Croogo version 3.0.2 suffers from a remote shell upload vulnerability.
>> CATEGORY: exploit
Croogo version 3.0.2 suffers from a remote shell upload vulnerability.
Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead.
Cibele Thinfinity VirtualUI version 2.5.41.0 suffers from a user enumeration vulnerability.
Chrome suffers from a heap use-after-free vulnerability in ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread.
Chrome suffers from a site isolation bypass vulnerability in NavigationPreloadRequest.
log4j-payload-generator is a plugin for the woodpecker framework to produce log4 jndi injection vulnerability payload. Five types of payloads can be produced with one click.
If you are curious about web application firewall (WAF) bypass payloads that can be leveraged to exploit the log4j2 code execution vulnerability, you should look at this tool.
Oliver Library Server 5 versions prior to 8.00.008.053 suffer from an arbitrary file download vulnerability.
Simple Cold Storage Management System version 1.0 suffers from a remote SQL injection vulnerability.
OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality.