Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.289 views

Pyro CMS 3.9 Server-Side Template Injection

Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Date: 03/08/2023 Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable...

7.1AI score0.4111EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.251 views

EuroTel ETL3100 Transmitter Authorization Bypass / Insecure Direct Object Reference

EuroTel ETL3100 Transmitter Authorization Bypass IDOR Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37 Microprocessor: socs0t08/socs0s08...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.229 views

PHPJabbers Vacation Rental Script 4.0 Cross Site Request Forgery

Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF Date: 05/08/2023 Exploit Author: Hasan Ali YILDIR Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/vacation-rental-script/ Version: 4.0 Tested on: Windows 10 Pro Description The attacker can send to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.637 views

Metabase Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metabase Setup Token RCE', 'Description' = %q Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even...

9.8CVSS7.1AI score0.97924EPSS
Exploits36
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.360 views

Emagic Data Center Management Suite 6.0 Remote Command Execution

Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS...

7.1AI score0.24029EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.273 views

eHato CMS 1.0 Cross Site Scripting

==================================================================================================================================== | Title : eHato CMS 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.315 views

Chevereto CMS 3.7.0 SQL Injection

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.217 views

Deprixa 3.2.5 SQL Injection

==================================================================================================================================== | Title : Deprixa 3.2.5 Authentication Bypass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/09 12:0 a.m.255 views

EuroTel ETL3100 Transmitter Default Credentials

EuroTel ETL3100 Transmitter Default Credentials Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37 Microprocessor: socs0t08/socs0s08, Mode...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.235 views

CMS BMGI International 4.0 SQL Injection

==================================================================================================================================== | Title : CMS BMGI International v 4.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.356 views

eHato CMS 1.0 Open Redirection

==================================================================================================================================== | Title : eHato CMS 1.0 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vend...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.307 views

Doubleclick Admin 1 Cross Site Request Forgery

==================================================================================================================================== | Title : Doubleclick Admin v1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.239 views

Virtues cpanelCMS 1.0 SQL Injection

==================================================================================================================================== | Title : Virtues cpanelCMS v1.0 sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.276 views

AMSS++ 6.11 SQL Injection

==================================================================================================================================== | Title : AMSS++ V 6.11 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.242 views

Videoflix CMS 1.3 Insecure Settings

==================================================================================================================================== | Title : Videoflix Cms v1.3 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.277 views

Varient News Magazine Script 2.2 Insecure Settings

====================================================================================================================================== | Title : Varient News Magazine Script V2.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.274 views

Data Driven CMS 0.4.1 Database Disclosure

==================================================================================================================================== | Title : Data Driven CMS v0.4.1 database disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.241 views

Voodoo Chat 1.3 Cross Site Scripting

==================================================================================================================================== | Title : Voodoo Chat v1.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.277 views

eneblur CMS 1.0 SQL Injection

==================================================================================================================================== | Title : eneblur CMS 1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.251 views

Video Whisper Conference 1.01 Cross Site Scripting

============================================================================ | Title : video whisper conference v1.01 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : https://www.videowhisper.com/demos/conference/ | | Dork : "Video Conference by...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.325 views

GNOME Files 43.4 Privilege Escalation

Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F, then F will be silently extracted to a subdirectory of CWD. If F is accessible by hostile local user B and B executes F, then F will be executed as from user A. ta...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/08 12:0 a.m.294 views

EMIS WEB School CMS 1 SQL Injection

==================================================================================================================================== | Title : EMIS WEB School CMS V 1 blind SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.244 views

CSC-CMS 1.0.0 SQL Injection

==================================================================================================================================== | Title : CSC-CMS v1.0.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.311 views

Database Compilation 1.2 Cross Site Scripting

==================================================================================================================================== | Title : Database compilation CMS v1.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.0.232-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.284 views

CMS BMGI International 4.0 Cross Site Scripting

==================================================================================================================================== | Title : CMS BMGI International v 4.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.256 views

Social-Commerce 3.1.6 Cross Site Scripting

Exploit Title: Social-Commerce 3.1.6 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://social-commerce.moosocial.com/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4174...

7.1AI score0.05271EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.258 views

Cvanav-DAW CMS 0.1 Cross Site Scripting

==================================================================================================================================== | Title : Cvanav-DAW CMS v0.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.453 views

Datalife Engine 10 SQL Injection

==================================================================================================================================== | Title : Datalife Engine v10 ir SQl injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.307 views

mooSocial 3.1.8 Cross Site Scripting

Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173 Greetings...

7.1AI score0.03336EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.251 views

Coupons CMS 6.00 Open Redirection

==================================================================================================================================== | Title : Coupons CMS v6.00 URL redirection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.215 views

Web Portal People CMS 2.8 Cross Site Scripting

==================================================================================================================================== | Title : Web Portal People CMS v2.8 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.228 views

CMS Genetics Centre 4.0.1 SQL Injection

==================================================================================================================================== | Title : CMS Genetics Centre v 4.0.1 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.265 views

Adlisting Classified Ads 2.14.0 Information Disclosure

Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Tested on: Windows 10...

7.1AI score0.36205EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.256 views

Conference Management Software 3.5.1 SQL Injection

==================================================================================================================================== | Title : Conference Management Software V3.5.1 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.319 views

Web Wiz Forums 12.06 Database Disclosure

==================================================================================================================================== | Title : Web Wiz Forums 12.06 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.462 views

Codoforum 5.2.1 File Upload

==================================================================================================================================== | Title : Codoforum v5.2.1 Arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/07 12:0 a.m.263 views

Cyber Infinite CMS 1.0 SQL Injection

==================================================================================================================================== | Title : Cyber Infinite cms v1.0 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.305 views

Videoplay 1.3.0 Insecure Settings

====================================================================================================================================== | Title : Videoplay V1.3.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.186 views

Webedition CMS 2.9.8.8 Cross Site Scripting

Exploit Title: Webedition CMS v2.9.8.8 - Stored XSS Application: Webedition CMS Version: v2.9.8.8 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 03.08.2023 Author: Mirabbas...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.211 views

COURIER DEPRIXA 2.5 Cross Site Request Forgery

==================================================================================================================================== | Title : COURIER DEPRIXA V2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 102.0.164-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.333 views

Citrix ADC (NetScaler) Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Forms SSO Target RCE', 'Description' = %q A vulnerability exists within Citrix ADC that allows an unauthenticated attacker t...

9.8CVSS7.1AI score0.99445EPSS
Exploits16
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.166 views

ReyeeOS 1.204.1614 Code Execution / Man-In-The-Middle

Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Date: July 31, 2023 Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.229 views

WordPress Adivaha Travel 2.3 Cross Site Scripting

Exploit Title: WordPress adivaha Travel Plugin 2.3 - Reflected XSS Exploit Author: CraCkEr Date: 29/07/2023 Vendor: adivaha - Travel Tech Company Vendor Homepage: https://www.adivaha.com/ Software Link: https://wordpress.org/plugins/adiaha-hotel/ Demo: https://www.adivaha.com/demo/adivaha-online/...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.280 views

Voodoo Chat 1.0RC1b Information Disclosure

==================================================================================================================================== | Title : Voodoo chat v1.0RC1b Config Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.163 views

WordPress EventON Calendar 4.4 Insecure Direct Object Reference

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR Date: 03.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-3219 1. Description The plugin does no...

5.3CVSS7.1AI score0.06116EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.170 views

Xlight FTP Server 3.9.3.6 Stack Buffer Overflow

Exploit Title: Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' DOS Discovered by: Yehia Elghaly Discovered Date: 2023-08-04 Vendor Homepage: https://www.xlightftpd.com/ Software Link : https://www.xlightftpd.com/download/setup.exe Tested Version: 3.9.3.6 Vulnerability Type: Buffer Overflow...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.322 views

Shelly PRO 4PM 0.11.0 Authentication Bypass

!/bin/bash Exploit Title: Shelly PRO 4PM v0.11.0 - Authentication Bypass Google Dork: NA Date: 2nd August 2023 Exploit Author: The Security Team exploitsecurity.io Exploit Blog: https://www.exploitsecurity.io/post/cve-2023-33383-authentication-bypass-via-an-out-of-bounds-read-vulnerability Vendor...

7.1AI score0.02462EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.312 views

Web Portal People CMS 2.8 Open Redirection

==================================================================================================================================== | Title : Web Portal People CMS v2.8 URL redirection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.344 views

Canon PIXMA TR4550 1.020 / 1.080 Unencrypted Secret Storage

Advisory ID: SYSS-2023-011 Product: PIXMA TR4550 Manufacturer: Canon Affected Versions: 1.020 / 1.080 also affects many other Canon inkjet printer models4 Tested Versions: 1.020 / 1.080 Vulnerability Type: Insufficient or Incomplete Data Removal within Hardware Component CWE-1301 Insufficiently...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/04 12:0 a.m.236 views

Web Wiz Forums 12.06 SQL Injection

==================================================================================================================================== | Title : Web Wiz Forums 12.06 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.0.132-bit...

7.1AI score
Exploits0
Total number of security vulnerabilities50738