WordPress HS Brand Logo Slider plugin version 2.1 suffers from a remote shell upload vulnerability.
>> AUTHOR: deepcore
User Registration and Login and User Management System with admin panel version 2.1 suffers from a persistent cross site scripting vulnerability.
Visitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.
This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is…
WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.
WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module…
School Faculty Scheduling System 1.0 – Stored Cross Site Scripting POC
School Faculty Scheduling System 1.0 – Authentication Bypass POC
GOautodial 4.0 – Authenticated Shell Upload