TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)
>> AUTHOR: deepcore
TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)
Baby Care System 1.0 – ‘roleid’ SQL Injection
Academy LMS version 4.3 suffers from a persistent cross site scripting vulnerability.
Spiceworks version 7.5 suffers from an HTTP header injection vulnerability.
WordPress Contact Form 7 plugin version 5.3.1 suffers from a remote shell upload vulnerability.
Spotweb version 1.4.9 suffers from a remote SQL injection vulnerability. Related CVE number: CVE-2020-35545.
SCO Openserver version 5.0.7 suffers from a cross site scripting vulnerability.
Queue Management System version 4.0.0 suffers from a persistent cross site scripting vulnerability.
SCO Openserver version 5.0.7 suffers from a command injection vulnerability.
Point of Sale System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.