Real Estate CRM Pro from IT Ways version 5.7 appears to suffer from a remote SQL injection vulnerability that can allow for authentication bypass.
>> ARCHIVE: 2023-03
This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It’s possible for an administrator to create a scheduled job…
This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It’s possible for an administrator to create a scheduled job…
This archive contains all of the 82 exploits added to Packet Storm in February, 2023.
This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain…
This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain…
ChurchCRM version 4.5.3 suffers from a remote SQL injection vulnerability.
ME-FI DOT version 2.2 leaves default administrative credentials installed post installation.
ME-FI DOT version 2.2 suffers from a remote SQL injection vulnerability.
The WoodMart premium theme for WordPress is vulnerable to unauthenticated arbitrary shortcodes injection in versions 7.1.0 and below. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.