CAYIN SMP-xxxx suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the…
>> CATEGORY: exploit
Navigate CMS version 2.8.7 suffers from a cross site request forgery vulnerability.
CAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through…
VMWare vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability.
CAYIN xPost version 2.5 suffers from an unauthenticated SQL injection vulnerability. Input passed via the GET parameter wayfinder_seqid in wayfinder_meeting_input.jsp is not properly sanitised before being returned to the user…
This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3…
This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload – Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can…
Clinic Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability.
OpenCart version 3.0.3.2 suffers from a persistent cross site scripting vulnerability.