exploit the possibilities
Showing 1 - 25 of 46,699 RSS Feed

Exploit Files

Super Backup 2.0.5 Directory Traversal
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Super Backup version 2.0.5 for iOS suffers from a directory traversal vulnerability.

tags | exploit
systems | ios
MD5 | dcba32401441371be6040dab9d02f9ae
CCt99 Chichen Tech CMS 1.0 SQL Injection
Posted Dec 4, 2020
Authored by Mostafa Farzaneh | Site vulnerability-lab.com

CCt99 Chichen Tech CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | bc2e83cd36c6582f95d2d19d09fca06e
Perfex CRM 2.4.4 Cross Site Scripting
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Perfex CRM version 2.4.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2e24223958057e3c02abb2ba2fe607ad
VestaCP 0.9.8-26 Token Session
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A session token vulnerability has been discovered in VestaCP version 0.9.8-26. The vulnerability allows remote attackers to gain unauthenticated or unauthorized access by client-side token manipulation.

tags | exploit, remote, web, local, info disclosure
MD5 | 1ea034ed120e284dbcab37d365cf86ef
VestaCP 0.9.8-26 Session Validation
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from an insufficient session validation vulnerability.

tags | exploit
MD5 | 5693495d766edfecf79c2192197a61d7
VestaCP 0.9.8-26 Cross Site Scripting
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3fd585e7f9508922fe245be4837be740
Huawei HedEx Lite (DM) Path Traversal
Posted Dec 4, 2020
Authored by S.AbenMassaoud | Site vulnerability-lab.com

Huawei HedEx Lite (DM) suffers from a path traversal vulnerability.

tags | exploit
MD5 | beabbaef5514a214d3d59a874598a14e
MiniCMS 1.10 Cross Site Scripting
Posted Dec 4, 2020
Authored by yudp

MiniCMS version 1.10 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1f0cce18a35d8c0b4f0add9870bbddfb
Zabbix 5.0.0 Cross Site Scripting
Posted Dec 4, 2020
Authored by Shwetabh Vishnoi

Zabbix version 5.0.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ccb39e6d88f2f2332a974e9c7c310a5c
CMS Made Simple 2.2.15 Cross Site Scripting
Posted Dec 4, 2020
Authored by Eshan Singh

CMS Made Simple version 2.2.15 suffers from a persistent cross site scripting vulnerability via an authenticated SVG file upload.

tags | exploit, xss, file upload
MD5 | 23f9b1ff24fb45885fbf0f6a1744a482
Laravel Nova 3.7.0 Denial Of Service
Posted Dec 4, 2020
Authored by iqzer0

Laravel Nova version 3.7.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 4e26aa9f540347a3c4d968f913015acb
Phpscript SGH 0.1.0 SQL Injection
Posted Dec 4, 2020
Authored by KeopssGroup0day Inc

Phpscript SGH version 0.1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 43e118e3acbacc1b9eb7e46169960d14
WordPress Canto 1.3.0 Server-Side Request Forgery
Posted Dec 4, 2020
Authored by Pankaj Verma

WordPress Canto plugin version 1.3.0 suffers from an unauthenticated server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2020-28976, CVE-2020-28977, CVE-2020-28978
MD5 | 3ec7dc0e09dcc769a2b2489201c42b65
Composr CMS 10.0.34 Cross Site Scripting
Posted Dec 4, 2020
Authored by Parshwa Bhavsar

Composr CMS version 10.0.34 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1554ea400419bac7a60455ed7af756bb
Forma LMS 2.3 Cross Site Scripting
Posted Dec 4, 2020
Authored by Hemant Patidar

Forma LMS version 2.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3206309649992f7fa224bfd2e0f96d17
Savsoft Quiz 5 Cross Site Scripting
Posted Dec 4, 2020
Authored by Dhruv Patel

Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability. This finding differs from the original discovery of persistent cross site scripting in this version found originally by th3d1gger.

tags | exploit, xss
MD5 | a91a61bd00b96fa4f0b114c881a7edaf
Chromium 83 CSP Bypass
Posted Dec 4, 2020
Authored by Gal Weizman

Proof of concept code that demonstrates a full CSP bypass in Chromium 83.

tags | exploit, proof of concept, bypass
advisories | CVE-2020-6519
MD5 | 5f28bc1718fd589618d504b2b06e5d99
Testa Online Test Management System 3.4.7 SQL Injection
Posted Dec 4, 2020
Authored by Ultra Security Team

Testa Online Test Management System version 3.4.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a75fa300cae515cf17bb8cdd0609e1ab
IDT PC Audio 1.0.6499.0 Unquoted Service Path
Posted Dec 4, 2020
Authored by Diego Canada

IDT PC Audio version 1.0.6499.0 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 190adfbb4f6804a7d922c77fcd673669
Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.

tags | exploit, remote, arbitrary, javascript, xss, file inclusion
MD5 | 85b5e3c8c9cb495114ef096e2616e76a
Sony BRAVIA Digital Signage 1.7.8 Insecure Direct Object Reference
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a client-side protection bypass due to an insecure direct object reference vulnerability.

tags | exploit
MD5 | 9c3322511ba56f41f33f9e40b9574a1a
Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure
Posted Dec 3, 2020
Authored by LiquidWorm | Site zeroscience.mk

Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device.

tags | exploit, info disclosure
MD5 | d5e3f98a3416a94cb0997c3b35929711
Invision Community 4.5.4 Cross Site Scripting
Posted Dec 3, 2020
Authored by Hemant Patidar

Invision Community version 4.5.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 11486d1d36e1dad969555d94728eef17
mojoPortal Forums 2.7.0.0 Cross Site Scripting
Posted Dec 3, 2020
Authored by Sagar Banwa

mojoPortal Forums version 2.7.0.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b4133233567d04db3046cf9382482021
Online Matrimonial Project 1.0 Remote Code Execution
Posted Dec 3, 2020
Authored by Valerio Alessandroni

Online Matrimonial Project version 1.0 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | a96292b2fc8628e5695e9fde160febe4
Page 1 of 1,868
Back12345Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    22 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close