Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2023/12/20 12:0 a.m.•405 views

MajorDoMo Remote Code Execution

Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...

9.8CVSS7.2AI score0.38263EPSS
Exploits6
Packet Storm
Packet Storm
•added 2023/12/20 12:0 a.m.•429 views

TYPO3 11.5.24 Path Traversal

Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Date: Apr 9, 2023 Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows...

7.4AI score0.01161EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/12/19 12:0 a.m.•442 views

Atlassian Confluence Improper Authorization / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE CVE-2023-22518', 'Description' = %q This Improper...

10CVSS7.4AI score0.99999EPSS
Exploits14
Packet Storm
Packet Storm
•added 2023/12/15 12:0 a.m.•401 views

RTPEngine mr11.5.1.6 Denial Of Service

RTPEngine susceptible to Denial of Service via DTLS Hello packets during call initiation - Fixed versions: mr12.1.1.2, mr12.0.1.3, mr11.5.1.16, mr10.5.6.3, mr10.5.6.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2023-03-rtpengine-dtls-hello-race - Vendor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/15 12:0 a.m.•403 views

osCommerce 4.13-60075 Shell Upload

Title: osCommerce 4.13-60075 File-Upload-RCE Author: nu11secur1ty Date: 12/14/2023 Vendor: https://www.oscommerce.com/ Software: https://www.oscommerce.com/download-file Reference: https://portswigger.net/web-security/file-upload Description: The parameter "icon-pencil" in the upload-file...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/15 12:0 a.m.•987 views

PKP-WAL 3.4.0-3 Remote Code Execution

--------------------------------------------------------------------------------- PKP-WAL getDeployment; 103. 104. $context = $deployment-getContext; 105. 106. $locale = $node-getAttribute'locale'; 107. if empty$locale 108. $locale = $context-getPrimaryLocale; 109. 110. 111. $coverImagelocale = ;...

5.3CVSS7.4AI score0.00618EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/15 12:0 a.m.•544 views

Asterisk 20.1.0 Denial Of Service

Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation - Fixed versions: 18.20.1, 20.5.1, 21.0.1,18.9-cert6 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race - Vendor Security Advisory:...

7.5CVSS7.4AI score0.05338EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/13 12:0 a.m.•702 views

Atos Unify OpenScape Authentication Bypass / Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Argument injection leading to unauthenticated RCE and authentication bypass product: Atos Unify OpenScape Session Border Controller SBC Atos Unify OpenScape Branch Atos...

10CVSS7.4AI score0.01861EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/13 12:0 a.m.•398 views

One Identity Password Manager Kiosk Escape Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Kiosk Escape Privilege Escalation product: One Identity Password Manager Secure Password Extension vulnerable version: 5.13.1 fixed version: 5.13.1 CVE number:...

7.4AI score0.01013EPSS
Exploits1
Packet Storm
Packet Storm
•added 2023/12/13 12:0 a.m.•414 views

Anveo Mobile User Enumeration / Missing Certificate Validation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Missing Certificate Validation & User Enumeration product: Anveo Mobile App and Server vulnerable version: Mobile App: 10.0.0.359 / 2016-07-13; Server: 11.0.0.5 fixed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/13 12:0 a.m.•1700 views

PDF24 Creator 11.15.1 Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: PDF24 Creator geek Software GmbH vulnerable version: =11.15.1 fixed version: 11.15.2 CVE number: CVE-2023-49147...

7.4AI score0.00483EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/12 12:0 a.m.•395 views

Splunk XSLT Upload Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk Authenticated XSLT Upload RCE', 'Description' = %q This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk...

8.8CVSS7.4AI score0.89066EPSS
Exploits4
Packet Storm
Packet Storm
•added 2023/12/12 12:0 a.m.•401 views

WordPress Backup Migration 1.3.7 Remote Code Execution

Vulnerability Summary from Wordfence Intelligence Description: Backup Migration = 1.3.7 backup-backup Unauthenticated Remote Code Execution Affected Plugin: Backup Migration Plugin Slug: backup-backup Affected Versions: = 1.3.7 CVE ID:CVE-2023-6553 Pending CVSS Score: 9.8 Critical CVSS Vector:...

7.4AI score0.97846EPSS
Exploits14
Packet Storm
Packet Storm
•added 2023/12/11 12:0 a.m.•327 views

WordPress TextMe SMS 1.9.0 Cross Site Request Forgery

Exploit Title: WP Plugins TextMe SMS history.pushState'', '', '/'; document.forms0.submit; Recommendation Upgrade to version 1.9.1...

7.2AI score0.00457EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/11 12:0 a.m.•317 views

WordPress Contact Form To Any API 1.1.6 Cross Site Request Forgery

Exploit Title: WP Plugins Contact Form to Any API history.pushState'', '', '/'; document.forms0.submit; Recommendation Upgrade to version 1.1.7...

7.2AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/11 12:0 a.m.•421 views

WordPress Bravo Translate 1.2 SQL Injection

Exploit Title: WP Plugins Bravo Translate = 1.2 - SQL Injection Date: 09-12-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/bravo-translate/ Version: 1.2 Tested on: Windows, Linux CVE: CVE-2023-49161 Product Description This plugin allow you to translate your monolingual...

7.2AI score0.00605EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/08 12:0 a.m.•381 views

Kopage Website Builder 4.4.15 Shell Upload

Title: Kopage-Website-Builder-4.4.15-File-Upload-RCE Author: nu11secur1ty Date: 12/08/2023 Vendor: https://www.kopage.com/ Software: https://demo.kopage.com/index.php Reference: https://portswigger.net/web-security/file-upload,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/08 12:0 a.m.•345 views

Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTDEFENDERANTIMALWAREPOWERSHELLAPIUNINTENDEDCODEEXECUTION.txt + twitter.com/hyp3rlinx + x.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/08 12:0 a.m.•342 views

osCommerce 4 SQL Injection

Exploit Title: osCommerce 4 - SQL Injection Exploit Author: CraCkEr Date: 22/11/2023 Vendor: osCommerce ltd. Vendor Homepage: https://www.oscommerce.com/ Software Link: https://demo.oscommerce.com/ Demo Link: https://demo.oscommerce.com/b2b-supermarket/ Tested on: Windows 11 Home Impact: Database...

9.8CVSS7.4AI score0.23846EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/12/08 12:0 a.m.•879 views

ISPConfig 3.2.11 PHP Code Injection

------------------------------------------------------------------------ ISPConfig = 3.2.11 languageedit.php PHP Code Injection Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.ispconfig.org - Affected Versions: Version 3.2.11 and...

7.2CVSS7.2AI score0.13894EPSS
Exploits14
Packet Storm
Packet Storm
•added 2023/12/07 12:0 a.m.•551 views

Docker cgroups Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker cgroups Container Escape', 'Description' = %q This exploit module takes advantage of a Docker image which has either the privileged flag, ...

7.8CVSS7.4AI score0.05528EPSS
Exploits12
Packet Storm
Packet Storm
•added 2023/12/07 12:0 a.m.•388 views

ConQuest Dicom Server 1.5.0d Remote Command Execution

!/usr/bin/env python3 --------------------------------------------------------- preauth rce poc for ConQuest Dicom Server 1.5.0d --------------------------------------------------------- 04.08.2023 @ 22:07 code610 blogspot com import socket target = '192.168.56.106' rport = 5678 pkt1 =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/07 12:0 a.m.•474 views

WinterCMS 1.2.3 Cross Site Scripting

Exploit Title: Stored XSS in WinterCMS 1.2.3 Plugin Components Date: 12/7/2023 Exploit Author: tmrswrr Vendor Homepage: https://wintercms.com/ Software Link: https://github.com/wintercms/winter Version: 1.2.3 Tested on: debian 9 PoC 1. Access the WinterCMS backend at http://localhost/backend/cms...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/07 12:0 a.m.•131 views

Winter CMS 1.2.2 Server-Side Template Injection

Exploit Title: Winter CMS 1.2.2 / 1.2.3 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 / 1.2.3 Tested :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/06 12:0 a.m.•501 views

CE Phoenixcart 1.0.8.20 Shell Upload

Title: PhoenixCart-1.0.8.20-File-Upload-Bypass-override-htaccess-security-RCE Author: nu11secur1ty Date: 12/06/2023 Vendor: https://phoenixcart.org/index.php Software: https://github.com/CE-PhoenixCart/PhoenixCart/archive/master.zip Reference: https://portswigger.net/web-security/file-upload,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/06 12:0 a.m.•449 views

Winter CMS 1.2.2 Server-Side Template Injection

Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/05 12:0 a.m.•392 views

FortiWeb VM 7.4.0 build577 CLI Crash

;; ;; FortiWeb VM v7.4.0 build577 Post-auth CLI Crash ;; ;; ... ;; ;; code610 / some debug notes fyi ;; ;; 17.11.2023 @ 23:33 ;; FortiWeb diagnose debug crashlog show 2023-11-16 05:07:00 application cli 2023-11-16 05:07:00 signal Segmentation fault received 2023-11-16 05:07:00 RIP 00007fdd1febf44...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•374 views

October CMS 3.4.0 About Cross Site Scripting

OctoberCMS v3.4.0 About Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framework...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•409 views

PHPJabbers Car Rental 3.0 Missing Rate Limit

Exploit Title: PHPJabbers Car Rental v3.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11...

7.4AI score0.01051EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•277 views

PHPJabbers Appointment Scheduler 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Apointment Scheduler v3.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Windows...

7.4AI score0.01051EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•388 views

PHPJabbers Car Rental 3.0 CSV Injection

Exploit Title: PHPJabbers Car Rental v3.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11, MS Offi...

7.4AI score0.01201EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•245 views

October CMS 3.4.0 Wiki Article Cross Site Scripting

OctoberCMS v3.4.0 Wikiarticle Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•320 views

PHPJabbers Appointment Scheduler 3.0 CSV Injection

Exploit Title: PHPJabbers Appointment Scheduler v3.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Windows 10,...

7.4AI score0.01221EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•298 views

PHPJabbers Appointment Scheduler 3.0 HTML Injection

Exploit Title: PHPJabbers Appointment Scheduler v3.0 - Multiple HTML Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Window...

7.4AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•254 views

PHPJabbers Appointment Scheduler 3.0 Cross Site Scripting

Exploit Title: PHPJabbers Appointment Scheduler v3.0 - Multiple Stored XSS Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Windows 10...

7.4AI score0.00419EPSS
Exploits1
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•409 views

October CMS 3.4.0 Author Cross Site Scripting

OctoberCMS v3.4.0 Author Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framewor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•575 views

PHPJabbers Car Rental 3.0 HTML Injection

Exploit Title: PHPJabbers Car Rental v3.0 - HTML Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11, Linux...

7.4AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•467 views

PHPJabbers Shuttle Booking Software 2.0 CSV Injection

Exploit Title: PHPJabbers Shuttle Booking Software v2.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/shuttle-booking-software/ Version: v2.0 Tested on: Windows 10...

7.4AI score0.01201EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•295 views

October CMS 3.4.0 Category Cross Site Scripting

OctoberCMS v3.4.0 Category Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•561 views

ARM Mali r44p0 Use-After-Free

Arm Mali r44p0: UAF by freeing waitqueue with elements on it In Mali r44p0, it became possible to free the kbasecontext of a kbasefile while still having a file pointing to the kbasefile. This is supposed to be safe because of the kfile-fopscount and kfile-mapcount checks. However, kbasepoll will...

7.4AI score0.00334EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•412 views

PHPJabbers Car Rental 3.0 Cross Site Scripting

Exploit Title: PHPJabbers Car Rental v3.0 - Multiple Stored XSS Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11,...

7.4AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•419 views

PHPJabbers Availability Booking Calendar 5.0 Missing Rate Limiting

Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo...

7.4AI score0.01162EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•506 views

TinyDir 1.2.5 Buffer Overflow

-- HNS-2023-04 - HN Security Advisory - https://security.humanativaspa.it/ Title: Buffer overflow vulnerabilities with long path names in TinyDir Product: TinyDir Date: 2023-12-04 CVE ID: CVE-2023-49287 Severity: High - 7.7 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H Vendor URL:...

9.8CVSS7.2AI score0.01854EPSS
Exploits3
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•346 views

WordPress Phlox-Pro Theme 5.14.0 Cross Site Scripting

Exploit Title: WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS Date: 3/12/2023 Exploit Author: Haktrak Team Vendor Homepage: https://phlox.pro Software Link: https://www.phlox.pro/go/ Version: 5.14.0 Tested on: Linuxapache/wordrepss 6.3.1 Description: A Cross Site Scripti...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•476 views

BoidCMS 2.0.1 Cross Site Scripting

Exploit Title: BoidCMS v2.0.1 - Multiple Stored XSS Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://boidcms.github.io// Software Link: https://github.com/BoidCMS/BoidCMS/archive/refs/tags/v2.0.1.zip Version: v2.0.1 Tested on: Windows 10, PHP...

7.4AI score0.00464EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•387 views

PHPJabbers Time Slots Booking Calendar 4.0 Cross Site Scripting

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - Multiple Stored XSS Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on...

7.4AI score0.00465EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•520 views

PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested...

7.4AI score0.01051EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•497 views

PHPJabbers Availability Booking Calendar 5.0 HTML Injection

Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - HTML Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0...

7.4AI score0.00453EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•447 views

PHPJabbers Time Slots Booking Calendar 4.0 CSV Injection

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - CSV Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on:...

7.4AI score0.01201EPSS
Exploits2
Packet Storm
Packet Storm
•added 2023/12/04 12:0 a.m.•332 views

October CMS 3.4.0 Blog Cross Site Scripting

OctoberCMS v3.4.0 Blog Stored Cross-Site Scripting Vulnerabilities Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framewor...

7.4AI score
Exploits0
Total number of security vulnerabilities50738