PHP Restaurants 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
PHP Restaurants version 1.0 suffers from a remote SQL injection vulnerability.
Archive for February, 2022
Backdoor.Win32.Zxman Code Execution
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Zxman malware suffers from a code execution vulnerability.
Moodle 3.11.4 SQL Injection
Posted by deepcore under exploit (No Respond)
Moodle version 3.11.4 suffers from a remote SQL injection vulnerability.
Huawei DG8045 Router 1.0 Credential Disclosure
Posted by deepcore under exploit (No Respond)
Huawei DG8045 Router version 1.0 suffers from a credential disclosure vulnerability.
Backdoor.Win32.Small.bu Remote Command Execution
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Small.bu (KGB-RAT server version 0.1) malware suffers from a remote command execution vulnerability.
WordPress Learnpress 4.1.4.1 Arbitrary Image Renaming
Posted by deepcore under exploit (No Respond)
WordPress Learnpress plugin version 4.1.4.1 suffers from an arbitrary image renaming vulnerability.
Cisco Small Business RV Series Authentication Bypass / Command Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an authentication bypass (CVE-2021-1472) and command injection (CVE-2021-1473) in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in the HTTP Authorization field when requests are made to the /upload endpoint. Then the upload.cgi binary will use the contents of the HTTP Cookie field […]
Packet Storm New Exploits For January, 2022
Posted by deepcore under exploit (No Respond)
This archive contains all of the 167 exploits added to Packet Storm in January, 2022.
[webapps] Moodle 3.11.4 – SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] WordPress Plugin 404 to 301 2.0.2 – SQL-Injection (Authenticated)
Posted by deepcore under Security (No Respond)