Exponent CMS version 2.6 suffers from cross site scripting and brute forcing vulnerabilities.
Aver EVC300 Firmware 00.10.16.36 Hardcoded Secrets
Aver EVC300 firmware version 00.10.16.36 suffers from having multiple hard-coded secrets that can allow for access bypass.
Alfa Team Shell Tesla 4.1 Remote Code Execution
Alfa Team Shell Tesla version 4.1 suffers from a remote code execution vulnerability.
Signup PHP Portal 2.1 Shell Upload
Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.
Video Sharing Website 1.0 SQL Injection
Video Sharing Website version 1.0 appears to suffer from a remote SQL injection vulnerability.
Bazaar Web PHP Social Listings Shell Upload
Bazaar Web PHP Social Listings suffers from a remote shell upload vulnerability.
WordPress Popular Posts 5.3.2 Remote Code Execution
This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages […]
[webapps] Exponent CMS 2.6 – Multiple Vulnerabilities
Exponent CMS 2.6 – Multiple Vulnerabilities
[webapps] phpKF CMS 3.00 Beta y6 – Remote Code Execution (RCE) (Unauthenticated)
phpKF CMS 3.00 Beta y6 – Remote Code Execution (RCE) (Unauthenticated)
[webapps] WBCE CMS 1.5.1 – Admin Password Reset
WBCE CMS 1.5.1 – Admin Password Reset