Showing 1 - 25 of 151

Files

Packet Storm New Exploits For March, 2023: Posted Apr 3, 2023; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 151 exploits added to Packet Storm in March, 2023.; tags | exploit; SHA-256 | 6d4e101713dbe0d2a5aaac8e9e78f330e12e252425bb0014650732be21c0526d; Download | Favorite | View

Judging Management System 1.0 Shell Upload: Posted Mar 31, 2023; Authored by Angelo Pio Amirante; Judging Management System version 1.0 suffers from bypass and remote shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability; SHA-256 | b2b1ea3efbc39916a8b6780d53b2a8a58c209c0d240ccfc1afc9c263d48f5142; Download | Favorite | View

Judging Management System 1.0 SQL Injection: Posted Mar 31, 2023; Authored by Angelo Pio Amirante; Judging Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for login bypass.; tags | exploit, remote, sql injection; SHA-256 | c36671f4c18dabebfb4ac38ad51b98f6b1c989d4f3b2c717cdb996cef42f7aaf; Download | Favorite | View

EQ Enterprise Management System 2.2.0 SQL Injection: Posted Mar 31, 2023; Authored by TLF; EQ Enterprise Management System version 2.2.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2022-45297; SHA-256 | 3bcaf97f13e7af562b4c5aee3ec0d4d3dfcaa22c00a7c4e4adfa0991703b1749; Download | Favorite | View

Online Pizza Ordering 1.0 SQL Injection: Posted Mar 31, 2023; Authored by nu11secur1ty; Online Pizza Ordering version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 469baff57259c3edfd5b9dc9e8bb4a1d8c40b8043d5480830f7ddc095f662638; Download | Favorite | View

rconfig 3.9.7 SQL Injection: Posted Mar 31, 2023; Authored by azhen; rconfig version 3.9.7 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2022-45030; SHA-256 | df3ba429f5e78218eb22753e367ddfe33daefa3c49241c3dca96529f31f60a8e; Download | Favorite | View

CoolerMaster MasterPlus 1.8.5 Unquoted Service Path: Posted Mar 31, 2023; Authored by Damian Semon Jr; CoolerMaster MasterPlus version 1.8.5 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | 7573c6a1f85d55ad712651f58454825096ad1ed16f25b583488e0dc97287b836; Download | Favorite | View

Qubes Mirage Firewall 0.8.3 Denial Of Service: Posted Mar 31, 2023; Authored by Krzysztof Burghardt; Qubes Mirage Firewall versions 0.8.0 through 0.8.3 suffer from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2022-46770; SHA-256 | 5f45f1b2f19df34e7b84103b836c78bb7dd504a9c645807af0e711e38743d5ed; Download | Favorite | View

WordPress WooCommerce 7.1.0 Remote Code Execution: Posted Mar 31, 2023; Authored by Milad Karimi; WordPress WooCommerce plugin version 7.1.0 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | f021cd47c7f1b017839fccc746799aa283e87568ba3bd7b36c7e5308828f5b5e; Download | Favorite | View

Cacti 1.2.22 Remote Command Execution: Posted Mar 31, 2023; Authored by Riadh Bouchahoua; Cacti version 1.2.22 suffers from a remote command execution vulnerability.; tags | exploit, remote; advisories | CVE-2022-46169; SHA-256 | bc9ecc25f4fbe8075d07bfe9bc77d607edb0a252aa91b78b0c9c13fbd7a33a3b; Download | Favorite | View

Textpattern 4.8.8 Remote Code Execution: Posted Mar 31, 2023; Authored by Alperen Ergel; Textpattern version 4.8.8 suffers from an authenticated remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 89d596b7562691bc5e3d1b701cec34938f03d197f1f7784c76de0061cdc011cc; Download | Favorite | View

Bludit 3-14-1 Shell Upload: Posted Mar 31, 2023; Authored by Alperen Ergel; Bludit version 3-14-1 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | f5baef0a0f9582f9e9b79f39070eaecf02e29c6dea03fc9562e5f4a59969f8c3; Download | Favorite | View

Ancillary Function Driver (AFD) For Winsock Privilege Escalation: Posted Mar 30, 2023; Authored by Christophe de la Fuente, b33f, Yarden Shafir, chompie | Site metasploit.com; A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local privilege escalation. This exploit only supports Windows 11 22H2 up to build 22621.963 (patched in January 2023 updates).; tags | exploit, arbitrary, kernel, local; systems | windows; advisories | CVE-2023-21768; SHA-256 | d5a189a643f3c07d66a853b96018a65f135901780840ff23dc17f6a405330ebb; Download | Favorite | View

Eve-ng 5.0.1-13 Cross Site Scripting: Posted Mar 30, 2023; Authored by hassan ali al-khafaji; Eve-ng version 5.0.1-13 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | be43de673fe4e34764578de538a60501318e3c4d6d645aed30e25aa59b27759e; Download | Favorite | View

WordPress WPForms 1.7.8 Cross Site Scripting: Posted Mar 30, 2023; Authored by Milad Karimi; WordPress WPForms plugin version 1.7.8 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 6ccc5a533aa018a5be4bf48f7f87db7efe5aeabb1e0c4091a490e2fa64a35163; Download | Favorite | View

Forcepoint (Stonesoft VPN Client) 6.2.0 / 6.8.0 Local Privilege Escalation: Posted Mar 30, 2023; Authored by Touhami Kasbaoui; Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.; tags | exploit; SHA-256 | f6383ba11e6f010a7f9f457d8f2b9827a5acea62cbd5f49315ad1360bcf77d12; Download | Favorite | View

CrowdStrike Falcon Agent 6.44.15806 Uninstall Issue: Posted Mar 30, 2023; Authored by Fortunato Lodari, Luca Bernardi, Davide Bianchin, Raffaele Nacca, Walter Oberacher; CrowdStrike Falcon Agent version 6.44.15806 has an uninstall bypass flaw that works without an installation token.; tags | exploit, bypass; advisories | CVE-2022-2841, CVE-2022-44721; SHA-256 | 167262fcff544a60f4b74a17ab58d1672ae1c935d619879546b24472434ee61a; Download | Favorite | View

Lavasoft 4.1.0.409 Unquoted Service Path: Posted Mar 30, 2023; Authored by P4p4 M4n3; Lavasoft version 4.1.0.409 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | 5b794c681e560dc215c9b38c6aa29046256f478b25254460d301fd28da4eea5d; Download | Favorite | View

Virtual Reception 1.0 Directory Traversal: Posted Mar 30, 2023; Authored by Spinae; Virtual Reception version 1.0 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 8e6ab59605f1f4d16d9e84559bfbc1cc7334ebb367d1996dfd274122c598c62b; Download | Favorite | View

Covenant 0.5 Remote Code Execution: Posted Mar 30, 2023; Authored by xThaz; Covenant version 0.5 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | d33a19f48e68f9cc41d80528f03b7c0b426bb5f695a0dd8f782f7cd338b0e126; Download | Favorite | View

DSL-124 Wireless N300 ADSL2+ Backup Disclosure: Posted Mar 30, 2023; Authored by Aryan Chehreghani; DSL-124 Wireless N300 ADSL2+ suffers from a backup disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 63d71c45b66ab170d2acf14007338350c4e6603e64a4f67be40cf28b407eee4c; Download | Favorite | View

myBB forums 1.8.26 Cross Site Scripting: Posted Mar 30, 2023; Authored by Andrey Stoykov; myBB forums version 1.8.26 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 49b4fc9b3db0a04ca44a9ec1d64e1ec281a090a818f848111b735b27147db2e9; Download | Favorite | View

Dreamer CMS 4.0.0 SQL Injection: Posted Mar 30, 2023; Authored by lvren; Dreamer CMS version 4.0.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2022-43128; SHA-256 | 15d057c439a6bc075c46918cd4a29123a3d7b0081fbe9b56a8e0cbd844c96480; Download | Favorite | View

Helmet Store Showroom 1.0 SQL Injection: Posted Mar 30, 2023; Authored by Ameer Hamza; Helmet Store Showroom version 1.0 suffers from a remote SQL injection vulnerability that allows for login bypass.; tags | exploit, remote, sql injection; SHA-256 | 07ae991621e02a876c8ba54defb2278fed838852914d0bc12b799b33c135291b; Download | Favorite | View

Uniview NVR301-04S2-P4 Cross Site Scripting: Posted Mar 30, 2023; Authored by Bleron Rrustemi; Uniview NVR301-04S2-P4 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 51639a999c454c910d7ce644fac8bca7798e2d4607bc7a6ed7a3b6efa55c3632; Download | Favorite | View

Page 1 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 297 files
Ubuntu 69 files
Debian 20 files
Gentoo 8 files
Apple 6 files
Google Security Research 4 files
LiquidWorm 4 files
Spencer McIntyre 3 files
Alter Prime 3 files
Jann Horn 3 files

Files

Top Authors In Last 30 Days

Recent News