Pharmacy Point of Sale System 1.0 – ‘Add New User’ Cross-Site Request Forgery (CSRF)
>> AUTHOR: deepcore
Pharmacy Point of Sale System 1.0 – ‘Add New User’ Cross-Site Request Forgery (CSRF)
Cypress Solutions CTM-200 2.7.1 – Root Remote OS Command Injection
Online Learning System 2.0 – ‘Multiple’ SQLi Authentication Bypass
Simple Issue Tracker System 1.0 – SQLi Authentication Bypass
Student Quarterly Grading System 1.0 – ‘grade’ Stored Cross-Site Scripting (XSS)
Logitech Media Server 8.2.0 – ‘Title’ Cross-Site Scripting (XSS)
Sonicwall SonicOS 7.0 – Host Header Injection
This Metasploit module will generate a plugin which can receive a malicious payload request and upload it to a server running Moodle provided valid admin credentials are used. Then the…
Aviatrix Controller versions 6.x prior to 6.5-1804.1922 shell upload exploit that leverages a directory traversal vulnerability.
Cypress Solutions CTM-200/CTM-ONE suffers from a hard-coded credential remote root vulnerability via telnet and ssh.