Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is…
>> CATEGORY: exploit
This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.
RockstarService.exe suffers from an insecure file permissions vulnerability.
Simple Traffic Offense System version 1.0 suffers from a persistent cross site scripting vulnerability.
Simple Food Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
OpenEMR version 4.1.0 remote SQL Injection exploit.
Trojan.Win32.Sharer.h malware suffers from a code execution vulnerability.
Basic Shopping Cart version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Mini Mouse version 9.2.0 suffers from a remote code execution vulnerability.
Trojan.Win32.Sharer.h malware suffers from a man-in-the-middle vulnerability.