School Event Attendance Monitoring System version 1.0 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
SolarWinds Serv-U FTP Server versions through 15.2.1 do not correctly sanitize and validate the user-supplied directory names, allowing malicious users to create directories that when clicked on (in the breadcrumb…
Huawei MBAMainService suffers from an unquoted service path vulnerability.
PEEL Shopping version 9.3.0 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Augudor.a malware suffers from a code execution vulnerability.
Online Marriage Registration System (OMRS) version 1.0 remote code execution exploit. Original discovery of remote code execution in this version was discovered by Selim Enes Karaduman in June of 2020.
Openlitespeed WebServer version 1.7.8 remote command injection exploit. Original discovery of command injection in this version is attributed to cm0s from SunCSR in January of 2021.
Backdoor.Win32.BackAttack.18 malware suffers from a missing authentication vulnerability that can allow for remote screenshots, system restart, and more.
Node.JS node-serialize remote code execution exploit.
Backdoor.Win32.Aphexdoor.LiteSock malware suffers from a buffer overflow vulnerability.