Tiger Post Facebook Auto Post Multi Pages/Groups/Profiles version 3.0.1 suffers from a remote SQL injection vulnerability.
Takas Classified Codeigniter PHP Classified Ad Script version 1.1 suffers from a remote SQL injection vulnerability.
Gram Post Instagram Auto Post Multi Accounts with Paypal Integration version 1.0 suffers from a remote SQL injection vulnerability.
Creative Management System CMS Lite version 1.3.1 suffers from a remote SQL injection vulnerability.
Youtube Analytics Multi Channel version 3.0 suffers from a remote SQL injection vulnerability.
This Metasploit module exploits a vulnerability found in HP Smart Storage Administrator. By supplying a specially crafted HTTP request, it is possible to control the ‘command’ variable in function isDirectFileAccess (found in ipcelmclient.php), which will be used in a proc_open() function. Versions prior to HP SSA 2.60.18.0 are vulnerable.
Ticketbleed is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker the ability to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed.
This Metasploit module generates a macro-enabled Microsoft Office Word document. The comments metadata in the data is injected with a Base64 encoded payload, which will be decoded by the macro and execute as a Windows executable. For a successful attack, the victim is required to manually enable macro execution.
Examplo Online Exam System suffers from a remote SQL injection vulnerability.
SOA School Management suffers from a remote SQL injection vulnerability.