This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is…
>> CATEGORY: exploit
WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.
WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module…
Tourism Management System version 1.0 suffers from a remote shell upload vulnerability.
Nagios XI version 5.7.3 suffers from a persistent cross site scripting vulnerability.
Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.
Online Student’s Management System version 1.0 suffers from a remote shell upload vulnerability.
A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects. An attacker…
Online Discussion Forum Site version 1.0 suffers from a cross site scripting vulnerability.