This Metasploit module exploits an unauthenticated file upload and command injection vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6, and 13.8.8. Exploitation…
>> AUTHOR: deepcore
Fuel CMS version 1.4.1 remote code execution exploit. Original discovery of remote code execution in this version is attributed to 0xd0ff9 in July of 2019.
Fuel CMS version 1.4.1 remote code execution exploit. Original discovery of remote code execution in this version is attributed to 0xd0ff9 in July of 2019.
Opencart 3 Extension TMD Vendor System – Blind SQL Injection
Opencart 3 Extension TMD Vendor System – Blind SQL Injection
YouTube Video Grabber version 1.9.9.1 suffers from a SEH buffer overflow vulnerability.
Kingdia CD Extractor version 3.0.2 suffers from a SEH buffer overflow vulnerability.
Codiad version 2.8.4 remote reverse shell upload exploit. Original discovery of code execution in this version is attributed to WangYihang in 2018.
This Metasploit module uses an authentication bypass vulnerability in WordPress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With this cookie, hopefully of the admin, it…
Employee Record Management System version 1.2 suffers from a remote SQL injection vulnerability.