Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•423 views

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0...

7.4AI score0.00339EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•416 views

PHPJabbers Bus Reservation System 1.1 Cross Site Scripting

Exploit Title: PHPJabbers Bus Reservation System v1.1 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/bus-reservation-system/sectionDemo Version: v1.1 Tested o...

7.4AI score0.00322EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•345 views

PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Test...

7.4AI score0.00386EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•377 views

PHPJabbers Restaurant Booking System 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Restaurant Booking System v3.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/restaurant-booking-system/sectionDemo Version: v3.0 Tested o...

7.4AI score0.00679EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•357 views

PHPJabbers Restaurant Booking System 3.0 Cross Site Scripting / HTML Injection

Exploit Title: PHPJabbers Restaurant Booking System v3.0 - Reflected XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/restaurant-booking-system/sectionDemo Version: v3.0 Tested o...

7.4AI score0.00385EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•306 views

PHPJabbers Cleaning Business Software 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Cleaning Business Software v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0 Tested...

7.4AI score0.00425EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•321 views

PHPJabbers Night Club Booking Software 1.0 CSV Injection

Exploit Title: PHPJabbers Night Club Booking Software v1.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/night-club-booking-software/sectionDemo Version: v1.0 Test...

7.4AI score0.00477EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•289 views

PHPJabbers Car Park Booking System 3.0 Cross Site Scripting / HTML Injection

Exploit Title: PHPJabbers Car Park Booking System v3.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-park-booking/sectionDemo Version: v3.0 Tested on:...

7.4AI score0.00325EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•419 views

PHPJabbers Event Booking Calendar 4.0 Missing Rate Limiting

Exploit Title: PHPJabbers Event Booking Calendar v4.0 - No Rate Limit on Forgot Password Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Version:...

7.4AI score0.00679EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•431 views

PHPJabbers Event Booking Calendar 4.0 Cross Site Scripting / HTML Injection

Exploit Title: PHPJabbers Event Booking Calendar v4.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Version: v4.0 Tested o...

7.4AI score0.00414EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/01/11 12:0 a.m.•313 views

PHPJabbers Bus Reservation System 1.1 CSV Injection

Exploit Title: PHPJabbers Bus Reservation System v1.1 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/bus-reservation-system/sectionDemo Version: v1.1 Tested on:...

7.4AI score0.00635EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/10 12:0 a.m.•408 views

Android DeviceVersionFragment.java Privilege Escalation

!/usr/bin/env python import subprocess Connect to the device via ADB subprocess.run"adb", "devices" Check if the device is in secure USB mode device = subprocess.run"adb", "shell", "getprop", "ro.adb.secure", stdout=subprocess.PIPE if "1" in device.stdout.decode: Secure USB mode is enabled, so we...

10CVSS7.2AI score0.0022EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/01/10 12:0 a.m.•247 views

PSOProxy 0.5 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: PSOProxy 0.5 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 10 january 2024 Vendor Homepage: https://sourceforge.net/projects/psoproxy/files/psoproxy/0.5/ Download to demo:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/10 12:0 a.m.•231 views

Backdoor.Win32 Carbanak (Anunak) MVID-2024-0667 Named Pipe NULL DACL

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b8e1e5b832e5947f41fd6ae6ef6d09a1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32 Carbanak Anunak Vulnerability: Named Pipe Null DACL Family: Carbanak Type:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/09 12:0 a.m.•286 views

cpio 2.13 Privilege Escalation

cpio privilege escalation vulnerability via setuid files in cpio archive Happy New Year, let in 2024 happiness be with you! : When extracting archives cpio at least version 2.13 preserves the setuid flag, which might lead to privilege escalation. One example is r00t extracts to /tmp/ and scidiot...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/09 12:0 a.m.•304 views

Intrasrv Simple Web Server 1.0 Denial Of Service

!/usr/bin/perl use IO::Socket; Exploit Title: Intrasrv Simple Web Server 1.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 09 january 2024 Vendor Homepage: http://www.leighb.com/intrasrv.htm Download to demo: http://www.leighb.com/intrasrv.zip Download 2 to demo:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/09 12:0 a.m.•287 views

AdvantechWeb/SCADA 9.1.5U SQL Injection

;; PostAuth SQLi in AdvantechWeb/SCADA 9.1.5U ;; ;; found: 28.12.2023 ;; ;; more: ;; https://code610.blogspot.com/2024/01/postauth-sqli-in-advantechwebscada-915u.html ;; POST /waconfig/api/odbc/getSystemLog HTTP/2 Host: 192.168.56.106 Cookie: serverLanguage=en;...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/09 12:0 a.m.•283 views

liveSite 2019.1 Remote Code Execution

Exploit Title: liveSite Version : 2019.1 Remote Code Execution Date: 2024-1-9 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://livesite.com/ Version : 2019.1 Tested on: https://www.softaculous.com/apps/cms/liveSite 1 Login with admin cred Click Staff Home Edit Designer Region...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•489 views

Linux 6.4 io_uring Use-After-Free

Linux =6.4: iouring: page UAF via buffer ring mmap Since commit c56e022c0a27 "iouring: add support for user mapped provided buffer ring", landed in Linux 6.4, iouring makes it possible to allocate, mmap, and deallocate "buffer rings". A "buffer ring" can be allocated with iouringregister...,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•285 views

Femitter FTP Server 1.03 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: Femitter FTP Server 1.03 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 08 january 2024 Vendor Homepage: https://acritum.com/ Download to demo: https://drive.google.com/file/d/1GBFmc7tMavA9mMoZPYVlUVUe62dGjBhF/view?usp=sharing...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•299 views

Gom Player 2.3.92.5362 DLL Hijacking

Exploit Title: Gom Player 2.3.92.5362 - nvcuda.dll DLL Hijacking Date: 2023-01-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.mrvar0x.com/ Version: 2.3.92.5362 Tested on: Windows 7, Windows 10 A DLL hijacking vulnerability has been discovered Gom Player 2.3.92.5362. When a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•217 views

Gom Player 2.3.92.5362 Buffer Overflow

Exploit Title: Gom Player 2.3.92.5362 - Buffer Overflow PoC Discovered by: Yehia Elghaly Mrvar0x Discovered Date: 04.01.2024 Vendor Homepage: https://www.gomlab.com/en Tested Version: 2.3.92.5362 Tested on: Windows 7, Windows 10 - Open GOM Player - Click on the settings - From the menu, select...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•262 views

iGalerie 3.0.22 Cross Site Scripting

Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Date: 2024-7-1 Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•231 views

PluXml Blog 5.8.9 Remote Code Execution

Exploit Title: PluXml Blog Version : 5.8.9 - Remote Code Execution Authenticated Date: 2024-1-7 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://pluxml.org/ Version : 5.8.9 Tested on: https://www.softaculous.com/apps/cms/PluXml 1 After login Click Static pages Edit Write in...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•485 views

io_uring __io_uaddr_map() Dangerous Multi-Page Handling

iouring: iouaddrmap handles multi-page region dangerously iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. A comment in iouaddrmap explains that the imported...

5.5CVSS7.4AI score0.00282EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/01/08 12:0 a.m.•274 views

Form Tools 3.1.1 Cross Site Scripting

Exploit Title: Form Tools Version: 3.1.1 - Reflected XSS Date: 2024-6-1 Exploit Author: tmrswrr Vendor Homepage: https://formtools.org/ Version: 3.1.1 Tested on: https://www.softaculous.com/demos/FormTools 1 Write after formid your payload :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/07 12:0 a.m.•270 views

File Sharing Wizard 1.5.0 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: File Sharing Wizard 1.5.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 07 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/13fs9IHSaGQ27YIQNDyrQV20jCT7owPQ6/view?usp=sharing Notificati...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/06 12:0 a.m.•224 views

httpdx 1.5.4 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: httpdx 1.5.4 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 06 january 2024 Vendor Homepage: http://httpdx.sourceforge.net Download to demo: https://sourceforge.net/projects/httpdx/files/httpdx/httpdx%201.5.4/ Download 2 ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/05 12:0 a.m.•615 views

Themebleed Windows 11 Themes Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146', 'Description' = %q When an unpatched Windows 11 host loads a theme file...

8.8CVSS7.4AI score0.39491EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/01/05 12:0 a.m.•497 views

Easy Chat Server 3.1 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: Easy Chat Server 3.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 05 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1ZbfeaWSEKlpvCG1eUtD0vNnfkNz8PlE/view Notification vendor: No reported...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/04 12:0 a.m.•339 views

Easy File Sharing FTP Server 2.0 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: Easy File Sharing FTP Server 2.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 04 january 2024 Download to demo: https://drive.google.com/drive/folders/1XISgBk4Zql8NzkWsrzAPOUEqbjJP4hZQ?usp=sharing Notification vendor: No report...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/03 12:0 a.m.•303 views

minaliC 2.0.0 Denial Of Service

!/usr/bin/perl use Socket; Exploit Title: minaliC 2.0.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 03 january 2024 Vendor Homepage: http://minalic.sourceforge.net/ Download to demo: https://drive.google.com/file/d/1WoDbps6up2s5Xa40YXDSABRU9J17yRQd/view?usp=sharing...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/03 12:0 a.m.•513 views

CMSMS 2.2.19 Arbitrary File Upload

Title: cmsms-2.2.19 - File Upload - RCE Author: nu11secur1ty Date: 12/29/2023 Vendor: https://www.cmsmadesimple.org/ Software: https://www.cmsmadesimple.org/downloads-header/cmsms/ Reference: https://portswigger.net/web-security/file-upload,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/03 12:0 a.m.•337 views

WebCalendar 1.3.0 Cross Site Scripting

Exploit Title: WebCalendar Version: 1.3.0 - Stored XSS - Reflected XSS Date: 2024-3-1 Exploit Author: tmrswrr Vendor Homepage: http://www.k5n.us/webcalendar.php Version: 1.3.0 Tested on: https://www.softaculous.com/apps/calendars/WebCalendar Stored XSS 1 Write Events Add New Events Brief...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/02 12:0 a.m.•417 views

FTPDMIN 0.96 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: FTPDMIN 0.96 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://www.sentex.ca/mwandel/ftpdmin/ Download to demo: https://drive.google.com/file/d/1CpfvaJbJVxR3HPWvcxIVipTaTj7RAaLd/view?usp=sharing...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/02 12:0 a.m.•393 views

Ultra Mini HTTPd 1.21 Denial Of Service

Exploit Title: Ultra Mini HTTPd 1.21 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://acme.com/ Software Link: https://acme.com/ Notification vendor: Yes reported Tested Version: Ultra Mini HTTPd 1.21 Tested on: Window XP Professional -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/01/02 12:0 a.m.•9952 views

Apache 2.4.55 mod_proxy HTTP Request Smuggling

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

9.8CVSS7.4AI score0.8377EPSS
Exploits5
Packet Storm
Packet Storm
•added 2023/12/29 12:0 a.m.•472 views

Apache OFBiz 18.12.09 Remote Code Execution

From: Jacques Le Roux Date: Mon, 04 Dec 2023 21:04:50 +0000 Severity: moderate Affected versions: - Apache OFBiz before 18.12.10 Description: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are...

9.8CVSS7.2AI score0.95442EPSS
Exploits11
Packet Storm
Packet Storm
•added 2023/12/28 12:0 a.m.•316 views

Lot Reservation Management System 1.0 File Disclosure

Exploit Title: Lot Reservation Management System Unauthenticated File Disclosure Vulnerability Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.htm...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/28 12:0 a.m.•297 views

Lot Reservation Management System 1.0 Shell Upload

Exploit Title: Lot Reservation Management System Unauthenticated File Upload and Remote Code Execution Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/28 12:0 a.m.•329 views

Microsoft Windows PowerShell Code Execution / Event Log Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWSPOWERSHELLSINGLEQUOTECODEEXECEVENTLOGBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Windows PowerShell Built on the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/27 12:0 a.m.•238 views

WhatACart 2.0.7 Cross Site Scripting

Exploit Title: WhatACart Version: 2.0.7 - Reflected XSS Date: 2023-12-27 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://whatacart.com Version: 2.0.7 Tested on: https://whatacart.com/demo 1 Go to this page : https://demo.whatacart.com/ 2 Write search field this payload :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/26 12:0 a.m.•280 views

ShopSite 14.0 Cross Site Scripting

Exploit Title: ShopSite Version: 14.0 - Stored XSS Date: 2023-12-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://www.shopsite.com/ Version: 14.0 Tested on: https://www.shopsite.com/demo.html 1 Upload poc.svg file here :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/26 12:0 a.m.•775 views

FreeSWITCH 1.10.10 Denial Of Service

FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation - Fixed versions: 1.10.11 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2023-02-freeswitch-dtls-hello-race - Vendor Security Advisory:...

7.4AI score0.01485EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/12/22 12:0 a.m.•496 views

Hospital Management System 4.0 XSS / Shell Upload / SQL Injection

Description: Mutiple vulnerabilties were discovered in Hospital Management System Affected CMS: Hospital Management System Affected Version: unread query - type something in admin remark e.g test and submit Step 3. Replace the POST body to below payload and server will respond after 5 second...

7.4AI score0.01181EPSS
Exploits6
Packet Storm
Packet Storm
•added 2023/12/22 12:0 a.m.•397 views

GilaCMS 1.15.4 SQL Injection

Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...

7.4AI score0.00662EPSS
Exploits5
Packet Storm
Packet Storm
•added 2023/12/22 12:0 a.m.•629 views

Craft CMS 4.4.14 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits Remote Code Execution vulnerability CVE-2023-41892 ...

10CVSS7.4AI score0.92918EPSS
Exploits10
Packet Storm
Packet Storm
•added 2023/12/21 12:0 a.m.•800 views

Glibc Tunables Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 561, '3602eac894717d56555552c84fc6b0e4d6a4af72' = 561, 'a99db3715218b641780b04323e4ae5953d68a927' = 561, 'a8daca28288575ffc8c7641d40901b0148958fb1...

7.8CVSS7.4AI score0.81422EPSS
Exploits26
Packet Storm
Packet Storm
•added 2023/12/21 12:0 a.m.•477 views

Vinchin Backup And Recovery Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vinchin Backup and Recovery Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Vinchin Backup &...

9.8CVSS7.4AI score0.20477EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/12/20 12:0 a.m.•336 views

MOKOSmart MKGW1 Gateway Improper Session Management

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 MOKOSmart MKGW1 Gateway Improper Session Management Link: https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01MOKOSmartMKGW1GatewayImproperSessionManagement Vulnerability Overview MOKOSmart MKGW1 Gateway devices with firmwa...

7.4AI score
Exploits0
Total number of security vulnerabilities50738