Library Management System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)
>> ARCHIVE: 2021-09
Library Management System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)
WordPress Plugin WooCommerce Booster Plugin 5.4.3 – Authentication Bypass
This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code…
Remote command execution exploit for Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 which have a web interface called AlphaWeb XE that allows for a remote shell upload.
Evolution CMS version 3.1.6 authenticated remote code execution exploit.
AHSS-PHP version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Support Board version 3.3.3 suffers from a remote SQL injection vulnerability.
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…
ImpressCMS 1.4.2 – Remote Code Execution (RCE) (Authenticated)
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…