Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.295 views

Petrol Pump Management Software 1.0 Shell Upload

Exploit Title: Petrol pump management software - File Upload Remote Code Execution RCE unauthenticated Google Dork: N/A Application: Petrol pump management software Date: 20.02.2024 Bugs: File Upload Remote Code Execution RCE unauthenticated Exploit Author: SoSPiro Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.261 views

Tourism Management System 2.0 Shell Upload

Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Google Dork: N/A Exploit Author: SoSPiro Date: 2024-02-18 Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.486 views

Kafka UI 0.7.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

8.8CVSS7.4AI score0.85025EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.261 views

Savsoft Quiz 6.0 Enterprise Cross Site Scripting

Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.270 views

SPA-CART CMS 1.9.0.3 Cross Site Scripting

Exploit Title: SPA-CART CMS - Stored XSS Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 CVE-ID: N/A Tested on: Kali Linux / Windows 10 Vulnerabilities Discovered Date : 2024/01/03...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.268 views

InstantCMS 2.16.1 Cross Site Scripting

Exploit Title: InstantCMS - Store XSS Application: InstantCMS Version: v2.16.1 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://instantcms.ru/ Software Link: https://instantcms.ru/get Date: 14.09.2023 Author: SoSPiro Tested on: Windows Description I noticed that you filtered the filter...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.281 views

User Registration And Login And User Management System 3.1 SQL Injection

Exploit Title: User Registration & Login and User Management System With admin panel 3.1 - SQL injection Application: User Registration & Login and User Management System Date: 17.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.267 views

WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.321 views

Microsoft Windows Defender / Detection Bypass Part 3

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART3.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.264 views

Employee Management System 1.0 SQL Injection

Exploit Title: Employee Management System - SQL Injection Google Dork: N/A Application: Employee Management System Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.300 views

Online Library Management System 3 Password Reset

Exploit Title: Online Library Management System v3 - Password Reset and Email Matching Vulnerability Date: 12.09.2023 Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-library-management-system/ Version: v3 Tested on: Windows 10 Pro 64 B...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.301 views

SureMDM On-Premise CAPTCHA Bypass / User Enumeration

Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Date: 05/12/2023 Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp...

5.3CVSS7.4AI score0.01808EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.221 views

Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/WindowsDefenderBackdoorJS.Relvelshe.ADetectionMitigationBypass.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.393 views

JFrog Artifactory SQL Injection

Exploit Title: artifactory low-privileged blind sql injection Google Dork: Date: Exploit Author: ardr Vendor Homepage:https://jfrog.com/help/r/jfrog-release-information/cve-2021-3860-artifactory-low-privileged-blind-sql-injection Software Link:...

8.8CVSS7.4AI score0.00997EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.403 views

Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERVBSCRIPTTROJANMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Vulnerability Type...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/15 12:0 a.m.346 views

Metabase 0.46.6 Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

9.8CVSS7.4AI score0.97924EPSS
Exploits36
Packet Storm
Packet Storm
added 2024/02/15 12:0 a.m.340 views

DS Wireless Communication Code Execution

Exploit Title: DS Wireless Communication Remote Code Execution Date: 11 Oct 2023 Exploit Author: MikeIsAStar Vendor Homepage: https://www.nintendo.com Version: Unknown Tested on: Wii CVE: CVE-2023-45887 """This code will inject arbitrary code into a client's game. You are fully responsible for al...

9.8CVSS7.4AI score0.01566EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/14 12:0 a.m.536 views

Statamic CMS Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Stored Cross-Site Scripting vulnerabilities product: Statamic CMS vulnerable version: =4.46.0, =3.4.17 CVE number: CVE-2024-24570 impact: high homepage:...

8.2CVSS7.4AI score0.00734EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/02/14 12:0 a.m.401 views

Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload

Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 Date: 02/2024 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com Description - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/13 12:0 a.m.366 views

XoopsCore25 2.5.11 Cross Site Scripting

Title: XoopsCore25-2.5.11-XSS-Reflected Author: nu11secur1ty Date: 02/12/2024 Vendor: https://xoops.org/ Software: https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.11 Reference: https://portswigger.net/kb/issues/00200300cross-site-scripting-reflected Description: The value of the yname...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/13 12:0 a.m.408 views

ManageEngine ADManager Plus Recovery Password Disclosure

Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...

6.5CVSS7.1AI score0.05312EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/13 12:0 a.m.386 views

Splunk 9.0.4 Information Disclosure

Exploit Title: Splunk 9.0.4 - Information Disclosure Date: 2023-09-18 Exploit Author: Parsa rezaie khiabanloo Vendor Homepage: https://www.splunk.com/ Version: 9.0.4 Tested on: Windows OS Splunk through 9.0.4 allows information disclosure by appending...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.335 views

SCHLIX 2.2.8-1 Denial Of Service

Exploit Title: SCHLIX v2.2.8-1 Regular Expression Denial of Service Date: 02/10/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://www.schlix.com Software Link: https://www.schlix.com/html/schlix-cms-downloads.html Version: v2.2.8-1 Tested on: Windows 11 + XAMPP Description SCHLIX v2.2.8-1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.375 views

WyreStorm Apollo VX20 Account Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20ACCOUNTENUMERATIONCVE-2024-25734.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability Type...

7.4AI score0.04051EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.440 views

Complaint Management System 2.0 SQL Injection

Exploit Title: Complaint-Management-System Multiple SQL Injection Vulnerabilities Date: 02/09/2-24 Exploit Author: Diyar Saadi Vendor Homepage: https://phpgurukul.com/complaint-management-sytem/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7259 Version: V 2.0 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.357 views

Windows Defender Detection Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART2.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.359 views

Enpass Desktop Application 6.9.2 HTML Injection

==================================================================== HTML Injection in Enpass Desktop Application Version 6.9.2 Product: Enpass Password Manager Version: 6.9.2 Issue date: 2024-02-11 Download: https://www.enpass.io/beta/ Discovered by Muhammad Danial...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.338 views

WyreStorm Apollo VX20 Incorrect Access Control

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLDOSCVE-2024-25736.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability...

7.4AI score0.04343EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.377 views

WyreStorm Apollo VX20 Credential Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

7.4AI score0.50622EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/12 12:0 a.m.419 views

LaborOfficeFree 19.10 MySQL Root Password Calculator

Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on...

7.4AI score0.00392EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.354 views

IBM i Access Client Solutions Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS7.4AI score0.00573EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.290 views

WordPress Augmented-Reality Remote Code Execution

Exploit Title: Wordpress Augmented-Reality - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import requests as req import json import sys import random import uuid import urllib.parse import urllib3 from...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.288 views

WordPress Seotheme Shell Upload

Exploit Title: Wordpress Seotheme - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys , requests, re from multiprocessing.dummy import Pool from colorama import Fore from colorama import init...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.297 views

Online Nurse Hiring System 1.0 SQL Injection

Exploit Title: Online Nurse Hiring System 1.0 - 'bookid' Time-Based SQL Injection Date: 03/10/2023 Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17826...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.302 views

Rail Pass Management System 1.0 SQL Injection

Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Date: 02/10/2023 Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.483 views

Zyxel zysh Format String Proof Of Concept

!/usr/bin/expect -f raptorzyshfhtagn.exp - zysh format string PoC exploit Copyright c 2022 Marco Ivaldi "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far." -- H. P. Lovecraft, The Call of Cthulhu "Multiple improper inpu...

7.8CVSS7.4AI score0.05805EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.292 views

Advanced Page Visit Counter 1.0 Cross Site Scripting

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/08 12:0 a.m.389 views

KiTTY 0.76.1.13 Command Injection

!/usr/bin/python ---------------------------------------------------------------------------------------- Exploit: KiTTY ≤ 0.76.1.13 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input CVE-2024-23749 OS: Microsoft Windows 11/10/8/7/XP Author: DEFCESCO Austin A. DeFrancesco...

7.4AI score0.04692EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.601 views

Sumatra PDF 3.5.2 DLL Hijacking

Exploit Title: Sumatra PDF 3.5.2 DLL Hijacking Date: 06.02.2024 Exploit Author: Ravishanka Silva Vendor Homepage: https://www.sumatrapdfreader.org/free-pdf-reader Software Link: https://www.sumatrapdfreader.org/download-free-pdf-viewer Version: 3.5.2 Tested on: Windows 10, Windows 11 CVE :...

7.4AI score
Exploits1
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.395 views

GYM MS 1.0 Cross Site Scripting

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.409 views

runc 1.1.11 File Descriptor Leak Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'runc docker File Descriptor Leak Privilege Escalation', 'Description' = %q All versions of runc MSFLICENSE, 'Author' = 'h00die', msf module 'Rory...

8.6CVSS7.4AI score0.18087EPSS
Exploits18
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.408 views

Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage

!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...

7.5CVSS7.4AI score0.60176EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.351 views

WordPress Simple URLs Cross Site Scripting

Exploit Title: simple urls alertorigin...

6.1CVSS7.4AI score0.01726EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.378 views

Cacti pollers.php SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti RCE via SQLi in pollers.php', 'Description' = %q This exploit module leverages a SQLi CVE-2023-49085 and a LFI CVE-2023-49084 vulnerability...

8.8CVSS7.4AI score0.84628EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.374 views

SISQUAL WFM 7.1.319.103 Host Header Injection

Exploit Title: SISQUAL WFM 7.1.319.103 Host Header Injection Discovered Date: 17/03/2023 Reported Date: 17/03/2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://www.sisqualwfm.com Version: 7.1.319.103 Tested on: SISQUAL WFM 7.1.319.103 Affected Version: sisqualWFM - 7.1.319.1...

6.1CVSS7.4AI score0.00507EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.345 views

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

6.1CVSS7.4AI score0.0213EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.369 views

MISP 2.4.171 Cross Site Scripting

Exploit Title: MISP 2.4.171 Stored XSS CVE-2023-37307 Authenticated Date: 8th October 2023 Exploit Author: Mücahit Çeri Vendor Homepage: https://www.circl.lu/ Software Link: https://github.com/MISP/MISP Version: 2.4.171 Tested on: Ubuntu 20.04 CVE : CVE-2023-37307 Exploit: Logged in as low...

5.4CVSS7.4AI score0.00502EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/02 12:0 a.m.182 views

GoAhead Web Server 2.5 HTML Injection

Exploit Title: GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities Date: 25/9/2023 Exploit Author: Syed Affan Ahmed ZEROXINN Vendor Homepage: https://www.embedthis.com/goahead/ Affected Version: 2.5 may be others. Tested On Version: 2.5 in ZTE AC3630...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/02 12:0 a.m.286 views

ComSndFTP Server 1.3.7 Beta Denial Of Service

!/usr/bin/perl ComSndFTP Server Remote Format String Denial of Service DoS use strict; use warnings; use IO::Socket; $| = 1; my $host = "192.168.172.136"; my $port = "21""; my $payload = '%s%p%x%d'; print "Connecting... "; my $sock = IO::Socket::INET-new PeerAddr = $host, PeerPort = $port, Proto ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/02 12:0 a.m.277 views

Ricoh Printer Directory / File Exposure

Exploit Title: Ricoh Printer Directory and File Exposure Date: 9/15/2023 Exploit Author: Thomas Heverin Heverin Hacker Vendor Homepage: https://www.ricoh.com/products/printers-and-copiers Software Link: https://replit.com/@HeverinHacker/Ricoh-Printer-Directory-and-File-Findermain.py Version: Rico...

7.4AI score
Exploits0
Total number of security vulnerabilities50738