This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code…
>> CATEGORY: exploit
Remote command execution exploit for Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 which have a web interface called AlphaWeb XE that allows for a remote shell upload.
Evolution CMS version 3.1.6 authenticated remote code execution exploit.
AHSS-PHP version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Support Board version 3.3.3 suffers from a remote SQL injection vulnerability.
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…
elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg() php…
Men Salon Management System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Apartment Visitor Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
WordPress Download From Files plugin version 1.48 suffers from a remote shell upload vulnerability.