Tailor Management System – ‘id’ SQL Injection
>> ARCHIVE: 2020-09
Tailor Management System – ‘id’ SQL Injection
Input Director 1.4.3 – ‘Input Director’ Unquoted Service Path
Cabot version 0.11.12 suffers from a persistent cross site scripting vulnerability.
Joomla GMapFP component versions J3.5 and J3.5F suffer from an unauthenticated arbitrary file upload vulnerability.
Grocy version 2.7.1 suffers from a persistent cross site scripting vulnerability.
Rapid7 Nexpose Installer version 6.6.39 suffers from a local privilege escalation vulnerability.
This Metasploit module exploits an arbitrary file write in cfprefsd on macOS versions 10.15.4 and below in order to run a payload as root. The CFPreferencesSetAppValue function, which is reachable…
ShareMouse 5.0.43 – ‘ShareMouse Service’ Unquoted Service Path
ManageEngine Applications Manager 14700 – Remote Code Execution (Authenticated)
grocy 2.7.1 – Persistent Cross-Site Scripting