Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
PacketstormRecent
RecentMost viewed

50653 matches found

Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.312 views

Forum Fire Soft Board 0.3.0 Cross Site Scripting

==================================================================================================================================== | Title : Forum Fire Soft Board v0.3.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.283 views

SugarCRM 12.2.0 Shell Upload

----------------------------------------------------------------- SugarCRM = 12.2.0 Notes Unrestricted File Upload Vulnerability ----------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and prior versions...

8.8CVSS7.1AI score0.00353EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.307 views

FAST TECH CMS 1.0 SQL Injection

==================================================================================================================================== | Title : FAST TECH CMS v1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 73.0.132-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.496 views

SugarCRM 12.2.0 Bean Manipulation

------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...

8.8CVSS7.1AI score0.00459EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.288 views

FreshRSS 1.11.1 HTML Injection

==================================================================================================================================== | Title : FreshRSS v1.11.1 Html Inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.2720 views

Geeklog 2.1.0b1 Database Disclosure

==================================================================================================================================== | Title : Geeklog v2.1.0b1 database disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.261 views

Foodiee Online Food Ordering Web Application 1.0.0 Insecure Settings

==================================================================================================================================== | Title : Foodiee - Online Food Ordering Web Application V1.0.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/23 12:0 a.m.442 views

SugarCRM 12.2.0 SQL Injection

---------------------------------------------------- SugarCRM = 12.2.0 Two SQL Injection Vulnerabilities ---------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and prior versions. Version 12.0.2 and prior versions. Versio...

8.8CVSS7.1AI score0.00292EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.307 views

TSPlus 16.0.0.0 Insecure Credential Storage

Exploit Title: TSPlus 16.0.0.0 - Remote Work Insecure Credential storage Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31069 With TSPlus Remote Work v. 16.0.0.0 you ca...

7.1AI score0.01415EPSS
Exploits3
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.281 views

FoccusWeb CMS 0.1 Cross Site Scripting

====================================================================================================================================== | Title : FoccusWeb CMS v0.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vendo...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.303 views

FOG Forum 0.8 Cross Site Scripting

==================================================================================================================================== | Title : FOG Forum v0.8 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.335 views

OVOO Movie Portal CMS 3.3.3 SQL Injection

Exploit Title: OVOO Movie Portal CMS v3.3.3 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/ovoomovie-video-streaming-cms-with-unlimited-tvseries/20180569 Tested on: Kali Linux & MacOS CVE: N/A Request POST /filtermovies/1 HTTP/2 Host:...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.283 views

Global Multi School Management System Express 1.0 SQL Injection

Exploit Title: Global - Multi School Management System Express v1.0- SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/global-multi-school-management-system-express/21975378 Tested on: Kali Linux & MacOS CVE: N/A Request POST /report/balance...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.358 views

WordPress Charitable Donations Plugin And Fundraising Platform 1.7.0.12 Privilege Escalation

Description: Donation Forms by Charitable = 1.7.0.12 – Unauthenticated Privilege Escalation Affected Plugin: Charitable – Donations Plugin & Fundraising Platform for WordPress Plugin Slug: charitable Affected Versions: = 1.7.0.12 CVE ID: CVE-2023-4404 CVSS Score: 9.8 Critical CVSS...

7.1AI score0.00296EPSS
Exploits1
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.276 views

FIRESHOP Advanced CMS 2.3 Arbitrary File Upload

==================================================================================================================================== | Title : FIRESHOP Advanced CMS v2.3 unrestricted file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.241 views

FlightPath LMS 4.8.2 Insecure Direct Object Reference

==================================================================================================================================== | Title : FlightPath LMS v4.8.2 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.255 views

PHPJabbers Business Directory Script 3.2 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities Date: 09/08/2023 Exploit Author: Kerimcan Ozturk Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/business-directory-script/ Version: 3.2 Tested on: Windows 10 Pro Description...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.377 views

FastMatch Iddaa Tahmin Scripti 2.0 SQL Injection

==================================================================================================================================== | Title : FastMatch İddaa Tahmin Scripti v2.0 auth by pass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.275 views

Taskhub CRM Tool 2.8.6 SQL Injection

Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Tested on: Kali Linux & MacOS CVE: N/A Request GET /projects?filter=notstarted HTTP/1.1 Host: localhost...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.250 views

Dolibarr 17.0.1 Cross Site Scripting

Exploit Title: Dolibarr Version 17.0.1 - Stored XSS Dork: Date: 2023-08-09 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php Version: 17.0.1 REQUIRED Tested on: Windows/Linux CVE :...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.395 views

TSPlus 16.0.2.14 Insecure Permissions

Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...

7.1AI score0.02043EPSS
Exploits4
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.242 views

E-mailer Newsletter And Mailing System with Analytics + GEO location 1.16 Information Disclosure

================================================================================================================================== | Title : E-mailer Newsletter & Mailing System with Analytics + GEO location v1.16 information Disclosure vulnerability | | Author : indoushka | | Tested on : windows...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.262 views

Fluent CMS 1.0.0 SQL Injection

==================================================================================================================================== | Title : Fluent CMS V 1.0.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 77.0.132-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.328 views

FleetCart Laravel Ecommerce System 1.1.2 Insecure Settings

==================================================================================================================================== | Title : FleetCart - Laravel Ecommerce System v1.1.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.300 views

Inosoft VisiWin 7 2022-2.1 Insecure Permissions / Privilege Escalation

Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.inosoft.com/ Version: Up to 2022-2.1 Runtime RT7.3 RC3 20221209.5 Tested on: Windows CVE:...

7.1AI score0.00093EPSS
Exploits4
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.261 views

DoorGets CMS 12 Information Disclosure

==================================================================================================================================== | Title : DoorGets CMS v12 Sensitive information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.318 views

TSPlus 16.0.0.0 Insecure Permissions

Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31068 With TSPlus Remote Work v...

7.1AI score0.01869EPSS
Exploits3
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.291 views

Color Prediction Game 1.0 SQL Injection

Exploit Title: Color Prediction Game v1.0 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.codester.com/items/44411/color-prediction-game-php-script Tested on: Kali Linux & MacOS CVE: N/A Request POST /loginNow.php HTTP/1.1 Host: localhost Cookie:...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/22 12:0 a.m.272 views

FixBook Repair Shop Management Tool 2.2 Hash Disclosure

==================================================================================================================================== | Title : FixBook - Repair Shop Management Tool v2.2 Password Hash Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.258 views

Fara Melk Estate CMS 1.5.0 Information Disclosure

==================================================================================================================================== | Title : Fara Melk Estate CMS v1.5.0 unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.306 views

Credit Lite 1.5.4 SQL Injection

Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Date: 31/07/2023 Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Tested on: Windows 10 Pro Impact: Database Access...

7.1AI score0.00073EPSS
Exploits4
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.244 views

Event Locations CMS 1.0.1 Shell Upload

==================================================================================================================================== | Title : Event Locations CMS V1.0.1 - unrestricted files upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.287 views

Emaar Real Estate Agency Directory System 5.7 Shell Upload

==================================================================================================================================== | Title : Emaar – Real Estate Agency Directory System v5.7 Unrestricted File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.311 views

Evsanati Radyo 1.0 Shell Upload

==================================================================================================================================== | Title : evsanati radyo v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.382 views

Jorani Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jorani unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated Remote Code Execution in Jorani prior t...

7.1AI score0.93017EPSS
Exploits5
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.308 views

Crypto Currency Tracker (CCT) 9.5 Add Administrator

Exploit Title: Crypto Currency Tracker CCT - Admin Account Creation Unauthenticated Date: 11.08.2023 Exploit Author: 0xBr Software Link: https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 Version: =9.5 CVE: CVE-2023-37759 POST /en/user/register HTTP...

7.1AI score0.03748EPSS
Exploits4
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.243 views

Academy LMS 6.1 Cross Site Scripting / File Upload

Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 05/08/2023 Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CWE: CWE-79 -...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/21 12:0 a.m.244 views

DoorGets CMS 7.0 Information Disclosure

==================================================================================================================================== | Title : DoorGets CMS v7.0 Sensitive information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/18 12:0 a.m.402 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read

KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig Advisory ID: KL-001-2023-001 Publication Date: 2023.08.17 Publication URL:...

7.1AI score0.00055EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/08/18 12:0 a.m.398 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation

KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump Advisory ID: KL-001-2023-002 Publication Date: 2023.08.17 Publication URL:...

7.1AI score0.00051EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/08/18 12:0 a.m.435 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification

KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit Advisory ID: KL-001-2023-003 Publication Date: 2023.08.17 Publication URL:...

7.8CVSS7.1AI score0.44372EPSS
Exploits20
Packet Storm
Packet Stormadded 2023/08/17 12:0 a.m.353 views

Greenshot 1.3.274 Deserialization / Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Greenshot .NET Deserialization Fileformat Exploit', 'Description' = %q There exists a .NET deserialization vulnerability in Greenshot version...

7.8CVSS7.1AI score0.38028EPSS
Exploits7
Packet Storm
Packet Stormadded 2023/08/17 12:0 a.m.868 views

Maltrail 0.53 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Maltrail Unauthenticated Command Injection', 'Description' = %q Maltrail is a malicious traffic detection system, utilizing publicly available...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.301 views

Erim Upload 4 Database Disclosure

==================================================================================================================================== | Title : Erim Upload V4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.347 views

Event Locations CMS 1.0.1 Cross Site Scripting

==================================================================================================================================== | Title : Event Locations CMS v1.0.1 - XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.331 views

EI Tube YouTube API 3 Cross Site Scripting

==================================================================================================================================== | Title : EI Tube YouTube API V3 site builder XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.300 views

E-partenaire LMS 1.0.0 Cross Site Scripting

==================================================================================================================================== | Title : E-partenaire LMS v1.0.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vend...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.328 views

Evsanati Radyo 1.0 Insecure Settings

==================================================================================================================================== | Title : evsanati radyo v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.317 views

Education Time Indonesian School CRM 1.7 SQL Injection

==================================================================================================================================== | Title : Education Time Indonesian School CRM v 1.7 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozill...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2023/08/16 12:0 a.m.387 views

AudioCodes VoIP Phones Hardcoded Key

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-052 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...

7.1AI score0.00407EPSS
Exploits2
Total number of security vulnerabilities50653