An independent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official Y-R-S Content Management System 2015Q4.
>> CATEGORY: exploit
TUDU versions 0.82 and below suffer from a buffer overflow vulnerability.
TACK versions 1.07 and below suffer from a buffer overflow vulnerability.
The WordPress i1.wp.com site can be abused to make arbitrary HTTP requests to other sites.
A vulnerability exists managing a shadow stack in ESET Antivirus. It allows complete remote root/SYSTEM command execution on all ESET platforms and products.
Sam Spade version 1.14 S-Lang command field SEH overflow exploit.
POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.
This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without…
This Metasploit module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by…
This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9