This Metasploit module exploits a remote code execution vulnerability found in GetSimpleCMS versions 3.3.15 and below. An arbitrary file upload (PHPcode for example) vulnerability can be triggered by an authenticated…
>> ARCHIVE: 2019-05
Interspire Email Marketer 6.20 – ‘surveys_submit.php’ Remote Code Execution
CEWE Photo Importer 6.4.3 – ‘.jpg’ Denial of Service (PoC)
CEWE Photoshow 6.4.3 – ‘Password’ Denial of Service (PoC)
Iperius Backup 6.1.0 – Privilege Escalation
Sandboxie 5.30 – ‘Programs Alerts’ Denial of Service (PoC)
Tomabo MP4 Converter version 3.25.22 denial of service proof of concept exploit.
CommSy version 8.6.5 suffers from a remote SQL injection vulnerability.
DeepSound version 1.0.4 suffers from a remote SQL injection vulnerability.
Legrand BTicino Driver Manager F454 version 1.0.51 suffers from a cross site request forgery vulnerability.