Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.279 views

Buzzy News Viral Lists Polls And Videos 2.0 Insecure Settings

====================================================================================================================================== | Title : Buzzy - News Viral Lists Polls and Videos V 2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.284 views

CMS Contabil Bandeirantes 1.0.0 Cross Site Request Forgery

====================================================================================================================================== | Title : CMSContábil Bandeirantes V 1.0.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 61.0.1...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.289 views

RaidenFTPD 2.4.4005 Buffer Overflow

Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Date: 18/07/2023 Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.-...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.250 views

CMS Supported IRF-TH 2.0.6 Cross Site Scripting

==================================================================================================================================== | Title : CMS Supported IRF-TH v2.0.6 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.275 views

CMS Emlak Scripti 2 Cross Site Scripting

==================================================================================================================================== | Title : CMS Emlak Scripti V2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.324 views

Foody Friend 1.0 Arbitrary File Upload / Cross Site Scripting

Exploit Title: Foody Friend 1.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/foody-friend-a-saas-based-web-app-food-ordering-bot-for-telegram-and-messenger/25 Tested on:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.343 views

Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting

Exploit Title: Listplace Directory Listing Platform 3.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/listplace-a-complete-directory-listing-platform/22 Tested on: Windows 10...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.344 views

Wifi Soft Unibox Administration 3.0 / 3.1 SQL Injection

Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...

7.1AI score0.02084EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.243 views

CMS-Bank Mellat Payment Manager 1.0.0 Cross Site Scripting

==================================================================================================================================== | Title : CMS-Bank Mellat Payment Manager v1.0.0 Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.286 views

WordPress Page Builder KingComposer 2.9.5 Open Redirection

==================================================================================================================================== | Title : WordPress Page Builder KingComposer 2.9.5 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/21 12:0 a.m.260 views

CMS NEXIN 2.0 Insecure Settings

==================================================================================================================================== | Title : CMS NEXIN engine v2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.267 views

Blackcat CMS 1.4 Cross Site Scripting

Exploit Title: Blackcat Cms v1.4 - Stored XSS Application: blackcat Cms Version: v1.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.243 views

CMS Made Simple 2.2.17 Remote Code Execution

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.394 views

Hikvision Hybrid SAN Ds-a71024 SQL Injection

Exploit Title: Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution Date: 16 July 2023 Exploit Author: Thurein Soe CVE : CVE-2022-28171 Vendor Homepage: https://www.hikvision.com Software Link: N/A Refence Link: https://cve.report/CVE-2022-28171 Version: Filmora 12: Ds-a71024...

9.8CVSS7.1AI score0.49858EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.215 views

CMS D-Creations 1.0 SQL Injection

====================================================================================================================================== | Title : ِCMS D-Creations v1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.239 views

CMS porViaX 2.0 SQL Injection

==================================================================================================================================== | Title : CMS porViaX v2.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.0.132-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.227 views

CMS EngePlus 2.0.1 Cross Site Scripting

==================================================================================================================================== | Title : CMS EngePlus v2.0.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.237 views

CMS NaiveScripters 3.0.1 Cross Site Scripting

==================================================================================================================================== | Title : CMS NaiveScripters v3.0.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 62.0.3 32-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.2688 views

Pluck 4.7.18 Remote Shell Upload

Title: pluck-4.7.18 - FI + RCE. Author: nu11secur1ty Date: 07.19.2023 Vendor: https://github.com/pluck-cms/pluck/wiki Software: https://github.com/pluck-cms/pluck Reference: https://portswigger.net/daily-swig/rce Reference: https://portswigger.net/web-security/file-upload Description: The attacke...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.349 views

CMS Made Simple 2.2.17 Cross Site Scripting

Exploit Title: CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting XSS Application: CmsMadeSimple Version: v2.2.17 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author: Mirabbas...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.248 views

CMS iQ-Digital 2.0 Cross Site Scripting

==================================================================================================================================== | Title : CMS iQ-Digital v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.343 views

Backdrop CMS 1.25.1 Cross Site Scripting

Exploit Title: Backdrop Cms v1.25.1 - Stored Cross-Site Scripting XSS Application: Backdrop Cms Version: v1.25.1 Bugs: Stored Xss Technology: PHP Vendor URL: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.25.1/backdrop.zip Date of found: 12-07-202...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.263 views

statamic 4.7.0 Cross Site Scripting

Title: statamic-4.7.0-File-Inclusion-unsanitized-extension-XSS-Reflected-hijacking-Token-session Author: nu11secur1ty Date: 07.13.2023 Vendor: https://statamic.com/ Software: https://demo.statamic.com/ Reference: https://portswigger.net/web-security/file-upload Description: The statamic-4.7.0...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.260 views

ABB FlowX 4.00 Information Disclosure

Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information Date: 2023-03-31 Exploit Author: Paul Smith Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series Version: ABB Flow-X all versions before V4.00 Tested on: Kali Linux CVE:...

5.3CVSS7.1AI score0.0388EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.220 views

CMS Nexin Adminisztracios Kozpont 1.2 Insecure Settings

==================================================================================================================================== | Title : CMS Nexin Adminisztrációs Központ v1.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozill...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.286 views

Blackcat CMS 1.4 Shell Upload

Exploit Title: Blackcat Cms v1.4 - Remote Code Execution RCE Application: blackcat Cms Version: v1.4 Bugs: RCE Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Lin...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.255 views

PimpMyLog 1.7.14 Improper Access Control

Exploit Title: PimpMyLog v1.7.14 - Improper access control Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.257 views

phpFM 1.7.9 Authentication Bypass / Shell Upload

Exploit Title: phpfm v1.7.9 - Authentication type juggling Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.dulldusk.com/phpfm/ Software Link: https://github.com/dulldusk/phpfm/ Version: 1.6.1-1.7.9 Tested on: Ubuntu 22.04 CVE : N/A """ An authentication bypass exists in...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.286 views

Joomla! Booking 2.4.9 Account Enumeration

Exploit Title: Joomla! combooking component 2.4.9 - Information Leak Account enumeration Google Dork: inurl:"index.php?option=combooking" Date: 07/12/2023 Exploit Author: qw3rTyTy Vendor Homepage: http://www.artio.net/ Software Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.236 views

CCOM Events CMS 0.1.02 Arbitrary File Upload

==================================================================================================================================== | Title : CCOM Events CMS v0.1.02 upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.298 views

TP-Link TL-WR740N Directory Traversal

Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Date: 13/7/2023 Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.305 views

CMS Made Simple 2.2.17 Server-Side Template Injection

Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection SSTI Application: CmsMadeSimple Version: v2.2.17 Bugs: SSTI Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 13-07-2023...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.263 views

Online Piggery Management System 1.0 Shell Upload

!/bin/bash Exploit Title: Online Piggery Management System v1.0 - unauthenticated file upload vulnerability Date: July 12 2023 Exploit Author: 1337kid Software Link: https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html Version: 1.0 Tested on: Ubuntu CVE :...

9.8CVSS7.1AI score0.15033EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.13149 views

OpenSSH Forwarded SSH-Agent Remote Code Execution

Qualys Security Advisory CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent ======================================================================== Contents ======================================================================== Summary Background Experiments Results...

9.8CVSS7.1AI score0.76768EPSS
Exploits36
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.439 views

Microsoft Office 365 18.2305.1222.0 Remote Code Execution

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege Vulnerability + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference:...

7.8CVSS7.1AI score0.0234EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.222 views

Buzzy News Viral Lists Polls And Videos 1.4 Insecure Settings

====================================================================================================================================== | Title : Buzzy - News Viral Lists Polls and Videos V 1.4 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.223 views

Dooblou WiFi File Explorer 1.13.3 Cross Site Scripting

Document Title: =============== Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2317 Release Date: ============= 2023-07-04 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.273 views

Boom CMS 8.0.7 Cross Site Scripting

Document Title: =============== Boom CMS v8.0.7 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2274 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2274...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.315 views

Ciuis CRM 1.0.8 Add Administrator

==================================================================================================================================== | Title : Ciuis™ CRM v1.0.7 add administrator Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bi...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.251 views

PaulPrinting CMS Cross Site Scripting

Document Title: =============== PaulPrinting CMS - Search Delivery Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2286 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.259 views

Tiva Events Calender 1.4 Cross Site Scripting

Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-05 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.236 views

BookingWizz 5.5.0 SQL Injection

==================================================================================================================================== | Title : BookingWizz v5.5.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.249 views

PaulPrinting CMS Cross Site Scripting

Document Title: =============== PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-19 Vulnerability Laboratory ID VL-ID: ===================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.243 views

Chipsa CMS 1.0.2 Cross Site Scripting

==================================================================================================================================== | Title : Chipsa CMS v1.0.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.265 views

RWS WorldServer 11.7.3 Session Token Enumeration

Advisory: Session Token Enumeration in RWS WorldServer Session tokens in RWS WorldServer have a low entropy and can be enumerated, leading to unauthorised access to user sessions. Details ======= Product: WorldServer Affected Versions: 11.7.3 and earlier versions Fixed Version: 11.8.0 Vulnerabili...

7.1AI score0.03122EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.251 views

Chevereto CMS 3.7.0 HTTP Parameter Pollution

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 HPP Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.490 views

Openfire Authentication Bypass / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Openfire authentication bypass with RCE plugin', 'Description' = %q Openfire is an XMPP server licensed under the Open Source...

8.6CVSS7.1AI score0.99999EPSS
Exploits15
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.277 views

MojoBox BLE Replay Attack

Exploit Title: MojoBox v1.4 BLE replay attack Exploit Author: Matteo Mandolini Date : 15/03/2023 Vendor Homepage: https://hello.showmojo.com/mojobox/ Version: 1.4 CVE: CVE-2023-34625 BLE Replay attack ShowMojo MojoBox Digital Lockbox with firmware versione prior to 1.4 is vulnerable to...

7.1AI score0.00914EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.336 views

Webile 1.0.1 Cross Site Scripting

Document Title: =============== Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.227 views

Aures Booking And POS Terminal Local Privilege Escalation

Document Title: =============== Aures Booking & POS Terminal - Local Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2323 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Total number of security vulnerabilities50738