Microweber CMS 1.1.20 – Remote Code Execution (Authenticated)
>> AUTHOR: deepcore
Microweber CMS 1.1.20 – Remote Code Execution (Authenticated)
http://www.manangdalam.go.th/ngenk.htm notified by Xyp3r2667
Voting System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Syed Sheeraz Ali…
Sandboxie Plus version 0.7.4 suffers from an unquoted service path vulnerability.
Sandboxie version 5.49.7 suffers from a denial of service vulnerability.
Android suffers from memory disclosure, out-of-bounds write, and double-free vulnerabilities in NFC’s Felica tag handling.
Voting System version 1.0 suffers from a remote shell upload vulnerability.
Human Resource Information System version 0.1 suffers from a remote code execution vulnerability.
Epic Games Easy Anti-Cheat version 4.0 suffers from a local privilege escalation vulnerability.
WifiHotSpot version 1.0.0.0 suffers from an unquoted service path vulnerability.