The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged…
>> AUTHOR: deepcore
This Metasploit module exploits a command execution vulnerability in AROX School-ERP. “import_stud.php” and “upload_fille.php” do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore…
Netperf version 2.6.0 suffers from a stack-based buffer overflow.
Exim versions 4.87 through 4.91 suffer from a local privilege escalation vulnerability.
Sahi pro 7.x/8.x – Directory Traversal
Sahi pro 8.x – SQL Injection
Sahi pro 8.x – Cross-Site Scripting
Linux/x86_64 – execve(/bin/sh) Shellcode (22 bytes)
Serv-U FTP Server < 15.1.7 – Local Privilege Escalation
AROX School-ERP Pro – Unauthenticated Remote Command Execution (Metasploit)