Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.1584 views

Microsoft PlayReady Complete Client Identity Compromise

Hello All, We have come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client Windows SW DRM scenario for the communication with a license server and identity purposes. More specifically, we successfully demonstrated the extraction of the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.448 views

iboss Secure Web Gateway Cross Site Scripting

Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...

6.1CVSS7.4AI score0.22002EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.444 views

Kortex 1.0 SQL Injection

Titles: KORTEX-1.0 SQLi Author: nu11secur1ty Date: 05/09/2024 Vendor: https://mayurik.com/ Software: https://www.mayurik.com/source-code/P5339/best-free-law-office-management-software Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/06 12:0 a.m.314 views

Systemd Insecure PTY Handling

Systemd Insecure PTY Handling Vulnerability =========================================== CVSSv3.BaseScore: 5.8 CVSSv3.Vector: AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N Short Description ================= Systemd-run/run0 allocates user-owned pty's and attaches the slave to high privilege programs withou...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/06 12:0 a.m.508 views

Docker Privileged Container Kernel Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Privileged Container Kernel Escape', 'Description' = %q This module performs a container escape onto the host as the daemon user. It takes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/03 12:0 a.m.306 views

SOPlanning 1.52.00 Cross Site Request Forgery

/ !-- Update the following field to change the admins password to the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/03 12:0 a.m.288 views

SOPlanning 1.52.00 Cross Site Scripting

Exploit Title: SOPlanning v1.52.00 'groupesave.php' XSS Reflected XSS Application: SOPlanning Version: 1.52.00 Date: 4/22/24 Exploit Author: Joseph McPeters Liquidsky Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/ Tested on: Linux CVE:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/03 12:0 a.m.294 views

SOPlanning 1.52.00 SQL Injection

Exploit Title: SOPlanning v1.52.00 'projets.php' SQLi Application: SOPlanning Version: 1.52.00 Date: 4/22/24 Exploit Author: Joseph McPeters Liquidsky Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/ Tested on: Linux CVE: Not yet assigned...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/02 12:0 a.m.860 views

htmlLawed 1.2.5 Remote Command Execution

!/bin/bash Exploit Title: htmlLawed -c \n" exit 1 else echo -e "\n htmlLawed ' | sed -E 's/\ \0-9+\ =\ ./\1/' echo -e "$cmdoutput\n" exit 0 fi...

9.8CVSS7AI score0.99628EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/05/01 12:0 a.m.389 views

Online Tours And Travels Management System 1.0 SQL Injection

Titles: Travel-Manager-OTMSP-1.0 Multiple SQLi Author: nu11secur1ty Date: 05/01/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Reference: https://portswigger.net/web-security/sql-injectio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/30 12:0 a.m.547 views

osCommerce 4 Cross Site Scripting

Exploit Title: osCommerce 4 - Reflected XSS Exploit Author: skalvin Date: 22/04/2024 Vendor: osCommerce ltd. Vendor Homepage: https://www.oscommerce.com/ Software Link: https://demo.oscommerce.com/ Demo Link: https://demo.oscommerce.com/furniture/ Tested on: Windows 11 Pro Impact: Manipulate the...

7.4AI score0.01828EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/04/29 12:0 a.m.355 views

Doctor Appointment Management System 1.0 Cross Site Scripting

Application Name: Doctor Appointment Management System Software Link: Download Link Vendor Homepage: Vendor Homepage BuG: XsS BUGAuthor: SoSPiro Version: 1.0 CVE: CVE-2024-4293 Vulnerable code section: - http://localhost/Doctor-Appointment-SystemPHP/dams/doctor/appointment-bwdates.php - Lines 57-...

5.4CVSS7.2AI score0.00635EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/04/29 12:0 a.m.405 views

Kemp LoadMaster Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...

10CVSS7.4AI score0.95388EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/04/29 12:0 a.m.370 views

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 17.1.11.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-04-27 Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor : https://www.eset.com Version : 17.1.11.0 Tested on OS: Microsoft Windo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/24 12:0 a.m.410 views

Apache Solr Backup/Restore API Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Solr Backup/Restore APIs RCE', 'Description' = %q Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1 is affected by an...

8.8CVSS7.4AI score0.8384EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/24 12:0 a.m.324 views

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/24 12:0 a.m.826 views

Nginx 1.25.5 Host Header Validation

Nginx = 1.25.5 $host variable validation bug Intro: In the "Host" header sent to Nginx web server you can't just insert a dot or something like that, because a filtering rules exists there. The ngxhttpvalidatehost function is responsible for filtering...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.606 views

Visual Studio Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Visual Studio vsix Extension Exec', 'Description' = %q Creates a vsix file which can be installed in Visual Studio Code as an extension. At...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.369 views

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...

10CVSS9.8AI score0.99999EPSS
Exploits43
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.377 views

Gambio Online Webshop 4.9.2.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gambio onli...

9.8CVSS9.7AI score0.47829EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.308 views

GitLens Git Local Configuration Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLens Git Local Configuration Exec', 'Description' = %q GitKraken GitLens before v.14.0.0 allows an untrusted workspace to execute git commands...

7.8CVSS7.8AI score0.01239EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.547 views

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution', 'Description' = %q This module exploits two vulnerabilities in Palo Alto Networ...

10CVSS9.8AI score0.99999EPSS
Exploits43
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.472 views

FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE', 'Description' = %q An SQLi injection vulnerability exists in FortiNet...

9.8CVSS9.9AI score0.97591EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/22 12:0 a.m.942 views

Dreamehome 2.1.5 Broken Authorization

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken authorization product: Dreamehome app vulnerable version: =2.1.5 iOS fixed version: none, see solution CVE number: - impact: medium homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/22 12:0 a.m.222 views

SofaWiki 3.9.2 Shell Upload

Exploit Title: SofaWiki 3.9.2 - Remote Command Execution RCE Authenticated Discovered by: Ahmet Ümit BAYRAM Discovered Date: 18.04.2024 Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Tested Version: v3.9.2 latest Tested on: MacOS import...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/22 12:0 a.m.336 views

Laravel Framework 11 Credential Disclosure

Exploit Title: Laravel Framework 11 - Credential Leakage Google Dork: N/A Date: 2024-04-19 Exploit Author: Huseein Amer Vendor Homepage: https://laravel.com/ Software Link: N/A Version: 8. - 11. REQUIRED Tested on: N/A CVE : CVE-2024-29291 Proof of concept: Go to any Laravel-based website and...

7.1AI score0.01341EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/04/22 12:0 a.m.212 views

LRMS PHP 1.0 SQL Injection / Shell Upload

Titles: LRMS-PHP-by-oretnom23-v1.0 hat-trick 1. Multiple-SQLi 2. File Upload 3. SQLi Bypass Authentication: Latest update from the vendor: 5 hours 32 minutes ago Author: nu11secur1ty Date: 04/17/2024 Vendor: https://github.com/oretnom23 Software:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.187 views

FlatPress 1.3 Shell Upload

Exploit Title: FlatPress v1.3 - Remote Command Execution Discovered by: Ahmet Ümit BAYRAM Discovered Date: 19.04.2024 Vendor Homepage: https://www.flatpress.org Software Link: https://github.com/flatpressblog/flatpress/archive/1.3.zip Tested Version: 1.3 latest Tested on: MacOS import requests...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.173 views

WordPress Background Image Cropper 1.2 Shell Upload

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.183 views

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIMarkup Sandbox function lead to RCE Date: 19/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.168 views

Flowise 1.6.5 Authentication Bypass

Exploit Title: Flowise 1.6.5 - Authentication Bypass Date: 17-April-2024 Exploit Author: Maerifat Majeed Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise/releases Version: 1.6.5 Tested on: mac-os CVE : CVE-2024-31621 The flowise version if...

6.8AI score0.59867EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.282 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.296 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.193 Revisi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.333 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.268 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.283 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed by a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.282 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offers a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.286 views

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.274 views

Relate Cross Site Scripting

Exploit Title: Relate Learning And Teaching system Version before 2024.1 Stored XSS Date: 18/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.289 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.302 views

Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference

Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.309 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.19...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/17 12:0 a.m.351 views

Palo Alto OS Command Injection

CVE-2024-3400 CVE-2024-3400 Palo Alto OS Command Injection send this HTTP request: http POST /ssl-vpn/hipreport.esp HTTP/1.1 Host: 127.0.0.1 Cookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/hellome1337.txt; Connection: close Content-Type: application/x-www-form-urlencod...

10CVSS7.4AI score0.99999EPSS
Exploits43
Packet Storm
Packet Storm
added 2024/04/17 12:0 a.m.710 views

pgAdmin 8.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Session Deserialization RCE', 'Description' = %q pgAdmin versions = 8.3 have a path traversal vulnerability within their session manageme...

9.9CVSS7.4AI score0.79326EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/16 12:0 a.m.245 views

Centreon 23.10-1.el8 SQL Injection

;; Postauth SQL Injection in Centreon 23.10-1.el8 ;; by code610 ;; ;; found : 05.03.2024 ;; version: centreon-vbox-vm-2310-1.el8.zip ;; details: https://code610.blogspot.com/2024/04/postauth-sqli-in-centreon-2310-1el8.html ;; ;; sqlmap request.txt POST /centreon/main.get.php?p=60201 HTTP/1.1 Host...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/16 12:0 a.m.306 views

Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow SEH Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.417 views

OpenClinic GA 5.247.01 Information Disclosure

Exploit Title: OpenClinic GA 5.247.01 - Information Disclosure Date: 2023-08-14 Exploit Author: VB Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE:...

7.4AI score0.03002EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.282 views

BMC Compuware iStrobe Web 20.13 Shell Upload

!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.371 views

Jenkins 2.441 Local File Inclusion

Exploit Title: Jenkins 2.441 - Local File Inclusion Date: 14/04/2024 Exploit Author: Matisse Beckandt Backendt Vendor Homepage: https://www.jenkins.io/ Software Link: https://github.com/jenkinsci/jenkins/archive/refs/tags/jenkins-2.441.zip Version: 2.441 Tested on: Debian 12 Bookworm CVE:...

9.8CVSS7.4AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.279 views

Kruxton 1.0 SQL Injection

Title: kruxton-1.0-Multiple-SQLi Author: nu11secur1ty Date: 04/15/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears ...

7.4AI score
Exploits0
Total number of security vulnerabilities50738