RaspAP 2.6.6 – Remote Code Execution (RCE) (Authenticated)
>> ARCHIVE: 2021-08
RaspAP 2.6.6 – Remote Code Execution (RCE) (Authenticated)
Simple Phone book/directory 1.0 – ‘Username’ SQL Injection (Unauthenticated)
Online Traffic Offense Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
https://www.ccit.go.th/azu.php notified by Wedus
Laundry Booking Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Laundry Booking Management System version 1.0 suffers from a remote SQL injection vulnerability.
NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.
Online Traffic Offense Management System version 1.0 suffers from a remote SQL injection vulnerability.
This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote…
This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote…