This Metasploit module exploits a file upload in VMware vCenter Server’s analytics/telemetry (CEIP) service to write a system crontab and execute shell commands as the root user. Note that CEIP…
>> ARCHIVE: 2021-10
Online Employees Work From Home Attendance System 1.0 – SQLi Authentication Bypass
Online Enrollment Management System 1.0 – Authentication Bypass
Simple Online College Entrance Exam System 1.0 – Account Takeover
Simple Online College Entrance Exam System 1.0 – Unauthenticated Admin Creation
WordPress Plugin Pie Register 3.7.1.4 – Admin Privilege Escalation (Unauthenticated)
django-unicorn 0.35.3 – Stored Cross-Site Scripting (XSS)
Maian-Cart 3.8 – Remote Code Execution (RCE) (Unauthenticated)
IFSC Code Finder Project 1.0 – SQL injection (Unauthenticated)
Online Traffic Offense Management System 1.0 – Privilage escalation (Unauthenticated)