Daily Expenses Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
>> AUTHOR: deepcore
Daily Expenses Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Daniel Ortiz.
Daily Expenses Management System version 1.0 suffers from a cross site request forgery vulnerability.
Online Shopping Alphaware version 1.0 suffers from a cross site request forgery vulnerability.
Online Shopping Alphaware version 1.0 suffers from an arbitrary file upload vulnerability.
Online Shopping Alphaware version 1.0 suffers from an unauthorized administrative functionality access vulnerability.
Victor CMS version 1.0 suffers from a search remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to BKpatron.
This Metasploit module escapes from a privileged Docker container and obtains root on the host machine by abusing the Linux cgroup notification on release feature. This exploit should work against…
All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
Daily Expenses Management System 1.0 – ‘item’ SQL Injection