exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50,722 RSS Feed

Exploit Files

SolarWinds Information Service (SWIS) Remote Command Execution
Posted Mar 28, 2023
Authored by Spencer McIntyre, Piotr B, Justin Hong, Lucas Miller | Site metasploit.com

The SolarWinds Information Service (SWIS) is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command execution as NT AUTHORITY\SYSTEM.

tags | exploit, remote, code execution
advisories | CVE-2022-38108
SHA-256 | fbc6c5c5be944eb52ce167a061f21875f137dc6101b3184bad8a0d10c9afd154
rukovoditel 3.2.1 Cross Site Scripting
Posted Mar 28, 2023
Authored by nu11secur1ty

rukovoditel version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 898fcd6c42cf09cbd7ec5b6dc7da4c9a70126592c5acdb55261bfd7df9acfbaf
iBooking 1.0.8 Remote Shell Upload
Posted Mar 28, 2023
Authored by d1z1n370, oPty

iBooking version 1.0.8 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 1d1a7039b4955d7dc4e5a704e51e320587047865279cc2297bb299611ef05245
ReQlogic 11.3 Cross Site Scripting
Posted Mar 28, 2023
Authored by Okan Kurtulus

ReQlogic version 11.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-41441
SHA-256 | 5227ba88f59a5d4cccd1b7cd664927cd29c2794c9b0bb18836fe0f6ab3662551
Optergy Proton And Enterprise BMS 2.0.3a Command Injection
Posted Mar 28, 2023
Authored by h00die-gr3y, Gjoko Krstic | Site metasploit.com

This Metasploit module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System (BMS) applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in the tools directory and gain full system access. Successful exploitation results in root command execution using sudo as user optergy.

tags | exploit, root
advisories | CVE-2019-7276
SHA-256 | 33babb5810832b13a94e71c123fd7427e2dfe9cd4f92a96b062b362c7592affd
Hashicorp Consul 1.0 Remote Command Execution
Posted Mar 28, 2023
Authored by GatoGamer1155, 0bfxgh0st

Hashicorp Consul version 1.0 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | cf1a6442030a5c5f6fd07b5a99052472a0dae35ed2b518c1ce2625d5f2fdf42b
Moodle LMS 4.0 Cross Site Scripting
Posted Mar 28, 2023
Authored by Saud Alenazi

Moodle LMS version 4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e7721c0aa0560a87ed3a181e9975e3a660308037ece1716c759931eaf08ced82
Tunnel Interface Driver Denial Of Service
Posted Mar 28, 2023
Authored by ExAllocatePool2

Tunnel Interface Driver suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | f7f2b8b68d017bf58a7d55306d242543aa84752d90337934f157a2539d4cadd4
OPSWAT Metadefender Core 4.21.1 Privilege Escalation
Posted Mar 28, 2023
Authored by Ulascan Yildirim

OPSWAT Metadefender Core version 4.21.1 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2022-32272
SHA-256 | 67ed76b4c862c969209c71ff4568ff584d8233722adbde52ad8523f8fddff6cd
Label Studio 1.5.0 Server-Side Request Forgery
Posted Mar 28, 2023
Authored by DeveloperNinja

Label Studio versions 1.5.0 and below suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2022-36551
SHA-256 | 71c7c7e58dfd4fd19b14de8fbc71ae94220ca39129c624221250b9a297da7930
X-Skipper-Proxy 0.13.237 Server-Side Request Forgery
Posted Mar 28, 2023
Authored by Milad Fadavvi, Hosein Vita

X-Skipper-Proxy version 0.13.237 suffers from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2022-38580
SHA-256 | 876aed8ac1af7db0f1e7042dc3e6263dc7ae9ca1429d89517aef860913ece9e7
Subrion CMS 4.2.1 Cross Site Scripting
Posted Mar 28, 2023
Authored by Sinem Sahin

Subrion CMS version 4.2.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2522ffebb3f430ee0af9c8551dc7b1c7ccd8d38777900a80d1fb438938e478fa
BoxBilling 4.22.1.5 Remote Code Execution
Posted Mar 28, 2023
Authored by zetc0de

BoxBilling versions 4.22.1.55 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-3552
SHA-256 | 6e59fbe468fead5a4191e76bf74361a19de1ba2b8e6b5604dcfb35095342aea9
Tapo C310 RTSP Server 1.3.0 Unauthorized Video Stream Access
Posted Mar 28, 2023
Authored by dsclee1

Tapo C310 RTSP server version 1.3.0 suffers from an unauthorized video stream access vulnerability.

tags | exploit, bypass
advisories | CVE-2022-37255
SHA-256 | 170c044bd6bcf23ff4b350fe2720d26d25aed6bdfb18705b917219f671e010bf
SugarSync 4.1.3 Unquoted Service Path
Posted Mar 28, 2023
Authored by Jorge Manuel Lozano Gomez

SugarSync version 4.1.3 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 55037f9fc378999b0dd446661454b26aeb67331ad993ac4257ddc722d63c67ad
HDD Health 4.2.0.112 Unquoted Service Path
Posted Mar 28, 2023
Authored by Jorge Manuel Lozano Gomez

HDD Health version 4.2.0.112 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 8393ec9706e83a38f5916ad915dd9562d1746a32ea7f14558160f4963089113e
WordPress Jetpack 11.4 Cross Site Scripting
Posted Mar 28, 2023
Authored by Behrouz Mansoori

WordPress Jetpack plugin version 11.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3ceaf797647de4108f92a76d5b936b7c111f3523b7c04d5ea66e199a17b6c652
Online Shopping System Advanced 1.0 XSS / SQL Injection / Code Execution
Posted Mar 28, 2023
Authored by Rafael Pedrero

Online Shopping System Advanced version 1.0 suffers from code execution, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
SHA-256 | d016e73da19bd9b2b318eea4c377983be13ee45418a1cb5e83aed5c8218cce71
SuperMailer 11.20 Buffer Overflow / Denial Of Service
Posted Mar 28, 2023
Authored by Rafael Pedrero

SuperMailer version 11.20 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | fce09fe1e664b145fb82d4610710f0b790baf06694c3c787181354d57cf07c1b
YouPHPTube 7.8 Local File Inclusion / Directory Traversal
Posted Mar 28, 2023
Authored by Rafael Pedrero

YouPHPTube versions 7.8 and below suffer from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | fb3e42eecf910a2436823c9d614a4b6500e8b3b9637e0652a2e73e9fc8287070
Beauty Salon 1.0 Remote Shell Upload
Posted Mar 28, 2023
Authored by nu11secur1ty

Beauty Salon version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 83176cdbc6fac7bfcb64ea33d5b87412f89dd2c6fd208487f141a3594ec380e1
Suprema BioStar 2 2.8.16 SQL Injection
Posted Mar 27, 2023
Authored by Yuriy Tsarenko

Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-27167
SHA-256 | d4430e30903a9db88dc6330e948ac08547e1622d7051cf8fedc3868bf8e104d1
WebTareas 2.4 SQL Injection
Posted Mar 27, 2023
Authored by Hubert Wojciechowski

WebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.

tags | exploit, remote, sql injection
SHA-256 | 227f751b494a8526993c807c6a09642bdde18c4570a2c251b1b157fa94d369f3
WebTareas 2.4 Cross Site Scripting
Posted Mar 27, 2023
Authored by Hubert Wojciechowski

WebTareas version 2.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 813491c88e8a5846d163a6f81ec121117f5e924631af78f81671e4d9e87dce95
WebTareas 2.4 Remote Shell Upload
Posted Mar 27, 2023
Authored by Hubert Wojciechowski

WebTareas version 2.4 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | eda323c318ad8fffa94b89ae2c95e9b9d5f2357f04e724bc7eabff0037f403b2
Page 1 of 2,029
Back12345Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    50 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    7 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close