BSA Radar version 1.6.7234.24750 suffers from a local file inclusion vulnerability.
>> ARCHIVE: 2020-07
Apartment Visitors Management System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
This Metasploit module exploits multiple vulnerabilities together in order to achieve remote code execution in Trend Micro Web Security versions prior to 6.5 SP2 Patch 4 (Build 1901).
Zyxel Armor X1 WAP6806 suffers from a directory traversal vulnerability.
Oracle Solaris 11 Device Driver Utility version 1.3.1 suffers from an insecure use of /tmp that can allow for a race condition which leads to privilege escalation. Included exploit provides…
Wing FTP Server 6.3.8 – Remote Code Execution (Authenticated)
RiteCMS 2.2.1 – Remote Code Execution
Zyxel Armor X1 WAP6806 – Directory Traversal
SuperMicro IPMI WebInterface 03.40 – Cross-Site Request Forgery (Add Admin)
Park Ticketing Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. These can be used to bypass login and execute code.