision IP Camera CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.260 views

ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure

ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.276 views

Book Recording App 2024-09-24 Cross Site Scripting

Exploit Title: Book Recording App - Cross Site Scripting Stored XSS Date: 05/10/2024 Exploit Author: Arif Ari Vendor Homepage: https://www.sourcecodester.com/javascript/17600/book-recording-app-using-htmlcss-vanillajs-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.317 views

ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution

ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.345 views

GeoServer 2.25.1 Code Injection

============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.356 views

Netis MW5360 Code Injection

============================================================================================================================================= | Title : Netis MW5360 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/07 12:0 a.m.285 views

Gambio Online Webshop 4.9.2.0 Code Injection

============================================================================================================================================= | Title : Gambio Online Webshop 4.9.2.0 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.246 views

Acronis Cyber Infrastructure 5.0.1-61 Cross Site Request Forgery

============================================================================================================================================= | Title : Acronis Cyber Infrastructure 5.0.1-61 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.253 views

Vehicle Service Management System 1.0 Code Injection

============================================================================================================================================= | Title : Vehicle Service Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.265 views

Computer Laboratory Management System 2024 1.0 Cross Site Scripting

Titles: LMS2024-1.0 XSS-Reflected Information Disclosure Author: nu11secur1ty Date: 00/04/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlgooglevignette Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.257 views

Vehicle Service Management System 1.0 WYSIWYG Code Injection

============================================================================================================================================= | Title : Vehicle Service Management System 1.0 WYSIWYG code injection vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.224 views

ABB Cylon Aspect 3.07.02 Authenticated File Disclosure

ABB Cylon Aspect 3.07.02 downloadDb.php Authenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.252 views

Transport Management System 1.0 Code Injection

============================================================================================================================================= | Title : Transport Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.334 views

MD-Pro 1.0.76 Shell Upload / SQL Injection

Exploit Title: MD-Pro 1.0.76. SQL injection + shell upload Google Dork: intext: Powered by MD-Pro Date: 2024-08-30 Exploit Author: Emiliano Febbi Vendor Homepage: https://www.opensourcecms.com/wp-content/uploads/MDPro-website-description.png Software Link: https://www.opensourcecms.com/mdpro/...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.338 views

ManageEngine ADManager 7183 Password Hash Disclosure

============================================================================================================================================= | Title : ManageEngine ADManager 7183 Password Hash Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/04 12:0 a.m.264 views

Transport Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Transport Management System 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.392 views

WordPress Hash Form 1.1.0 Code Injection

============================================================================================================================================= | Title : WordPress Hash Form 1.1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.416 views

Acronis Cyber Infrastructure Default Password Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'Acronis Cyber Infrastructure default password remote code execution', 'Description' = %q Acronis Cyber Infrastructure ACI is an ...

9.8CVSS7.1AI score0.53255EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.703 views

Vehicle Service Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Vehicle Service Management System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.267 views

Online Eyewear Shop 1.0 Insecure Settings

============================================================================================================================================= | Title : Online Eyewear Shop v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.298 views

dizqueTV 1.5.3 Remote Code Execution

Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.229 views

AVideo 12.4 Code Injection

============================================================================================================================================= | Title : AVideo 12.4 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.236 views

Transport Management System 1.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Transport Management System 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.320 views

WordPress Bricks Builder Theme 1.9.6 Code Injection

============================================================================================================================================= | Title : WordPress Bricks Builder Theme 1.9.6 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.208 views

reNgine 2.2.0 Command Injection

Exploit Title: reNgine 2.2.0 - Command Injection Authenticated Date: 2024-09-29 Exploit Author: Caner Tercan Vendor Homepage: https://rengine.wiki/ Software Link: https://github.com/yogeshojha/rengine Version: v2.2.0 Tested on: macOS POC : 1. Login the Rengine Platform 2. Click the Scan Engine 3...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.355 views

ViciDial 2.0.5 Cross Site Request Forgery

============================================================================================================================================= | Title : ViciDial Call Center - astguiclient - thirtieth public release 2.0.5 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.298 views

openSIS 9.1 SQL Injection

Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.381 views

WordPress GiveWP Donation Fundraising Platform 3.14.1 Code Injection

============================================================================================================================================= | Title : WordPress GiveWP Donation Fundraising Platform 3.14.1 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/03 12:0 a.m.282 views

Printing Business Records Management System 1.0 Insecure Settings

============================================================================================================================================= | Title : Printing Business Records Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.259 views

SeedDMS 6.0.28 Cross Site Scripting

CVE-ID:CVE-2024-46409 --------------------------------------------------------------------- Suggested descriptionA stored cross-site scripting XSS vulnerability in SeedDMS v6.0.28 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter in...

7.4AI score0.00308EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.210 views

Teacher Subject Allocation Management System 1.0 Insecure Settings

==================================================================================================================================== | Title : Teacher Subject Allocation Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.219 views

Event Management System 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Event Management System v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.243 views

Online Eyewear Shop 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Online Eyewear Shop v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.274 views

Microsoft Office NTLMv2 Disclosure

Exploit Title: Microsoft Office NTLMv2 Disclosure Vulnerability Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...

9.1CVSS7.2AI score0.19534EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.288 views

Printing Business Records Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Printing Business Records Management System v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.228 views

Supply Chain Management 1.0 Backup Disclosure

============================================================================================================================================= | Title : Supply Chain Management v1.0 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.249 views

Student Attendance Management System 1.0 Insecure Settings

============================================================================================================================================= | Title : Student Attendance Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.227 views

Tourism Management System 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Tourism Management System 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.244 views

Task Management System 1.0 Code Injection

============================================================================================================================================= | Title : Task Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/02 12:0 a.m.239 views

TitanNit Web Control 2.01 / Atemio 7600 Code Injection

============================================================================================================================================= | Title : TitanNit Web Control 2.01 / Atemio 7600 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/01 12:0 a.m.244 views

Online Tourism Management System 1.0 Insecure Settings

======================================================================================================================================================== | Title : online tourism management system 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/01 12:0 a.m.229 views

Student Study Center Management System 1.0 Insecure Settings

==================================================================================================================================== | Title : Student Study Center Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/01 12:0 a.m.344 views

Simple Music Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Total number of security vulnerabilities50738