exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 84 RSS Feed

Files

Packet Storm New Exploits For 2022
Posted Jan 2, 2023
Authored by Todd J. | Site packetstormsecurity.com

Complete comprehensive archive of all 1,384 exploits added to Packet Storm in 2022.

tags | exploit
SHA-256 | 7069a71c7743b7760efed9863e55ff54a9c668bbf6140d6eb8bf16981206280e
Packet Storm New Exploits For December, 2022
Posted Jan 2, 2023
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 82 exploits added to Packet Storm in December, 2022.

tags | exploit
SHA-256 | 4c02657bd2bdfd6a09e83b0828804767c3a0d6e9f7adf724bc4f3e2b425611d9
SugarCRM Shell Upload
Posted Dec 31, 2022
Authored by sw33t.0day

SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 74cace1b6e9afc52d16c5afdcecc42e3abd20dc7f1ccb5629f3f64b72179e905
BDWeb-Link LMS 1.11.5 SQL Injection
Posted Dec 30, 2022
Authored by indoushka

BDWeb-Link LMS version 1.11.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e35409b94c20ac1bcd1245d4197dc3ba55e45af59eec68fb48a654bc918974f4
Hughes Satellite Router Remote File Inclusion Cross Frame Scripting
Posted Dec 29, 2022
Authored by LiquidWorm | Site zeroscience.mk

Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected system. This vulnerability may allow an unauthenticated malicious user to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application. Affected versions include HX200 8.3.1.14, HX90 6.11.0.5, HX50L 6.10.0.18, HN9460 8.2.0.48, and HN7000S 6.9.0.37.

tags | exploit, remote, file inclusion
SHA-256 | 01732a937c344613efd7c1ef744f546511c874deecd845ef0ca2d232baf0e177
ProLink PRS1841 Backdoor Account
Posted Dec 29, 2022
Authored by Lawrence Amer | Site 0xsp.com

The ProLink PRS1841 home router suffers from having a backdoor account.

tags | exploit
SHA-256 | 3b3f62ff4e1b4590c8305809b96ee38b5562205c50d53c76fe183bb2b9098cc5
Enlightenment 0.25.3 Privilege Escalation
Posted Dec 27, 2022
Authored by nu11secur1ty

Enlightenment version 0.25.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2022-37706
SHA-256 | e93489fd26e004d0d8880e5321f8ef4bf09f86a9c280083061f1af59051648cf
Courier Deprixa 2.5 Backdoor Account
Posted Dec 27, 2022
Authored by indoushka

Courier Deprixa version 2.5 has been reported as having a default backdoor account.

tags | exploit
SHA-256 | 3a121fed1fd3a0fe5e54d808739af402717fe948c5337a2d8d57899e47052bd6
Consultine Consulting Business And Finance Website CMS 1.8 Backdoor Account
Posted Dec 27, 2022
Authored by indoushka

Consultine Consulting Business and Finance Website CMS version 1.8 has been reported as having a default backdoor account.

tags | exploit
SHA-256 | b01ff83e9023892637ef4b2ca2dc55c76008f96e63ddf7c00f0eff741fd7f0d6
Car Dealer Pro 2.01 Backdoor Account
Posted Dec 27, 2022
Authored by indoushka

Car Dealer Pro version 2.01 has been reported as having a default backdoor account.

tags | exploit
SHA-256 | 45070a286856c5480a1c62319dc30408713e7974d5b858a58996f94c6ecfb61f
Botble 5.28.3 Backdoor Account
Posted Dec 27, 2022
Authored by indoushka

Botble version 5.28.3 has been reported as having a default backdoor account.

tags | exploit
SHA-256 | 9019ea1efb9719d19fc427dcd03b1617a9e0de63cac0a7371971e4c48ffb951d
Active Ecommerce CMS 6.4.0 Backdoor Account
Posted Dec 27, 2022
Authored by indoushka

Active Ecommerce CMS version 6.4.0 has been reported as having a default backdoor account.

tags | exploit
SHA-256 | ea72e7900caac2445ffc46c8240e581257d6110735dbf3603c06d5ae8f70953d
Student Attendance Management System 1.0 SQL Injection
Posted Dec 27, 2022
Authored by nu11secur1ty

Student Attendance Management System version 1.0 from Erick O. Omundi suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 62ef7d730378e8b973e75259554b08cbf8e3e7b8cc4d125c4c7eb687d7f04bef
ProLink PRS1841 PLDT Router Backdoor
Posted Dec 27, 2022
Authored by Lawrence Amer | Site 0xsp.com

The ProLink PRS1841 home router suffers from having a backdoor account.

tags | exploit
SHA-256 | 466a821fd095cb459000dd568367e6da0699862ec141e5a07fa26f40fc62dad7
OpenTSDB 2.4.0 Command Injection
Posted Dec 23, 2022
Authored by Shai rod, Erik Wynter | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 (CVE-2020-35476) in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If the version is 2.4.0 or lower, the module performs additional checks to obtain the configured metrics and aggregators. It then randomly selects one metric and one aggregator and uses those to instruct the target server to plot a graph. As part of this request, the yrange parameter is set to the payload, which will then be executed by the target if the latter is vulnerable. This module has been successfully tested against OpenTSDB version 2.3.0.

tags | exploit, remote, root, code execution
advisories | CVE-2020-35476
SHA-256 | 7183104f20371379d7bbd3538dcce42a94117e14b0bb74805ced99f7bd85603f
WordPress Yith WooCommerce Gift Cards Premium 3.19.0 Shell Upload
Posted Dec 23, 2022
Authored by Dave Jong | Site wordfence.com

WordPress Yith WooCommerce Gift Cards Premium plugin versions 3.19.0 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2022-45359
SHA-256 | dcd88dd9c8059a2065d4797ada28efaa82a7e64b25ece681f77bf1889891ddf7
Stock Management System 2022 1.0 From Erick Cesar SQL Injection
Posted Dec 23, 2022
Authored by nu11secur1ty

Stock Management System 2022 version 1.0 from Erick Cesar suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ade07070843b1cd49c2828f05194f05b9d998ceca6cfae3ab368b539941ee210
Eclipse Business Intelligence Reporting Tool 4.11.0 Remote Code Execution
Posted Dec 22, 2022
Authored by Armin Stock | Site sec-consult.com

Eclipse Business Intelligence Reporting Tool versions 4.11.0 and below suffer from a bypass vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, bypass
advisories | CVE-2021-34427
SHA-256 | c55f3454bd72ca20861da343024e58d83bdc1baa9d2abb5c622862d863e3caba
4images 1.9 Remote Command Execution
Posted Dec 22, 2022
Authored by Andrey Stoykov

4images version 1.9 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | d876d4e5b40a274d6db099e265423f9f96e10557a0bc7523e13fbd5618f59557
Senayan Library Management System 9.2.2 SQL Injection
Posted Dec 21, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f7af79d3509654f87f10d70fc14489158f0fc5d15b14e68a07b6dd84284beddc
Senayan Library Management System 9.2.2 Cross Site Scripting
Posted Dec 21, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a42daddc99b237f0c25b45125b6a24724c3ae758e992662f9b72df6367cb74ba
Senayan Library Management System 9.2.1 SQL Injection
Posted Dec 20, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b43d3ea700614ca6285fd7b06f551847d8afe67fa791d4885c4d4cf5d2c3569b
Senayan Library Management System 9.2.1 Cross Site Scripting
Posted Dec 20, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9096fc4667100a2d7dd34f901fff65d80f85d89e850661246005a61e8b88131d
Senayan Library Management System 9.2.0 SQL Injection
Posted Dec 19, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.0 suffers from a remote SQL Injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | da69dbdf49f98e004ab6d4ab943f10ed822f8397cd0adce8ec1fcabf65d49097
Senayan Library Management System 9.2.0 Cross Site Scripting
Posted Dec 19, 2022
Authored by nu11secur1ty

Senayan Library Management System version 9.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bbf79dfa3db00a917bf18658500d9b897202f962e2ffc3cfe435902cea4be74e
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close