ManageEngine opManager 12.3.150 – Authenticated Code Execution
>> AUTHOR: deepcore
ManageEngine opManager 12.3.150 – Authenticated Code Execution
Agent Tesla Botnet – Arbitrary Code Execution (Metasploit)
Ghidra (Linux) version 9.0.4 suffers from a .gar related arbitrary code execution vulnerability.
Joomla JS Jobs component version 1.2.5 suffers from a remote SQL injection vulnerability in cities.php.
This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.
UNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.
Joomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.
This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.920 and below. If the password change module is turned on, the unauthenticated user can execute arbitrary commands…
This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server.
VxWorks version 6.8 suffers from an integer underflow vulnerability.