FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.
>> CATEGORY: exploit
FlexAir Access Control version 2.3.38 authenticated remote root exploit that leverages command injection via a SetNTPServer request.
This Metasploit module exploits a command injection vulnerability in the Linear eMerge E3 Access Controller.
Prima Access Control version 2.3.35 suffers from a persistent cross site scripting vulnerability.
Prima Access Control version 2.3.35 authenticated python script upload remote root code execution exploit.
This Metasploit module has been tested with AIX 7.1 and 7.2, and should also work with 6.1. Due to permission restrictions of the crontab in AIX, this module does not…
This Metasploit module exploits a post-auth command injection in the Pulse Secure VPN server to execute commands as root. The env(1) command is used to bypass application whitelisting and run…
This Metasploit module exploits a vulnerability in Bludit. A remote user could abuse the uuid parameter in the image upload feature in order to save a malicious payload anywhere onto…
GCafe version 3.0 suffers from a gbClienService unquoted service path vulnerability.
PunBB with SQLite appears to store its database within the webroot, allowing it to be retrieved by attackers.