Hasura GraphQL version 1.3.3 suffers from an arbitrary file read vulnerability.
>> CATEGORY: exploit
Tenda versions D151 and D301 configuration downloading exploit.
Adtran Personal Phone Manager version 10.8.1 suffers from multiple reflective cross site scripting vulnerabilities.
Adtran Personal Phone Manager version 10.8.1 suffers from a persistent cross site scripting vulnerability.
Hasura GraphQL version 1.3.3 suffers from a denial of service vulnerability.
OpenEMR version 5.0.2.1 remote code execution exploit that drops in a reverse shell.
This Metasploit module exploits an OS command injection vulnerability in includes/components/nxti/index.php that enables an authenticated user with admin privileges to achieve remote code execution as the apache user. Valid credentials…
This Metasploit module exploits two NoSQL injection vulnerabilities to retrieve the user list and password reset tokens from the system. Next, the USER is targeted to reset their password. Then,…
Adtran Personal Phone Manager version 10.8.1 suffers from a DNS exfiltration vulnerability.
This Metasploit module exploits an arbitrary configuration write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav…