Showing 1 - 25 of 234

Files

Packet Storm New Exploits For March, 2021: Posted Apr 1, 2021; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 233 exploits added to Packet Storm in March, 2021.; tags | exploit; SHA-256 | 422b36d3f353e5d326732b3a5dadabe3b17d488389620879030568181638bfdb; Download | Favorite | View

Backdoor.Win32.Burbul.b MVID-2021-0154 Authentication Bypass / Man-In-The-Middle: Posted Mar 31, 2021; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Burbul.b malware suffers from bypass and man-in-the-middle vulnerabilities.; tags | exploit, vulnerability; systems | windows; SHA-256 | ad0e9ad069b7a492e94bc717fcb4d4cb336ceb2993d94d7301f2e8e08d2538e4; Download | Favorite | View

IRC-Worm.Win32.Silentium.a MVID-2021-0153 Insecure Permissions: Posted Mar 31, 2021; Authored by malvuln | Site malvuln.com; IRC-Worm.Win32.Silentium.a malware suffers from an insecure permissions vulnerability.; tags | exploit, worm; systems | windows; SHA-256 | a858aa6f954f6eb267908dd506d8e509ad0831de083ae345353bd5a536e89ff5; Download | Favorite | View

DD-WRT 45723 Buffer Overflow: Posted Mar 31, 2021; Authored by Selim Enes Karaduman; DD-WRT 45723 UPNP buffer overflow proof of concept exploit.; tags | exploit, overflow, proof of concept; SHA-256 | a012a17d9ce0e0d95f7e95db692e5e14fa8c4f7101947dc62ddf80c2c524236d; Download | Favorite | View

CourseMS 2.1 Cross Site Scripting: Posted Mar 31, 2021; Authored by cptsticky; CourseMS version 2.1 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | dbf55a8d9aec923ba1b50113fb4b0695591fcc4cfb9d14287a183c8e0842791d; Download | Favorite | View

Zabbix 3.4.7 Cross Site Scripting: Posted Mar 31, 2021; Authored by Radmil Gazizov; Zabbix version 3.4.7 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | c09e97f233a32d679c9284d9f2b902da7ba1cd81163c6a8b9a66ac3aa77e5f7a; Download | Favorite | View

Openlitespeed 1.7.9 Cross Site Scripting: Posted Mar 30, 2021; Authored by cmOs; Openlitespeed version 1.7.9 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3133e3365c00ccc6612cb63e305f868ea946b516bf1f313e30609f885d05906a; Download | Favorite | View

IRC-Worm.Win32.Jane.a MVID-2021-0152 Authentication Bypass / Man-In-The-Middle: Posted Mar 30, 2021; Authored by malvuln | Site malvuln.com; IRC-Worm.Win32.Jane.a malware suffers from bypass and man-in-the-middle vulnerabilities.; tags | exploit, worm, vulnerability; systems | windows; SHA-256 | 191ac29081f2ca8619931764c586208a2350de206e6cdbfdd1ced905a42dd25c; Download | Favorite | View

GetSimple CMS 3.3.16 Cross Site Scripting / Shell Upload: Posted Mar 30, 2021; Authored by Bobby Cooke; GetSimple CMS version 3.3.16 cross site scripting to remote shell upload exploit.; tags | exploit, remote, shell, xss; advisories | CVE-2020-23839; SHA-256 | ff447b6110d359109791159d602b028e64b080305d8c9119c22a55bb1534f865; Download | Favorite | View

IRC-Worm.Win32.Jane.a MVID-2021-0151 Authentication Bypass / Code Execution: Posted Mar 30, 2021; Authored by malvuln | Site malvuln.com; IRC-Worm.Win32.Jane.a malware suffers from bypass and code execution vulnerabilities.; tags | exploit, worm, vulnerability, code execution; systems | windows; SHA-256 | 84bdcfead9c0f21862044afa650faa1aa76ad0e117acd2120ea049e9f5326271; Download | Favorite | View

Health Center Patient Record Management System 1.0 Cross Site Scripting: Posted Mar 29, 2021; Authored by Richard Jones; Health Center Patient Record Management System version 1.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3af9900b2d7f4bdd8e06f38fa12ca466213c2f8c83b234b0bd53fb73f96ee32c; Download | Favorite | View

Health Center Patient Record Management System 1.0 SQL Injection: Posted Mar 29, 2021; Authored by Richard Jones; Health Center Patient Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 30b359ed7718814adfd99b7294bc09d230b66af0bfb6c2ecd479163ed7f99024; Download | Favorite | View

SyncBreeze 10.1.16 Buffer Overflow: Posted Mar 29, 2021; Authored by Rafael Machado, Filipe Oliveira; SyncBreeze version 10.1.16 suffers from an xml parsing stack-based buffer overflow vulnerability.; tags | exploit, overflow; advisories | CVE-2017-15950; SHA-256 | 4e4aac841e14be7d1d1bbb56ffc40470dcb45388adce30f8c3efd1aa5db9526d; Download | Favorite | View

Project Expense Monitoring System 1.0 Authentication Bypass: Posted Mar 29, 2021; Authored by Richard Jones; Project Expense Monitoring System version 1.0 suffers from an authentication bypass vulnerability that allows for administrative account creation.; tags | exploit, bypass; SHA-256 | 5e825ac5644b47c21d2660c8a1b44c8f20a7df5ae2136bc09ddaf9e9adfc51c1; Download | Favorite | View

Project Expense Monitoring System 1.0 SQL Injection: Posted Mar 29, 2021; Authored by Richard Jones; Project Expense Monitoring System version 1.0 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | 5792f063f5e0bce522ad6ead3ec7f60d3be0cf2b2815844d78353c41ec7541dd; Download | Favorite | View

Budget Management System 1.0 Cross Site Scripting: Posted Mar 29, 2021; Authored by Jitendra Kumar Tripathi; Budget Management System version 1.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 454bf7ddb20b072f4c10afd236d094755b9314285d73c80b4f6d249b8bb563cf; Download | Favorite | View

Equipment Inventory System 1.0 Cross Site Scripting: Posted Mar 29, 2021; Authored by Jitendra Kumar Tripathi; Equipment Inventory System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 3e0f078c9d219489e2d855a81a04b7614842ae43d5c0c552139b9381be4471af; Download | Favorite | View

vsftpd 3.0.3 Denial Of Service: Posted Mar 29, 2021; Authored by xynmaps; vsftpd version 3.0.3 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 71ee1380b9d63f9f1dab1c9683f8127c0251426f939688ea47b83c9268dc1dac; Download | Favorite | View

Novel Boutique House-plus 3.5.1 Arbitrary File Download: Posted Mar 29, 2021; Authored by tuyiqiang; Novel Boutique House-plus version 3.5.1 suffers from an arbitrary file download vulnerability.; tags | exploit, arbitrary, info disclosure; SHA-256 | 0ec465e44d38be2f29340b6a95314a988f35cfbdadad1553447259ab0ea0ba9b; Download | Favorite | View

Concrete5 8.5.4 Cross Site Scripting: Posted Mar 29, 2021; Authored by Quadron Research Lab; Concrete5 version 8.5.4 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to nu11secur1ty in March of 2021.; tags | exploit, xss; advisories | CVE-2021-3111; SHA-256 | 85b90184d4fc5f1bb1bad2e1800e72fd5f21249b52f09b95dfbc02fe3864fd2d; Download | Favorite | View

Backdoor.Win32.Delf.zs MVID-2021-0150 Code Execution: Posted Mar 29, 2021; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Delf.zs malware suffers from a code execution vulnerability.; tags | exploit, code execution; systems | windows; SHA-256 | 4a5d3b89e3bd8aeb3967a57fbde5fc5f72b548929392f50c8f378b8a7b2c7fb4; Download | Favorite | View

WordPress WP Super Cache 1.7.1 Remote Code Execution: Posted Mar 29, 2021; Authored by m0ze; WordPress WP Super Cache plugin versions 1.7.1 and below suffer from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 18a64716dacbf0e8c19c600cecb0946447c3ee415cd85fdf4b26eac64a846b13; Download | Favorite | View

Id Card Generator 1.0 Cross Site Scripting: Posted Mar 28, 2021; Authored by Richard Jones; Id Card Generator version 1.0 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 666e78b300e1a151c8982d3f2431665678bd06e5c082424c6516b72d0161988b; Download | Favorite | View

Moodle 3.10.3 Cross Site Scripting: Posted Mar 27, 2021; Authored by Vincent666 ibn Winnie; Moodle version 3.10.3 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 42d3462e082c64cfc36100896fbf7766b3b9ff2995b24c3ec2b1173c458f0db6; Download | Favorite | View

SAP Solution Manager 7.2 Remote Command Execution: Posted Mar 26, 2021; Authored by Dmitry Chastuhin, Pablo Artuso, Vladimir Ivanov, Yvan Genuer | Site metasploit.com; This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.; tags | exploit, java, remote, web, shell; advisories | CVE-2020-6207; SHA-256 | 0d5122d6fb0ba7f681b7229fc5c197780b51710c6395404115ad8686072b2b08; Download | Favorite | View

Page 1 of 10 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News