GetSimple CMS My SMTP Contact Plugin 1.1.1 – CSRF to RCE
>> AUTHOR: deepcore
GetSimple CMS My SMTP Contact Plugin 1.1.1 – CSRF to RCE
Simple Student Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Native Church Website version 1.0 suffers from a remote shell upload vulnerability.
Chrome V8 Javascript Engine remote code execution zero day exploit. Google is expected to release an update to their browser on tuesday 04/14/2021 that will address this vulnerability.
ExpressVPN VPN Router version 1.0 suffers from an integer overflow vulnerability.
This Metasploit module exploits a vulnerability in the getprofile.sh script of Nagios XI versions prior to 5.6.6 in order to upload a malicious check_ping plugin and thereby execute arbitrary commands….
The access limit check for non-local admins when accessing the SCM remotely can be bypassed by requesting MAXIMUM_ALLOWED, leading to gaining access to start services etc.
Blitar Tourism version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Digital Crime Report Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
jQuery version 1.0.3 suffers from a cross site scripting vulnerability.