Online Scheduling System version 1.0 suffers from a remote SQL injection vulnerability.
>> AUTHOR: deepcore
PhreeBooks ERP version 5.2.5 suffers from a remote command execution vulnerability.
SimplePHPGal version 0.7 suffers from a remote file inclusion vulnerability.
WordPress WooCommerce Advanced Order Export plugin version 3.1.3 suffers from a cross site scripting vulnerability.
NEC Electra Elite IPK II WebPro version 01.03.01 suffers from a session enumeration vulnerability.
Saltstack version 3000.1 suffers from a remote code execution vulnerability.
webERP version 4.15.1 suffers from an unauthenticated backup file disclosure vulnerability.
ATutor LMS version 2.2.4 suffers from having a weak password reset hash.
This Metasploit module exploits an authenticated OS command injection vulnerability found in Trixbox CE versions 1.2.0 through 2.8.0.4 inclusive in the network POST parameter of the /maint/modules/endpointcfg/endpoint_devicemap.php page. Successful exploitation…
This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual…