Fastly suffers from the poor practice of sending a temporary password in plaintext.
>> CATEGORY: exploit
This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve…
This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve…
Purchase Order Management version 1.0 suffers a remote shell upload vulnerability. Flow details to achieve this are shown in the video link provided.
Wondershare Dr Fone version 12.9.6 suffers from a weak service permission vulnerability that can allow for privilege escalation.
Webpower UPS version 5.53 suffers from an HTTP denial of service vulnerability.
Real Time Automation 460MCBS version 5.2.14 suffers from a cross site scripting vulnerability.
Real Time Automation 460MCBS version 5.2.14 suffers from a cross site scripting vulnerability.
OpenBSD version 7.2 suffers from an overflow vulnerability. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very large value, which will cause an overflow in…
ZwiiCMS version 12.2.04 suffers from an authenticated remote code execution vulnerability.