PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.
>> CATEGORY: exploit
This Metasploit module exploits the mishandling of a password reset in JSON for Strapi CMS version 3.0.0-beta.17.4 to change the password of a privileged user.
This Metasploit module uses QEMU’s Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0…
Chrome suffers from making use of an uninitialized on-stack pointer in storage::BlobBuilderFromStream.
Backdoor.Win32.Small.er malware suffers from a code execution vulnerability.
Hospital Management System version 4.0 suffers from multiple remote SQL injection vulnerabilities. Original discovered of SQL injection in this version is attributed to Metin Yunus Kandemir in January of 2020.
WordPress International SMS for Contact Form 7 Integration plugin version 1.2 suffers from a cross site scripting vulnerability.
WordPress IP2Location Country Blocker plugin version 2.26.7 suffers from a persistent cross site scripting vulnerability.
FLAME II MODEM USB suffers from an unquoted service path vulnerability.
This Metasploit module exploits an authentication bypass in Servisnet Tessa, triggered by add new sysadmin user. The app.js is publicly available which acts as the backend of the application. By…