ManageEngine ADSelfService Plus 6000 unauthenticated remote code execution exploit.
>> ARCHIVE: 2020-08
vBulletin version 5.x pre-authentication widget_tabbedcontainer_tab_panel remote code execution exploit. This exploit demonstrates that the patch for CVE-2019-16759 was not sufficient. Written in bash.
vBulletin version 5.x pre-authentication widget_tabbedcontainer_tab_panel remote code execution exploit. This exploit demonstrates that the patch for CVE-2019-16759 was not sufficient. Written in python.
Travel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Travel Management System version 1.0 unauthenticated remote code execution exploit.
CMS Made Simple 2.2.14 – Authenticated Arbitrary File Upload
vBulletin 5.6.2 – ‘widget_tabbedContainer_tab_panel’ Remote Code Execution
http://suratpeo.go.th notified by Mr.Z
Fuel CMS 1.4.7 – ‘col’ SQL Injection (Authenticated)
BarcodeOCR 19.3.6 – ‘BarcodeOCR’ Unquoted Service Path