This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code…
>> AUTHOR: deepcore
Remote command execution exploit for Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 which have a web interface called AlphaWeb XE that allows for a remote shell upload.
Evolution CMS version 3.1.6 authenticated remote code execution exploit.
AHSS-PHP version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Support Board version 3.3.3 suffers from a remote SQL injection vulnerability.
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…
ImpressCMS 1.4.2 – Remote Code Execution (RCE) (Authenticated)
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…
http://kpp.nfe.go.th/kurd.html notified by 0x1998
Men Salon Management System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.