exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 31,368 RSS Feed

Remote Files

Blood Bank 1.0 SQL Injection
Posted Mar 20, 2024
Authored by Ersin Erenler

Blood Bank version 1.0 suffers from suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021.

tags | exploit, remote, sql injection
advisories | CVE-2023-46022
SHA-256 | d95668292b4799b2459459dabbaf67baf0ecfb0c50e8731e1aa0858d71bc0d09
Simple Task List 1.0 SQL Injection
Posted Mar 20, 2024
Authored by Ersin Erenler

Simple Task List version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-46023
SHA-256 | 3d7d08d11026b2dd3229567d42244f4b661bad830d96053161fec984a11d837d
Teacher Subject Allocation Management System 1.0 SQL Injection
Posted Mar 20, 2024
Authored by Ersin Erenler

Teacher Subject Allocation Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-46024
SHA-256 | 70201b7921db68f4cd1eabfe9d49fef650e64263d687be24d951e0f1d2287e83
Tramyardg Autoexpress 1.3.0 Authentication Bypass
Posted Mar 19, 2024
Authored by Scott White

Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.

tags | exploit, remote, bypass
advisories | CVE-2023-48902
SHA-256 | a6b19ec46406ffd95a91f57125dc469d0979113c3d6a82b162a1b682d2ed2eca
Tramyardg Autoexpress 1.3.0 SQL Injection
Posted Mar 19, 2024
Authored by Scott White

Tramyardg Autoexpress version 1.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-48901
SHA-256 | b6a01bb6956141a3ae4c607cc789894c67a647629befb99a934046f4a4a462f1
Quick.CMS 6.7 SQL Injection
Posted Mar 19, 2024
Authored by H4X.Forensics

Quick.CMS version 6.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | cd96d379383fd6bc85ab4e185183931ea6b236dd9b5c004203a06f94f9bd9b70
Atlassian Confluence 8.5.3 Remote Code Execution
Posted Mar 19, 2024
Authored by MaanVader

Atlassian Confluence versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-22527
SHA-256 | 0aa128553cbd5a516cc713b76e3dc3f366da8678b4aba8459dee773880a5c164
ZoneMinder Snapshots Remote Code Execution
Posted Mar 19, 2024
Authored by Ravindu Wickramasinghe | Site github.com

ZoneMinder Snapshots versions prior to 1.37.33 suffer from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-26035
SHA-256 | 1214b8dd5cc3e41afef6bf3970934bdc17fe4f69cdd2f486c163cc06c6903f65
Gibbon LMS 26.0.00 PHP Deserialization / Code Execution
Posted Mar 19, 2024
Authored by Islam Rzayev, Fikrat, Fikrat Guliev, Ali Maharramli

Gibbon LMS version 26.0.00 suffers from a PHP deserialization vulnerability that allows for authenticated remote code execution.

tags | exploit, remote, php, code execution
advisories | CVE-2024-24725
SHA-256 | 59928ae4eff1731c08c74e479a51ac4208ffe4eba4d4ff9a8f5158374bc15227
Ubuntu Security Notice USN-6697-1
Posted Mar 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6697-1 - It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, bash
systems | linux, ubuntu
advisories | CVE-2022-3715
SHA-256 | fe10af17a0fc7c6d4e0f87ab57a52f2b0459257025cad94a6db47deaf071ce11
Fortra FileCatalyst Workflow 5.x Remote Code Execution
Posted Mar 19, 2024
Authored by nettitude | Site labs.nettitude.com

This is a proof of concept exploit for CVE-2024-25153, a remote code execution vulnerability in Fortra FileCatalyst Workflow versions 5.x, before 5.1.6 Build 114.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2024-25153
SHA-256 | 2a8afe7aeb8387754a5e1093b278c99cf0daa3ee2f0907df1d3ea9383e5f2a54
Gasmark Pro 1.0 Shell Upload
Posted Mar 18, 2024
Authored by nu11secur1ty

Gasmark Pro version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 74aac3d302e6dccc4a04f4bb3b7f33f7c74952c5fafd68a7b296c174889dd69b
Nokia BMC Log Scanner 13 Command Injection
Posted Mar 18, 2024
Authored by Matthew Gregory, Carlos Andres Gonzalez

Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2022-45899
SHA-256 | dd739a9071327fb09fa5e5c4324f8585adfcdd2bb749945102e954aa364813c8
Ubuntu Security Notice USN-6695-1
Posted Mar 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6695-1 - It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18604, CVE-2023-32668, CVE-2024-25262
SHA-256 | e8f6e7fc279a5f1af336dbd407dfe96cd81c2d7194fe47a554772e61fc96870e
Membership Management System 1.0 SQL Injection / Shell Upload
Posted Mar 15, 2024
Authored by SoSPiro

Membership Management System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | bafbc2c7895ab97a3d57de482862b676a744678a894f6abb9103ae63f21b01a1
Ubuntu Security Notice USN-6673-2
Posted Mar 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6673-2 - USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 16.04 LTS. Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2023-50782
SHA-256 | c4fe18ae97be2193d34a7e1f1b12596463b48313b3820550e75dc093759247ba
JetBrains TeamCity Unauthenticated Remote Code Execution
Posted Mar 14, 2024
Authored by sfewer-r7 | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker to achieve unauthenticated remote code execution on the target TeamCity server. On older versions of TeamCity, access tokens do not exist so the exploit will instead create a new administrator account before uploading a plugin. Older versions of TeamCity have a debug endpoint (/app/rest/debug/process) that allows for arbitrary commands to be executed, however recent version of TeamCity no longer ship this endpoint, hence why a plugin is leveraged for code execution instead, as this is supported on all versions tested.

tags | exploit, remote, arbitrary, code execution, bypass
advisories | CVE-2024-27198
SHA-256 | 68370990799fd1605fae05ac9ac3f36fd6659508fbfeef67d22e3cf720e8fa87
Red Hat Security Advisory 2024-1321-03
Posted Mar 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1321-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2024-27289
SHA-256 | d95d3241f282a5f42e6af5a8ac241179ef6329f681c625f25b533245c13ac448
JetBrains TeamCity 2023.05.3 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

JetBrains TeamCity version 2023.05.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-42793
SHA-256 | e1c264f19102d105794de4c6c20eaafe22944b48d40bf81b679d6529f26dcffb
Honeywell PM43 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Honeywell PM43 versions prior to P10.19.050004 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-3710
SHA-256 | af3705248c7122eb4d11be4c13209b3526cbee77ed228747c3f55800ef9fb1ef
SolarView Compact 6.00 Command Injection
Posted Mar 14, 2024
Authored by ByteHunter

SolarView Compact version 6.00 suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2023-23333
SHA-256 | 036c73fd4d8c1b4db5a8dfeb1d025199673968fe8cec024982fdbe68c19a7ca1
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Viessmann Vitogate 300 versions 2.1.3.0 and below suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-5222, CVE-2023-5702
SHA-256 | 86410aca0ad3a7245b8cb07735d4ec21669679039be68751fc1b43a423e0766a
Ruijie Switch PSG-5124 26293 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Ruijie Switch version PSG-5124 with software build 26293 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 31f3b0a900318bec9de9a1e9f67d893c6b3f4c63a3437484a3559c375ebb2fa0
Client Details System 1.0 SQL Injection
Posted Mar 13, 2024
Authored by Hamdi Sevben

Client Details System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-7137
SHA-256 | 64589c2ecc306d978f6791cf6a635512b98de6e52e4573c83fe9e9fe5303bbed
MetaFox 5.1.8 Shell Upload
Posted Mar 13, 2024
Authored by The Joker

MetaFox versions 5.1.8 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | e2b323542d1ae762fd44f17402386b535064f3b92a9eb3e937211dc86f883e48
Page 2 of 1,255
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close