This Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell…
>> ARCHIVE: 2020-09
Online Shop Project version 1.0 suffers from a remote SQL injection vulnerability.
Seat Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
BlackCat CMS version 1.3.6 suffers from a cross site request forgery vulnerability.
Mida eFramework version 2.9.0 suffers from having a backdoor access vulnerability.
Flatpress Add Blog 1.0.3 – Persistent Cross-Site Scripting
Comodo Unified Threat Management Web Console 2.7.0 – Remote Code Execution
B-swiss 3 Digital Signage System 3.6.5 – Remote Code Execution
Mida eFramework 2.9.0 – Back Door Access
Seat Reservation System 1.0 – ‘id’ SQL Injection