This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware…
>> CATEGORY: exploit
JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.
Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.
Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.
Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.
Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.
Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.
WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.
Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.
Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.