SmarterMail 16 – Arbitrary File Upload
>> ARCHIVE: 2020-06
SmarterMail 16 – Arbitrary File Upload
Sistem Informasi Pengumuman Kelulusan Online version 1.0 suffers from a cross site request forgery vulnerability.
This Metasploit module exploits a vulnerability in LinuxKI Toolset versions 6.01 and below which allows remote code execution. The kivis.php pid parameter received from the user is sent to the…
This research discusses two different vulnerabilities addressed in the June 2020 Microsoft Patch Tuesday. An integer overflow in OLE marshalling and a race condition with arbitrary file deletion are described…
Frigate Professional 3.36.0.9 – ‘Find Computer’ Local Buffer Overflow (SEH) (PoC)
Virtual Airlines Manager version 2.6.2 suffers from a remote SQL injection vulnerability.
Bludit version 3.9.12 suffers from a directory traversal vulnerability.
Bandwidth Monitor version 3.9 full ROP buffer overflow exploit with SEH, DEP, and ASLR taken into consideration.
WebUntis versions 2020.12.1 and below suffer from a persistent cross site scripting vulnerability.
Joomla J2 Store version 3.3.11 suffers from an authenticated remote SQL injection vulnerability.