Library Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
>> CATEGORY: exploit
Flexmonster Pivot Table and Charts version 2.7.17 suffers from multiple cross site scripting vulnerabilities.
This Metasploit module exploits a stack-based buffer overflow in the Solaris PAM library’s username parsing code, as used by the SunSSH daemon when the keyboard-interactive authentication method is specified. Tested…
GitLab version 11.4.7 authenticated remote code execution exploit.
Grav CMS version 1.6.30 with Admin plugin version 1.9.18 suffers from a persistent cross site scripting vulnerability.
Raysync version 3.3.3.8 suffers form a remote code execution vulnerability.
Magic Home Pro version 1.5.1 suffers from an authentication bypass vulnerability.
PrestaShop ProductComments version 4.2.0 suffers from a remote blind SQL injection vulnerability.
There is an out-of-bounds write vulnerability when decoding a malformed PICT image on macOS. The vulnerability has been confirmed on the latest stable macOS version.
Online Marriage Registration System version 1.0 authenticated remote code execution exploit. Original discovery of remote code execution in this version was discovered by Selim Enes Karaduman.