Vembu BDR version 4.2.0.1 U1 suffers from multiple unquoted service path vulnerabilities.
>> CATEGORY: exploit
Monitoring System (Dashboard) version 1.0 suffers from multiple remote code execution vulnerabilities that can be leveraged by malicious shells being uploaded.
QCubed versions 3.1.1 and below suffer from a remote SQL injection vulnerability.
QCubed versions 3.1.1 and below suffer from a PHP object injection vulnerability.
Monitoring of Students Cyber Accounts System version 1.0 suffers from a remote SQL injection vulnerability.
Monitoring System (Dashboard) version 1.0 suffers from a remote SQL injection vulnerability.
Microsoft Windows kernel suffers from a use-after-free of the PDEVOBJ object via a race condition vulnerability in NtGdiGetDeviceCapsAll.
ForkCMS versions prior to 5.8.3 suffer from a PHP object injection vulnerability.
QCubed versions 3.1.1 and below suffer from a cross site scripting vulnerability.
This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.