Cockpit CMS versions prior to 0.6.1 suffer from a remote code execution vulnerability.
>> AUTHOR: deepcore
OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.
Curfew e-Pass Management System version 1.0 suffers from a cross site scripting vulnerability.
dnsrecon version 0.10.0 suffers from a CSV injection vulnerability.
ECSIMAGING PACS version 6.21.5 suffers from a remote SQL injection vulnerability.
Online Doctor Appointment System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Backdoor.Win32.Agent.dcbh malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.
Cockpit version 234 suffers from an unauthenticated server-side request forgery vulnerability.
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin version 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and…
Backdoor.Win32.Xtreme.yvp malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.