PHPKB Multi-Language 9 suffers from an image-upload.php remote authenticated code execution vulnerability.
>> AUTHOR: deepcore
This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the…
Rconfig 3.x – Chained Remote Code Execution (Metasploit)
ManageEngine Desktop Central – Java Deserialization (Metasploit)
CoronaBlue aka SMBGhost proof of concept exploit for Microsoft Windows 10 (1903/1909) SMB version 3.1.1. This script connects to the target host, and compresses the authentication request with a bad…
Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.
Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities.
Enhanced Multimedia Router 3.0.4.27 – Cross-Site Request Forgery (Add Admin)
PHPKB Multi-Language 9 – Authenticated Directory Traversal
MiladWorkShop VIP System 1.0 – ‘lang’ SQL Injection