This Metasploit module exploits an unauthenticated command injection in a variety of Hikvision IP cameras (CVE-2021-36260). The module inserts a command into an XML payload used with an HTTP PUT…
>> CATEGORY: exploit
Casdoor version 1.13.0 suffers from a remote SQL injection vulnerability.
This Metasploit module exploits the “Apps” feature in Axis IP cameras. The feature allows third party developers to upload and execute eap applications on the device. The system does not…
A vulnerability exists within win32k that can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. The flaw exists in how the WndExtra field of a…
Dahua ToolBox version 1.010.0000000.0 suffers from a dll hijacking vulnerability.
WordPress Photoswipe Masonry Gallery plugin version 1.2.14 suffers from a persistent cross site scripting vulnerability.
Technitium Installer version 4.4 suffers from a dll hijacking vulnerability.
Bank Management System version 1.0 suffers from a remote SQL injection vulnerability.
This Metasploit module allows remote attackers to execute arbitrary code on Exchange Server 2019 CU10 prior to Security Update 3, Exchange Server 2019 CU11 prior to Security Update 2, Exchange…
Wondershare MirrorGo version 2.0.11.346 suffers from an insecure permissions vulnerability.