Artworks Gallery Management System 1.0 SQL Injection
Artworks Gallery Management System version 1.0 suffers from a remote SQL injection vulnerability.
Artworks Gallery Management System version 1.0 suffers from a remote SQL injection vulnerability.
Android Studio has an issue where a malicious project can execute a custom cmd.exe allowing for privilege escalation. Google does not believe this is an issue.
CSE Bookstore version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Alper Basaran in October of 2020.
This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin W3 Total Cache version 0.9.2.6 through 0.9.3, allowing arbitrary file read with the web server privileges.
This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.962 and lower versions. Any user authorized to the Package Updates module can execute arbitrary commands with root privileges. It emerged by circumventing the measure taken for CVE-2019-12840.
Library Management System version 3.0 suffers from a persistent cross site scripting vulnerability.
Multi Branch School Management System version 3.5 suffers from a persistent cross site scripting vulnerability.
Linux suffers from broken locking in TIOCSPGRP that can lead to a corrupted refcount.
TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)
Tags: 0day, remote exploit