exploit the possibilities
Showing 1 - 25 of 48,004 RSS Feed

Exploit Files

SAP Netweaver JAVA 7.50 Missing Authorization
Posted Jun 15, 2021
Authored by Ignacio D. Favro | Site onapsis.com

A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged actions. SAP Netweaver JAVA versions 7.10 through 7.50 are affected.

tags | exploit, java, tcp
advisories | CVE-2020-26829
MD5 | 97b11d237ebc411e047673bc4c3aa91e
Client Management System 1.1 SQL Injection
Posted Jun 15, 2021
Authored by BHAVESH KAUL

Client Management System version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b2a0f5124d38d078542b920ab171f2b8
Client Management System 1.1 Cross Site Scripting
Posted Jun 15, 2021
Authored by BHAVESH KAUL

Client Management System version 1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2f83c7f0a1aba3af2fad9aae911255b4
IPFire 2.25 Remote Code Execution
Posted Jun 15, 2021
Authored by Grant Willcox, Mucahit Saratar | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as the root user.

tags | exploit, web, arbitrary, cgi, root
advisories | CVE-2021-33393
MD5 | 69d36ee1b60ffec6d31a6ebc94e2dc1e
HashiCorp Nomad Remote Command Execution
Posted Jun 15, 2021
Authored by Wyatt Dahlenburg | Site metasploit.com

This Metasploit module lets you create a batch job on HashiCorp's Nomad service to spawn a shell. The default option is to use the raw_exec driver, which runs with high privileges. Development servers and clients explicitly enabling the raw_exec plugin can spawn these type of jobs. Regular exec jobs can be created in a similar fashion at a lower privilege level.

tags | exploit, shell
MD5 | 43fcfd455dd3900ac07eb5c17b346b5d
Brother BRPrint Auditor 3.0.7 Unquoted Service Path
Posted Jun 15, 2021
Authored by Brian Rodriguez

Brother BRPrint Auditor version 3.0.7 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 14d6f4a4a0b0fae5b688eb9d70b453fa
XML External Entity Via MP3 File Upload On WordPress
Posted Jun 15, 2021
Authored by Vallari Sharma, Archie Midha

This document illustrates proof of concept exploitation of a vulnerability in WordPress versions 5.6.0 through 5.7.0 that gives a user the ability to upload files on a server and exploit an XML parsing issue in the Media Library using an MP3 file upload that leads to an XXE attack.

tags | exploit, proof of concept, file upload
advisories | CVE-2021-29447
MD5 | f480e11bbb87f0689d864f58c065154d
Polkit 0.105-26 0.117-2 Privilege Escalation
Posted Jun 15, 2021
Authored by J Smith

Polkit version Polkit 0.105-26 0.117-2 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2021-3560
MD5 | 85254ee18358ee1627ca678b9e9519b3
Online Library Management System 2.0 Cross Site Request Forgery
Posted Jun 15, 2021
Authored by Mohit Dabas

Online Library Management System version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | adc60506bac13f286946361e3c61231f
Brother BRAgent 1.38 Unquoted Service Path
Posted Jun 15, 2021
Authored by Brian Rodriguez

Brother BRAgent version 1.38 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | cc2d59d3bdb8a32bfc24becb43d76cc9
Sami HTTP Server 2.0 Denial Of Service
Posted Jun 15, 2021
Authored by Fernando Mengali

Sami HTTP server version 2.0 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
MD5 | e4f77f7a968cac9e6f41e703a5a09a17
SAP Solution Manager 7.2 (ST 720) Open Redirection
Posted Jun 15, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Solution Manager version 7.2 (ST 720) suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2020-26836
MD5 | 0bceca4b1380d2874af8c29d32b034d7
SysGauge 7.9.18 Unquoted Service Path
Posted Jun 15, 2021
Authored by Brian Rodriguez

SysGauge version 7.9.18 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | a37267fedad30e9d82f8c2279b9c0985
ChromeOS arc-obb-mounter Missing Path Restriction
Posted Jun 14, 2021
Authored by Jann Horn, Google Security Research

ChromeOS suffers from a missing path restriction vulnerability in arc-obb-mounter.

tags | exploit
MD5 | d37b7a8eceb81455f4119e17205b9635
Backdoor.Win32.VB.pld Code Execution
Posted Jun 14, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.VB.pld malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | d6c2a58c6eee5e544b86731b1227125d
TextPattern CMS 4.8.7 Remote Command Execution
Posted Jun 14, 2021
Authored by Mert Das

TextPattern CMS version 4.8.7 suffers from an authenticated remote command execution vulnerability.

tags | exploit, remote
MD5 | 590f982083de80faa52ccf37dcfdbb31
Small CRM 3.0 SQL Injection
Posted Jun 14, 2021
Authored by BHAVESH KAUL

Small CRM version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | db23fe4e0c0ca0781c56faea3495fa6f
Stock Management System 1.0 SQL Injection
Posted Jun 14, 2021
Authored by Riadh Benlamine

Stock Management System version 1.0 suffers from a remote blind SQL injection vulnerability. This is a variant to the original discovery of SQL injection in this version discovered in August of 2020 by hyd3sec.

tags | exploit, remote, sql injection
MD5 | 7376bc754717fdc360514061972934e0
Backdoor.Win32.Zombam.gen Information Disclosure
Posted Jun 14, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.gen malware suffers from an information leakage vulnerability.

tags | exploit
systems | windows
MD5 | 7192d845dce49d1fd1364aa2d11772a6
GLPI 9.4.5 Remote Code Execution
Posted Jun 14, 2021
Authored by Brian Peters

GLPI version 9.4.5 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-11060
MD5 | 9b3bf8c94d2629a94ddb5f3f4698cdd0
Accela Civic Platform 21.1 Insecure Direct Object Reference
Posted Jun 14, 2021
Authored by Abdulazeez Alaseeri

Accela Civic Platform version 21.1 suffers from an insecure direct object reference vulnerability.

tags | exploit
advisories | CVE-2021-34369
MD5 | c93053ff9fc147dfc6825cf35217930e
Accela Civic Platform 21.1 Cross Site Scripting / Open Redirection
Posted Jun 14, 2021
Authored by Abdulazeez Alaseeri

Accela Civic Platform version 21.1 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-34370
MD5 | a066317a2d9548a91e801a3ee0b6503b
Backdoor.Win32.Pazus.18 Authentication Bypass / Code Execution
Posted Jun 14, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Pazus.18 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | d5fd6982baf05bc8448326adcfcd13d8
COVID-19 Testing Management System 1.0 Cross Site Scripting
Posted Jun 14, 2021
Authored by BHAVESH KAUL

COVID-19 Testing Management System version 1.0 suffers from a persistent cross site scripting vulnerability. This is a variant of the original discovery of cross site scripting in this version made by Rohit Burke in May of 2021.

tags | exploit, xss
MD5 | 4187b42d6504e72f4ca2e37f3a66ffa4
OpenEMR 5.0.1.3 Shell Upload
Posted Jun 14, 2021
Authored by Ron Jost

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2018-15139
MD5 | 7700613258c55d87cc8689ab8d49b6f7
Page 1 of 1,921
Back12345Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close