NukeViet VMS version 4.4.00 suffers from a cross site request forgery vulnerability.
>> CATEGORY: exploit
Submitty version 20.04.01 suffers from a persistent cross site scripting vulnerability.
PHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.
Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability.
vBulletin version 5.6.1 suffers from a remote SQL injection vulnerability.
ManageEngine Service Desk version 10.0 suffers from a cross site scripting vulnerability.
SecureCRT suffers from a memory corruption vulnerability in CSI functions.
ACal version 2.2.6 suffers from a one-click remote code execution vulnerability.
Compass Security identified a security feature bypass vulnerability in Microsoft Windows. Due to the absence of integrity verification requirements for the RPC protocol and in particular the Task Scheduler, a…
ManageEngine AssetExplorer versions prior to 6.5 (6503) suffer from an authenticated remote command execution vulnerability.