GFI Mail Archiver versions 15.1 and below Telerik UI component unauthenticated arbitrary file upload exploit.
>> CATEGORY: exploit
GFI Mail Archiver versions 15.1 and below Telerik UI component unauthenticated arbitrary file upload exploit.
Apache OfBiz version 17.12.01 exploit that achieves remote command execution via unsafe deserialization of XMLRPC arguments.
Riak runs as an Erlang service configured with a default cookie of riak that allows for remote command execution if not modified before use.
WordPress WP Customize Login plugin version 1.1 suffers from a persistent cross site scripting vulnerability.
Client Management System version 1.1 suffers from a persistent cross site scripting vulnerability. This is a variant from the discovery of persistent cross site scripting in this version originally found…
qdPM version 9.2 discloses the password and connection string for the database in an internet-accessible file.
qdPM version 9.2 discloses the password and connection string for the database in an internet-accessible file.
Hotel Management System version 1.0 exploit that leverages a blind cross site scripting attack against the admin to have a reverse PHP shell uploaded.
Hotel Management System version 1.0 exploit that leverages a blind cross site scripting attack against the admin to have a reverse PHP shell uploaded.