Hotel And Lodge Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
>> ARCHIVE: 2021-03
WordPress GiveWP plugin version 2.9.7 suffers from a cross site scripting vulnerability.
This Metasploit module exploits an unauthenticated configuration change combined with an unauthenticated file write primitive, leading to an arbitrary file write that allows for remote code execution as the user…
This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin (CVE-2021-26855) and write arbitrary file (CVE-2021-27065) to get the…
Ext2Fsd v0.68 – ‘Ext2Srv’ Unquoted Service Path
CMS Made Simple version 2.2.15 suffers from a remote SQL injection vulnerability.
CMS Made Simple version 2.2.15 suffers from a remote shell upload vulnerability.
Winpakpro version 4.8 suffers from multiple unquoted service path vulnerabilities.
SAPSetup Automatic Workstation Update Service 750 suffers from an unquoted service path vulnerability.
Zoom versions 5.4.3 (54779.1115) and 5.5.4 (13142.0301) temporarily shares other application windows not in scope for sharing.