FreeSWITCH versions 1.10.6 and below suffer from a SIP flooding denial of service vulnerability.
>> CATEGORY: exploit
Online Student Admission System version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.
WordPress Media-Tags plugin version 3.2.0.2 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all…
WordPress Ninja Tables plugin version 4.1.7 suffers from a persistent cross site scripting vulnerability.
FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities.
WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.
Gestionale Open version 11.00.00 suffers from a local privilege escalation vulnerability.
FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.
FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.