CHIYU IoT Devices – ‘Telnet’ Authentication Bypass
CHIYU IoT Devices – ‘Telnet’ Authentication Bypass
FUDForum 3.1.0 – ‘srch’ Reflected XSS
PHP 8.1.0-dev – ‘User-Agentt’ Remote Code Execution
This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as…
Postbird version 0.8.4 suffers from cross site scripting, local file inclusion, and insecure data storage vulnerabilities. Included in this archive is a whitepaper and proof of concept exploit.
This archive contains all of the 185 exploits added to Packet Storm in May, 2021.
Veyon version 4.4.1 suffers from an unquoted service path vulnerability.
DupTerminator version 1.4.5639.37199 denial of service proof of concept exploit.
Backdoor.Win32.Wisell malware suffers from a code execution vulnerability.
LogonTracer version 1.2.0 unauthenticated remote code execution exploit.