what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 107 RSS Feed

Files

Packet Storm New Exploits For February, 2024
Posted Mar 1, 2024
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 106 exploits added to Packet Storm in February, 2024.

tags | exploit
SHA-256 | fbeeba3e5095c48fa40ffef93379125b9600aa791763df12b1e8c38c10bdd59a
Download | Favorite | View
Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution
Posted Feb 29, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.amt malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | b6b18194f2e689d34f31467983fac3c6ef3ca487f56d307bb7a3aba5b961cffd
Download | Favorite | View
Backdoor.Win32.Jeemp.c MVID-2024-0672 Hardcoded Credential
Posted Feb 29, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Jeemp.c malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | 5e4ddaa4fb20fd54762a11e5e3b4f3336161f26cd683100a9b9009e19ba332e0
Download | Favorite | View
WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting
Posted Feb 29, 2024
Authored by Laburity Research Team

WordPress IDonate Blood Request Management System plugin versions 1.8.1 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | deb442f6accbca69dc829364f209cc07083ae35484b8d9dbcf49d6fb5acec053
Download | Favorite | View
Telegram For Android Connection::onReceivedData Use-After-Free
Posted Feb 28, 2024
Authored by Google Security Research, Mark Brand

In the tgnet library used in Telegram messenger for Android, there is a use-after-free vulnerability in Connection::onReceivedData that can be triggered remotely.

tags | exploit
SHA-256 | bca6a67a76c752f1ecdcd8907312e1eb9daa4808f56fcf845f91420c4d98f5d4
Download | Favorite | View
Saflok System 6000 Key Derivation
Posted Feb 28, 2024
Authored by a51199deefa2c2520cea24f746d899ce

This is a key derivation exploit for Saflokk System 6000.

tags | exploit, info disclosure
SHA-256 | 77fb2e53166bf30d0f69ef4d47cfe5bbebe8ef4c1ea6e0b05a88615b3c1fde28
Download | Favorite | View
Blood Bank 1.0 SQL Injection
Posted Feb 28, 2024
Authored by Ersin Erenler

Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2023-46014, CVE-2023-46017, CVE-2023-46018
SHA-256 | b80ea9dc4dcabb3799a9c6566f8928f2eaa8d06049d1d71965c70f4f1c6af8b7
Download | Favorite | View
WordPress WP Fastest Cache 1.2.2 SQL Injection
Posted Feb 28, 2024
Authored by Meryem Taskin

WordPress WP Fastest Cache plugin version 1.2.2 suffers from an unauthenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-6063
SHA-256 | 38c4ccc413d62f200211fb17cb0cd093832fd5b828e079e5fdf40dfcd8083574
Download | Favorite | View
WordPress Admin Bar And Dashboard Access Control 1.28 XSS
Posted Feb 28, 2024
Authored by Rachit Arora

WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-47184
SHA-256 | b4ad5f139e9d3b2516b87a994569e0646ffb052a5990072054404ca117aece0b
Download | Favorite | View
Hospital Management System 1.0 Insecure Direct Object Reference / Account Takeover
Posted Feb 27, 2024
Authored by SoSPiro

Hospital Management System version 1.0 suffers from insecure direct object reference and account takeover vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2024-28320
SHA-256 | be19d62054d99ae7a13a56bfe14d696f9386cb9b1076c31c5d2ce818f0bec232
Download | Favorite | View
Hospital Management System 1.0 Cross Site Scripting
Posted Feb 27, 2024
Authored by SoSPiro

Hospital Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ee80dd4b7307acb7e78dc9fe5a4441a93e60abc361a7fa9ad6121fdf7e97628c
Download | Favorite | View
Hospital Management System 1.0 SQL Injection
Posted Feb 27, 2024
Authored by SoSPiro

Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d44a649c2c912867d906854a7f620e0dc403f37dffff37c544bc1619094d5b96
Download | Favorite | View
perl2exe 30.10C Arbitrary Code Execution
Posted Feb 27, 2024
Authored by decrazyo

Executables created with perl2exe versions 30.10C and below suffer from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | 4cecfc183baf33a9505c1e103e36e7ae9acc23ba7f3fc80294c995ac275e79b0
Download | Favorite | View
Automatic-Systems SOC FL9600 FastLine Hardcoded Credentials
Posted Feb 27, 2024
Authored by Marcin Kozlowski, Mike Jankowski-Lorek

Automatic-Systems SOC FL9600 FastLine version V06 has hardcoded credentials for super admin functionality.

tags | exploit
advisories | CVE-2023-37608
SHA-256 | 8d39714181692d67f93a9e46f5f0953216b012889a3b7ebbe7fa9cd7bf60bd0d
Download | Favorite | View
Automatic-Systems SOC FL9600 FastLine Directory Traversal
Posted Feb 27, 2024
Authored by Marcin Kozlowski, Mike Jankowski-Lorek

Automatic-Systems SOC FL9600 FastLine version V06 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2023-37607
SHA-256 | e43491c92de6a6e95e9bcf00c8f526235bfba3e6efc005c1ff1ac8382b3fa1ae
Download | Favorite | View
Atlassian Confluence Data Center And Server Authentication Bypass
Posted Feb 27, 2024
Authored by unknown, Emir Polat | Site metasploit.com

This Metasploit module exploits a broken access control vulnerability in Atlassian Confluence servers leading to an authentication bypass. A specially crafted request can be create new admin account without authentication on the target Atlassian server.

tags | exploit
advisories | CVE-2023-22515
SHA-256 | c9933148dbb3513e341045ef4dcef5999b02882361749da2c6cd6cfe8c0471bc
Download | Favorite | View
Moodle 4.3 Insecure Direct Object Reference
Posted Feb 27, 2024
Authored by tmrswrr

Moodle version 4.3 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 0485561a16603707f6cfa13e517e05e872b10a48a6b02c4acd2dd562d2182284
Download | Favorite | View
WordPress Canto Remote Shell Upload
Posted Feb 27, 2024
Authored by Leopoldo Angulo

WordPress Canto versions prior to 3.0.5 suffer from remote file inclusion and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, file inclusion
advisories | CVE-2023-3452
SHA-256 | a59ad7feb866d8c5d65a87422165e0d5c276bf4da7b8e83a100a1933f7afdf64
Download | Favorite | View
WordPress Comments Like Dislike 1.2.0 Missing Authorization
Posted Feb 27, 2024
Authored by Diaa Hanna

WordPress Comments Like Dislike plugin versions 1.2.0 and below suffer from a missing capability check on the restore_settings function that allows an attacker to reset the plugin's settings.

tags | exploit
advisories | CVE-2023-3244
SHA-256 | 30694c0d87c0279433026fa6057e69b38edd9bdf49da277bc82125dd688bd97e
Download | Favorite | View
SuperStoreFinder 3.7 XSS / CSRF / Command Execution
Posted Feb 27, 2024
Authored by bRpsd

SuperStoreFinder versions 3.7 and below suffer from cross site request forgery, remote command execution, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 8a5a27ee2cdba842a87bb56778f36fe0e630257be6595b634453cc2afcaf8a8c
Download | Favorite | View
Simple Inventory Management System 1.0 SQL Injection
Posted Feb 26, 2024
Authored by SoSPiro

Simple Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8e51d27e9d209102d0cc21f4fcd8ca293e548ced1856940a8a497960d3d17967
Download | Favorite | View
Flashcard Quiz App 1.0 SQL Injection
Posted Feb 26, 2024
Authored by SoSPiro

Flashcard Quiz App version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2d19f05f546a17fd7531fb2d8505ca2f52f76ae282a5f46a1b55c2ced76fd1ef
Download | Favorite | View
FAQ Management System 1.0 SQL Injection
Posted Feb 26, 2024
Authored by SoSPiro

FAQ Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2ea51098a949106e71b766b144109b1be9da517c51665344c9ebb17028a158a4
Download | Favorite | View
Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution
Posted Feb 26, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.AutoSpy.10 malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 01433d0ad222e5da0927202b151b19c29afd6ce5f59f4e0b3302a97ed91a29bb
Download | Favorite | View
Tosibox Key Service 3.3.0 Local Privilege Escalation / Unquoted Service Path
Posted Feb 24, 2024
Authored by LiquidWorm | Site zeroscience.mk

Tosibox Key Service versions 3.3.0 and below suffer from an unquoted search path issue impacting the service Tosibox Key Service for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.

tags | exploit, arbitrary, local
systems | windows
SHA-256 | 7820f9f7d9af81913956c26707d4acc215ad499c129864227adf8ac1f2345e47
Download | Favorite | View
Page 1 of 5
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
MoD Contractor Hacked By China Failed To Report Breach For Months
Posted May 10, 2024

tags | headline, hacker, government, britain, china, cyberwar, military
Favorite | View
Ex-White House Election Threat Hunter Weighs In On What To Expect In November
Posted May 10, 2024

tags | headline, government, usa, russia, fraud, cyberwar
Favorite | View
FBI Working Towards Nabbing Scattered Spider Hackers, Official Says
Posted May 10, 2024

tags | headline, hacker, government, usa, fbi
Favorite | View
Leaked FBI Email Stresses Need For Warrantless Surveillance Of Americans
Posted May 10, 2024

tags | headline, government, privacy, usa, spyware, fbi
Favorite | View
Cybersecurity Incident Impacts Operations At Ascension Hospitals
Posted May 10, 2024

tags | headline, hacker, privacy, malware, data loss
Favorite | View
AWS CloudQuarry: Digging For Secrets In Public AMIs
Posted May 9, 2024

tags | headline, amazon, data loss, flaw, password
Favorite | View
LockBit Takes Credit For City Of Wichita Ransomware Attack
Posted May 9, 2024

tags | headline, malware, cybercrime, cryptography
Favorite | View
UK Armed Forces' Personal Data Hacked In MoD Breach
Posted May 9, 2024

tags | headline, privacy, britain, data loss, cyberwar, military
Favorite | View
TunnelVision DHCP Flaw Lets Attackers Bypass VPNs, Redirect Traffic
Posted May 9, 2024

tags | headline, privacy, flaw
Favorite | View
Zscaler Investigates Hacking Claims After Data Offered For Sale
Posted May 9, 2024

tags | headline, hacker, flaw
Favorite | View
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close