exploit the possibilities
Showing 1 - 25 of 2,546 RSS Feed

Info Disclosure Files

Jupiter / JupiterX Theme Privilege Escalation / LFI / DoS / Access Control Issues
Posted May 18, 2022
Authored by Ramuel Gall | Site wordfence.com

Jupiter Theme versions 6.10.1 and below as well as JupiterX Core plugin versions 2.0.7 and below suffer from privilege escalation and post deletion vulnerabilities. JupiterX Theme versions 2.0.6 and below as well as JupiterX Core versions 2.0.6 and below suffer from plugin deactivation and setting modification flaws. JupiterX Theme versions 2.0.6 and below as well as Jupiter Theme versions 6.10.1 and below suffer from path traversal and local file inclusion vulnerabilities. Jupiter Theme versions 6.10.1 and below suffer from an arbitrary plugin deletion vulnerability. JupiterX Core plugin versions 2.0.6 and below suffer from information disclosure, modification, and denial of service vulnerabilities.

tags | advisory, denial of service, arbitrary, local, vulnerability, file inclusion, info disclosure
advisories | CVE-2022-1654, CVE-2022-1656, CVE-2022-1657, CVE-2022-1658, CVE-2022-1659
SHA-256 | 99977b76ad75b06f3f800ae91ea38ee20b0d9091a394d12146ce6e1c875bc515
PyScript 2022-05-04-Alpha Source Code Disclosure
Posted May 11, 2022
Authored by Momen Eldawakhly

PyScript version 2022-05-04-Alpha suffers from a source code disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2022-30286
SHA-256 | c8d80b5a4fbd624628b801faef45e95b5bdb7e61ed7e6956328402fa7a989edb
ManageEngine ADSelfService Plus Build 6118 NTLMv2 Hash Exposure
Posted May 11, 2022
Authored by Metin Yunus Kandemir

ManageEngine ADSelfService Plus build 6118 suffers from an NTLMv2 hash exposure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2022-29457
SHA-256 | f42a82f890c3591b725d59a439ef11e7ca7de7237e5ed593bd8a81bf354e0e19
DLINK DIR850 Insecure Direct Object Reference
Posted May 11, 2022
Authored by Ahmed Alroky

DLINK DIR850 suffers from a configuration disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-46378
SHA-256 | 5034a5f0e126b6ab60e98dea096eaebf7cc6ad8b71cab77e3def72b569c48e46
Easy!Appointments Information Disclosure
Posted Apr 12, 2022
Authored by Alexandre Zanni, Francesco Carlucci

Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2022-0482
SHA-256 | 1da2f1556f091a16878c1f5ff43c96ee13603b821be2cf36f4eddc3bdda3b756
Movie Seat Reservation System 1.0 File Disclosure / SQL Injection
Posted Apr 8, 2022
Authored by D4rkP0w4r | Site github.com

Movie Seat Reservation System version 1.0 suffers from file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
advisories | CVE-2022-28001, CVE-2022-28002
SHA-256 | b0d1811617821f2291d86478668c606d13b486a7127827aba39ddb2c34fedaaf
Reprise License Manager 14.2 Cross Site Scripting / Information Disclosure
Posted Apr 8, 2022
Authored by Giulia Melotti Garibaldi

Reprise License Manager version 14.2 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2022-28363, CVE-2022-28364, CVE-2022-28365
SHA-256 | 370fa6ba6f1124cf756ea20795a146d132468475c831aa36bf2f91715035bac6
Multi Store Inventory Management System 1.0 Information Disclosure
Posted Apr 5, 2022
Authored by Saud Alenazi

Multi Store Inventory Management System version 1.0 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 20c9b3bbd1a997e40ad6e204b1e0e0e2dbbb6f204e12272f722ff28c44c3d94f
Hades MVID-2022-0513 RAT Web Panel Information Disclosure
Posted Mar 14, 2022
Authored by malvuln | Site malvuln.com

The web panel in Hades RAT malware suffers from an information disclosure vulnerability.

tags | exploit, web, info disclosure
SHA-256 | 0ac30a3b1137aff46940eeff1a4120bc79c04c3806d7aca0f93af3605e3d2748
FLEX 1080/1085 Web 1.6.0 Information Disclosure
Posted Mar 11, 2022
Authored by Mr Empy

FLEX 1080/1085 Web version 1.6.0 suffers from an information disclosure vulnerability.

tags | exploit, web, info disclosure
SHA-256 | 28ce810269e0bf61bc80264045e9cf5c6db97242b86229546be0407a3d2ebece
Hasura GraphQL 2.2.0 Information Disclosure
Posted Mar 7, 2022
Authored by Dolev Farhi

Hasura GraphQL version 2.2.0 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | d4c6e0949dc24e69b126808b4183027a77f8f87d802e545bb38e5a82e2127d9c
Thinfinity VirtualUI 2.5.26.2 Information Disclosure
Posted Feb 21, 2022
Authored by Daniel Morales

Thinfinity VirtualUI version 2.5.26.2 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-46354
SHA-256 | 2b19df6335cfc9aa814e3c77fff5405550b9e652464edcbb2f4a2198d44c4ca2
WordPress UpdraftPlus 1.22.2 Backup Disclosure
Posted Feb 18, 2022
Authored by Marc Montpass | Site wordfence.com

WordPress UpdraftPlus versions 1.16.7 through 1.22.2 suffer from a backup disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2022-0633
SHA-256 | b497726806b3d3cd3a57bcd3b91fab0d6c64ec521a48183b3477b06789862f15
Servisnet Tessa MQTT Credential Disclosure
Posted Feb 4, 2022
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an MQTT credential disclosure vulnerability in Servisnet Tessa. The app.js is publicly available which acts as the backend of the application. By exposing a default value for the "Authorization" HTTP header, it is possible to make unauthenticated requests to some areas of the application. Even MQTT (Message Queuing Telemetry Transport) protocol connection information can be obtained with this method. A new admin user can be added to the database with this header obtained in the source code. The module tries to log in to the MQTT service with the credentials it has obtained and reflects the response it receives from the service.

tags | exploit, web, protocol, info disclosure
advisories | CVE-2022-22833
SHA-256 | a526a71a842e124933fbe29b7fe054817479987a1ba9b99072a7022c4655f1ae
Huawei DG8045 Router 1.0 Credential Disclosure
Posted Feb 2, 2022
Authored by Abdalrahman Gamal

Huawei DG8045 Router version 1.0 suffers from a credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 77520f5248897d5ea9b2a1365de9496fd926e0602ff19e03ca682ca8d9ddccc9
Vodafone H-500-s 3.5.10 WiFi Password Disclosure
Posted Jan 5, 2022
Authored by Daniel Monzon

Vodafone H-500-s version 3.5.10 suffers from a wifi password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 141bb2c0b6895ca188f6be64c7802d296621286ca56799588453acf04705218e
Oliver Library Server 5 Arbitrary File Download
Posted Dec 15, 2021
Authored by Ishaan Vij, Mandeep Singh, CTRL Group, Luke Blues

Oliver Library Server 5 versions prior to 8.00.008.053 suffer from an arbitrary file download vulnerability. Softlink Education has contacted Packet Storm and although they were unable to replicate this issue in their hosting environment, they have proactively made changes to the software to mitigate attempts for this attack.

tags | exploit, arbitrary, info disclosure
SHA-256 | 010a7aadffe845f1451dfb359525b2199ba13983bb2b53cad92938a1bf21c363
Apache Log4j2 2.14.1 Information Disclosure
Posted Dec 14, 2021
Authored by leonjza

Apache Log4j2 versions 2.14.1 and below information disclosure exploit.

tags | exploit, info disclosure
advisories | CVE-2021-44228
SHA-256 | ba9d5b07577a6679e74d2298770240a1846d62f9ccc75a77024d3f27444bc52b
MTPutty 1.0.1.21 SSH Password Disclosure
Posted Dec 9, 2021
Authored by Sedat Ozdemir

MTPutty version 1.0.1 suffers from an SSH password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1cca8979b3a05c7e1b8061034264207513e36f95b6cfa17e38cec49b96a6fb88
WordPress WP Guppy 1.1 Information Disclosure
Posted Nov 23, 2021
Authored by Keyvan Hardani

WordPress WP Guppy plugin version 1.1 suffers from a WP-JSON API sensitive information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 0c184ef5480f8c0da90f3e998eda5373612fb8589ab006d4fb7fc530d12db79f
Wipro Holmes Orchestrator 20.4.1 Report Disclosure
Posted Nov 22, 2021
Authored by Rizal Muhammed

Wipro Holmes Orchestrator version 20.4.1 allows unauthenticated re-downloading of priorly exported reports in Excel.

tags | exploit, info disclosure
advisories | CVE-2021-38147
SHA-256 | be9d06f0cfdf4b2a5e3e1048b978ac6ba226c9ce6a52b1ce78d912d5e71b418e
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2021-38374, CVE-2021-38375, CVE-2021-38376, CVE-2021-38377, CVE-2021-38378
SHA-256 | c99f2e36cd127fb981a5512d68d67833a23fbcadee9ad6f6f9c134c3632fb7ef
Ubuntu Security Notice USN-5134-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5134-1 - An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry.

tags | advisory, registry, info disclosure
systems | linux, ubuntu
advisories | CVE-2021-41092
SHA-256 | 11a8fd969279dac2404fecd3abcaa6f718532bed6e35975931b2093909c3f708
SAP Enterprise Portal Sensitive Data Disclosure
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP Enterprise Portal suffers from an sensitive information disclosure vulnerability in the com.sapportals.navigation.testComponent.NavigationRequestSniffer servlet.

tags | advisory, info disclosure
advisories | CVE-2021-33687
SHA-256 | 4a8db7aa8f258b1769fbf97ddef33a9c7b31c57775fc5b0aaae9d89f1808d5c0
Jetty 9.4.37.v20210219 Information Disclosure
Posted Oct 22, 2021
Authored by Mayank Deshmukh

Jetty version 9.4.37.v20210219 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-28164
SHA-256 | 2db5d62005c6515d8366be3e8c08c4df222e8620470f674dec2932c545737167
Page 1 of 102
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close