Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.
>> CATEGORY: exploit
TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the…
Microsoft SQL Server Reporting Services 2016 suffers from a remote code execution vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication is required to exploit this vulnerability. Additionally, the target user must have the “Data…
This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there…
Proof of concept exploit for the Windows Zerologon vulnerability as noted in CVE-2020-1472. By default, it changes the password of the domain controller account.
Piwigo version 2.10.1 suffers from a cross site scripting vulnerability.
Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
1CRM versions 8.6.7 and below suffer from an insecure direct object reference vulnerability.
This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter…