Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.724 views

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GiveWP Unauthenticated Donation Process Exploit', 'Description' = %q The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress in...

10CVSS7.1AI score0.74283EPSS
Exploits11
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.225 views

Online Graduate Tracer System 1.0.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Online Graduate Tracer System V 1.0.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.227 views

News Portal 4.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : News Portal v4.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | | Vendo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.207 views

eClass LMS 6.2.0 Insecure Settings / Shell Upload

==================================================================================================================================== | Title : eClass LMS v6.2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.313 views

Online Bus Ticketing 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Online Bus Ticketing v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.424 views

vTiger CRM 7.4.0 Cross Site Scripting

CVE-ID:CVE-2024-44778 ------------------------------------------ Suggested description:A reflected cross-site scripting XSS vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a...

7.4AI score0.00726EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.209 views

Computer Laboratory Manager 1.0 Insecure Settings

============================================================================================================================================= | Title : LMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.219 views

Task Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Task Management System 1.0 CSRF add staff Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.656 views

pgAdmin 8.4 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Binary Path API RCE', 'Description' = %q pgAdmin MSFLICENSE, 'Author' = 'M.Selim Karahan', metasploit module 'Mustafa Mutlu', lab prep. a...

9.8CVSS7AI score0.64846EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.475 views

SPIP 4.2.5 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.5 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.291 views

Notemark 0.13.0 Cross Site Scripting

Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7.1AI score0.00777EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.252 views

File Management System 1.0 SQL Injection

============================================================================================================================================= | Title : File Management System 1.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.871 views

Gitea 1.22.0 Cross Site Scripting

Exploit Title: Stored XSS in Gitea Date: 27/08/2024 Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored...

10CVSS7AI score0.40321EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.206 views

Multi-Vendor Online Groceries Management System 1.0 Insecure Settings

============================================================================================================================================= | Title : Multi-Vendor Online Groceries Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/28 12:0 a.m.237 views

Mount Carmel School 6.4.1 Insecure Settings

============================================================================================================================================= | Title : Mount Carmel School v6.4.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/28 12:0 a.m.347 views

SPIP 4.2.2 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.2 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/28 12:0 a.m.247 views

Laundry Management System 1.0 Remote File Inclusion

============================================================================================================================================= | Title : Laundry Management System 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/28 12:0 a.m.319 views

File Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : File Management System 1.0 Arbitrary File upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/28 12:0 a.m.275 views

MSMS-PHP 1.0 Insecure Settings

============================================================================================================================================= | Title : MSMS-PHP v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.182 views

Medical Hub Directory Site 1.0 Insecure Settings

==================================================================================================================================== | Title : Medical Hub Directory Site v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.203 views

miniProxy 1.0.0 Remote File Inclusion

==================================================================================================================================== | Title : miniProxy 1.0.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | | Vendo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.177 views

Marc@TMS CMS 1.0 SQL Injection

============================================================================================================================================= | Title : Marc@TMS cms v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.178 views

Loan Management System 1.0 Remote File Inclusion

============================================================================================================================================= | Title : Loan Management System 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.181 views

Lodging Reservation Management System 1.0 Insecure Settings

============================================================================================================================================= | Title : LRMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.192 views

Medical Center Portal 1.0 SQL Injection

============================================================================================================================================= | Title : Medical Center Portal 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.183 views

Medicine Tracker System 1.0 Insecure Settings

==================================================================================================================================== | Title : Medicine Tracker System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.212 views

Login System Project 1.0 SQL Injection

============================================================================================================================================= | Title : Login System Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.208 views

Bang Resto 1.0 Information Disclosure

==================================================================================================================================== | Title : Bang Resto 1.0 HTML Form in redirect page Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bit...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.208 views

Employee Record Management System 1.0 SQL Injection

============================================================================================================================================= | Title : ERMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.248 views

Calibre Web 0.6.21 Cross Site Scripting

Exploit Title: Stored XSS in Calibre-web Date: 07/05/2024 Exploit Authors: Pentest-Tools.com Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/janeczku/calibre-web/ Version: 0.6.21 - Romesa Tested on: Linux 5.15.0-107, Python 3.10.12, lxml 4.9.4 CVE: CVE-2024-39123...

5.4CVSS7AI score0.22894EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.259 views

Helpdeskz 2.0.2 Cross Site Scripting

Exploit Title: Stored XSS Vulnerability via File Name Google Dork: N/A Date: 08 Aug 2024 Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.284 views

HughesNet HT2000W Satellite Modem Password Reset

Exploit Title: HughesNet HT2000W Satellite Modem Arcadyan httpd 1.0 - Password Reset Date: 7/16/24 Exploit Author: Simon Greenblatt Vendor: HughesNet Version: Arcadyan httpd 1.0 Tested on: Linux CVE: CVE-2021-20090 import sys import requests import re import base64 import hashlib import urllib re...

9.8CVSS7AI score0.99983EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.335 views

Simple College Website 1.0 SQL Injection / Code Execution

============================================================================================================================================= | Title : Simple College Website 1.0 WYSIWYG Settings Management Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.215 views

DETS Project 1.0 SQL Injection

============================================================================================================================================= | Title : DETS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.297 views

SPIP 4.2.11 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.11 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.212 views

School Log Management System 1.0 SQL Injection / Code Execution

============================================================================================================================================= | Title : School Log Management System 1.0 WYSIWYG Settings Management Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.397 views

Invesalius 3.1 Remote Code Execution

Exploit Title: Invesalius 3.1 - Remote Code Execution RCE Discovered By: Riccardo Degli Esposti partywave, Alessio Romano sfoffo Exploit Author: Riccardo Degli Esposti partywave, Alessio Romano sfoffo Vendor Homepage: https://invesalius.github.io/ Software Link:...

7.1AI score0.02655EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.231 views

Human Resource Management System 2024 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Human Resource Management System 2024 v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.217 views

Jobs Finder System 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Jobs Finder System v1.0 XSS injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.206 views

Loan Management System 1.0 SQL Injection

============================================================================================================================================= | Title : Loan Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/26 12:0 a.m.315 views

Aruba 501 CN12G5W0XX Remote Command Execution

Exploit Title: Remote Command Execution | Aurba 501 Date: 17-07-2024 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.216 views

Biobook Social Networking Site 1.0 SQL Injection

============================================================================================================================================= | Title : biobook Social Networking Site 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.259 views

DiCal-RED 4009 Missing Authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-035 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High Solution Status: Open...

9.8CVSS7.1AI score0.00977EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.220 views

CCMS Project 1.0 SQL Injection

============================================================================================================================================= | Title : CCMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.377 views

DiCal-RED 4009 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Risk Level: Medium Solution...

5.4CVSS7.1AI score0.00337EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.221 views

DiCal-RED 4009 Cryptography Failure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-038 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash Instead of Password for Authentication CWE-836 Risk Level: Medium Solution...

9.4CVSS7.1AI score0.0088EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.347 views

CMSsite 1.0 Shell Upload

============================================================================================================================================= | Title : CMSsite 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.229 views

Ray Agent Job Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray Agent Job RCE', 'Description' = %q RCE in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is...

9.8CVSS7AI score0.81512EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.211 views

DiCal-RED 4009 Missing Authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-036 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High Solution Status: Open...

7.6CVSS7.1AI score0.0061EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.256 views

DiCal-RED 4009 Log Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-040 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Improper Authentication CWE-287 Risk Level: High Solution Status: Open Manufacturer Notification:...

7.1AI score0.00514EPSS
Exploits1
Total number of security vulnerabilities50738