Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/08/09 12:0 a.m.280 views

E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting

============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/09 12:0 a.m.280 views

AccPack Cop 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : AccPack Cop v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/09 12:0 a.m.277 views

Farmacia Gama 1.0 File Inclusion

============================================================================================================================================= | Title : Farmacia Gama v1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.638 views

Open WebUI 0.1.105 File Upload / Path Traversal

KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal Title: Open WebUI Arbitrary File Upload + Path Traversal Advisory ID: KL-001-2024-006 Publication Date: 2024.08.D06 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt 1. Vulnerability Details Affected...

8.8CVSS7.1AI score0.01003EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.311 views

E-Commerce Site Using PHP PDO 1.0 Insecure Settings

============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.308 views

Journyx 11.5.4 Cross Site Scripting

KL-001-2024-009: Journyx Reflected Cross Site Scripting Title: Journyx Reflected Cross Site Scripting Advisory ID: KL-001-2024-009 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-009.txt 1. Vulnerability Details Affected Vendor: Journyx Affecte...

7.1AI score0.00713EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.285 views

Bhojon Restaurant Management System 2.8 Insecure Settings

==================================================================================================================================== | Title : Bhojon restaurant management system v2.8 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.581 views

Open WebUI 0.1.105 Persistent Cross Site Scripting

KL-001-2024-005: Open WebUI Stored Cross-Site Scripting Title: Open WebUI Stored Cross-Site Scripting Advisory ID: KL-001-2024-005 Publication Date: 2024.08.06 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI...

6.3CVSS7.1AI score0.0062EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.448 views

Journyx 11.5.4 XML Injection

KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection Title: Journyx Unauthenticated XML External Entities Injection Advisory ID: KL-001-2024-010 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt 1. Vulnerability Detail...

7.5CVSS7.1AI score0.32916EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.493 views

Calibre 7.15.0 Python Code Injection

class MetasploitModule 'Calibre Python Code Injection CVE-2024-6782', 'Description' = %q This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.15.0. Once enabled disabled by default, it will listen in its default configuration on all...

9.8CVSS7.1AI score0.83393EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.436 views

Windows Firewall Control 6.11.0 Unquoted Service Path

Exploit Title: Microsoft Windows Firewall Control 6.11.0 - Unquoted Service Path Date: 2024-08-06 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.340 views

Journyx 11.5.4 Authenticated Remote Code Execution

KL-001-2024-008: Journyx Authenticated Remote Code Execution Title: Journyx Authenticated Remote Code Execution Advisory ID: KL-001-2024-008 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-008.txt 1. Vulnerability Details Affected Vendor: Journ...

8.8CVSS7.1AI score0.00953EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.422 views

Employee Management System 1.0 SQL Injection

============================================================================================================================================= | Title : Employee Management System v1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.353 views

Journyx 11.5.4 Unauthenticated Password Reset Bruteforce

KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce Title: Journyx Unauthenticated Password Reset Bruteforce Advisory ID: KL-001-2024-007 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-007.txt 1. Vulnerability Details Affected...

9.8CVSS7.1AI score0.00717EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.311 views

AccPack Buzz 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : AccPack Buzz v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vend...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.270 views

AccPack Khanepani 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : AccPack Khanepani v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.326 views

Bhojan Restaurant Management System 2.8 Insecure Direct Object Reference

==================================================================================================================================== | Title : Bhojon restaurant management system v2.8 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.308 views

Covid-19 Directory On Vaccination System 1.0 Insecure Settings

==================================================================================================================================== | Title : Covid-19 Directory on Vaccination System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.290 views

AccPack Cop 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : AccPack Cop v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.272 views

E-Commerce Site Using PHP PDO 1.0 Directory Traversal

============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/07 12:0 a.m.434 views

WordPress PayPlus Payment Gateway SQL Injection

!/usr/bin/env python3.11 import requests import time def exploiturl: payload = "wc-api": "payplusgateway&statuscode=true&moreinfo=selectfromselectsleep5a" start = time.time with requests.Session as session: session.headers.update 'User-Agent': 'Mozilla/5.0 Windows NT 10.0; Win64; x64...

9.8CVSS7AI score0.04168EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.260 views

Codeprojects E-Commerce 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Codeprojects E-Commerce v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bit...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.314 views

Blog Site 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Blog Site 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.216 views

Concert Ticket Reservation System 1.0 SQL Injection

====================================================================================================================================================== | Title : Concert Ticket Reservation System v1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.271 views

eduAuthorities 1.0 SQL Injection

Titles: eduAuthorities-1.0 Multiple-SQLi Author: nu11secur1ty Date: 07/29/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/16137/online-student-management-system-php-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.240 views

Computer Laboratory Management System 1.0 Insecure Settings

============================================================================================================================================= | Title : Computer Laboratory Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.338 views

Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication

CyberDanube Security Research 20240805-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities in JetPort Series product| Korenix JetPort Series vulnerable version| 1.2 fixed version| None CVE number| CVE-2024-7395, CVE-2024-7396,...

9.3CVSS7.4AI score0.01382EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/08/06 12:0 a.m.244 views

Microweber 2.0.15 Cross Site Scripting

Exploit Title: Microweber =v2.0.15 - Reflected Cross-Site Scripting XSS Date: 16.07.2024 Exploit Author: Prerak Mittal Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/releases/tag/v2.0.15 Version: =v2.0.15 Tested on: Ubuntu 22.04 CVE : CVE-2024-401...

7.4AI score0.00852EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.303 views

Online Shopping Portal Project 2.0 SQL Injection

x========================================================================================================================================x | Title : Online Shopping Portal Project 2.0 SQL Vulnerabilities | Software : Online Shopping Portal Project | Create By :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.235 views

Best Courier Management System 1.0 SQL Injection

============================================================================================================================================= | Title : Best Courier Management System v1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.225 views

e107 2.3.3 Cross Site Scripting

============================================================================================================================================= | Title : e107 v2.3.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.200 views

Codeprojects E-Commerce 1.0 Insecure Settings

============================================================================================================================================= | Title : Codeprojects E-Commerce v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.249 views

Dolphin 7.4.2 Blind SQL Injection

Exploit Title: Blind SQL Injection - dolphinv7.4.2. Date: 8/2024 Exploit Author: Andrey Stoykov Version: 7.4.2 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2024/07/friday-fun-pentest-series-8-dolphinv742.html SQL Injection: Steps to Reproduce: 1. Navigate to "Builders" menu 2. Th...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.244 views

Appointment Scheduler 4.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Appointment Scheduler v4.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.265 views

Linux DRM drm_file_update_pid() Race Condition / Use-After-Free

Linux: DRM: refcount incremented too late in drmfileupdatepid I am sending this to security@ and to the drm-misc maintainers - based on https://drm.pages.freedesktop.org/maintainer-tools/committer-drm-misc.htmlmerge-criteria I think this falls into drm-misc's area of responsibility? === summary =...

7AI score0.00223EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.230 views

Blog Site 1.0 SQL Injection

============================================================================================================================================= | Title : Blog Site 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.215 views

Genexus Protection Server 9.7.2.10 Unquoted Service Path

Exploit Title: Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Exploit Date: 2024-07-31 Vendor : Genexus Version : Genexus Protection Server 9.7.2.10 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;;...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.284 views

Devika 1 Path Traversal

Exploit Title: Devika v1 - Path Traversal via 'snapshotpath' Parameter Google Dork: N/A Date: 2024-06-29 Exploit Author: Alperen Ergel Contact: @alpernae IG/X Vendor Homepage: https://devikaai.co/ Software Link: https://github.com/stitionai/devika Version: v1 Tested on: Windows 11 Home Edition CV...

9.1CVSS7.1AI score0.11414EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/05 12:0 a.m.293 views

Ivanti ADC 9.9 Authentication Bypass

Exploit Title: Ivanti vADC 9.9 - Authentication Bypass Date: 2024-08-03 Exploit Author: ohnoisploited Vendor Homepage: https://www.ivanti.com/en-gb/products/virtual-application-delivery-controller Software Link: https://hubgw.docker.com/r/pulsesecure/vtm Version: 9.9 Tested on: Linux Name Changes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.348 views

ReadyMade Unilevel Ecommerce MLM Blind SQL Injection / Cross Site Scripting

x========================================================================================================================================x | Title : Readymade Unilevel Ecommerce MLM Blind SQL & XSS Vulnerabilities | Software : Readymade Unilevel Ecommerce | Last Update : 15/03/24 TESTED VERSION...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.339 views

Computer Laboratory Management System 1.0 Privilege Escalation

Exploit Title: Computer Laboratory Management System v1.0 - Incorrect access control Date: 08 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Software Link:...

7.4AI score0.00599EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.461 views

Tourism Management System 2.0 Cross Site Scripting

Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Date: 13 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version:...

7.4AI score0.00508EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.311 views

Appointment Scheduler 3.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Appointment Scheduler v3.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.320 views

AccPack Cop 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : AccPack Cop v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.308 views

AccPack Buzz 1.0 SQL Injection

============================================================================================================================================= | Title : AccPack Buzz v1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.373 views

Leads Manager Tool SQL Injection / Cross Site Scripting

x========================================================================================================================================x | Title : Leads Manager Tool SQL & XSSstored Vulnerabilities | Software : Leads Manager Tool Using PHP and MySQL with Source Code | Create By :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/01 12:0 a.m.311 views

Oracle Database 12c Release 1 Unquoted Service Path

Exploit Title: Oracle Database 12c Release 1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/01 12:0 a.m.227 views

Babaji E-Commerce 1.0 Insecure Settings

============================================================================================================================================= | Title : Babaji E-Commerce v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/01 12:0 a.m.289 views

Availability Calendar 5.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Availability Calendar v5.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/01 12:0 a.m.323 views

SolarWinds Kiwi Syslog Server 9.6.7.1 Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Total number of security vulnerabilities50738