Apartment Visitor Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
>> AUTHOR: deepcore
WordPress Download From Files plugin version 1.48 suffers from a remote shell upload vulnerability.
Active WebCam version 11.5 suffers from an unquoted service path vulnerability.
Purchase Order Management System version 1.0 suffers from a remote shell upload vulnerability.
Facebook ParlAI version 1.0.0 suffers from a deserialization vulnerability that can allow for code execution.
Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload.
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially…
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.
Support Board 3.3.3 – ‘Multiple’ SQL Injection (Unauthenticated)