This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affects Gitea versions prior to…
>> ARCHIVE: 2022-09
News247 News Magazine version 1.0 suffers from a persistent cross site scripting vulnerability.
WordPress WPGateway plugin versions 3.5 and below suffer from an unauthenticated privilege escalation vulnerability.
Gitea 1.16.6 – Remote Code Execution (RCE) (Metasploit)
http://itservice.fpo.go.th/z.php notified by ./Anon666Txploit
http://www.rattanaburilocal.go.th/!.php notified by ./Anon666Txploit
Rocket LMS version 1.6 suffers from a remote shell upload vulnerability.
Rocket LMS version 1.6 suffers from a cross site scripting vulnerability.
Academy Learning Management System version 5.7 suffers from a remote shell upload vulnerability.
Due to JMX/RMI services in TIBCO JasperReports Server version 8.0.2 Community Edition performing unsafe deserialization, it is possible to execute arbitrary code and system commands on the server system.