webERP version 4.15.1 suffers from an unauthenticated backup file disclosure vulnerability.
>> ARCHIVE: 2020-05
ATutor LMS version 2.2.4 suffers from having a weak password reset hash.
This Metasploit module exploits an authenticated OS command injection vulnerability found in Trixbox CE versions 1.2.0 through 2.8.0.4 inclusive in the network POST parameter of the /maint/modules/endpointcfg/endpoint_devicemap.php page. Successful exploitation…
This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual…
IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed…
http://www.laoluang101.go.th/datafile/JT.html notified by Mr.GonzX
GitLab 12.9.0 – Arbitrary File Read
webTareas 2.0.p8 – Arbitrary File Deletion
Online Clothing Store 1.0 – ‘username’ SQL Injection
Booked Scheduler 2.7.7 – Authenticated Directory Traversal