This Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any […]
Adobe Connect versions 11.4.5 and below as well as versions 12.1.5 and below suffer from a file disclosure vulnerability.
Yoga Class Registration version 1.0 suffers from a remote SQL injection vulnerability.
Human Resources Management System version 1.0 suffers from a remote SQL injection vulnerability.
Online Pizza Ordering System version 1.0 suffers from a remote SQL injection vulnerability.
Yoga Class Registration System version 1.0 suffers from a cross site scripting vulnerability.
Medicine Tracker System version 1.0 suffers from a cross site scripting vulnerability.
Music Gallery Site version 1.0 suffers from a cross site scripting vulnerability.
There is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it is called in Shannon according to debug strings), when decoding the Extended protocol configuration options message (IEI = 0x7B).