PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.
>> AUTHOR: deepcore
This Metasploit module exploits the mishandling of a password reset in JSON for Strapi CMS version 3.0.0-beta.17.4 to change the password of a privileged user.
This Metasploit module uses QEMU’s Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0…
Exam Reviewer Management System 1.0 – ‘id’ SQL Injection
Exam Reviewer Management System 1.0 – Remote Code Execution (RCE) (Authenticated)
AtomCMS v2.0 – SQLi
Chrome suffers from making use of an uninitialized on-stack pointer in storage::BlobBuilderFromStream.
Backdoor.Win32.Small.er malware suffers from a code execution vulnerability.
Hospital Management System version 4.0 suffers from multiple remote SQL injection vulnerabilities. Original discovered of SQL injection in this version is attributed to Metin Yunus Kandemir in January of 2020.
WordPress International SMS for Contact Form 7 Integration plugin version 1.2 suffers from a cross site scripting vulnerability.