Backdoor.Win32.Cafeini.08.b malware suffers from a missing authentication vulnerability.
>> ARCHIVE: 2021-02
This Metasploit module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the…
This Metasploit module exploits an insecure permission vulnerability on a folder in Micro Focus Operations Bridge Manager. An unprivileged user (such as Guest) can drop a JSP file in an…
Nsauditor 3.2.2.0 – ‘Event Description’ Denial of Service (PoC)
AgataSoft PingMaster Pro 2.1 – Denial of Service (PoC)
Managed Switch Port Mapping Tool 2.85.2 – Denial of Service (PoC)
Online Internship Management System 1.0 – ’email’ SQL injection Auth Bypass
BlackCat CMS 1.3.6 – ‘Display name’ Cross Site Scripting (XSS)
http://www.huaitoei.go.th/nkri.txt notified by Xyp3r2667
Tasks 9.7.3 – Insecure Permissions