ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution.
>> CATEGORY: exploit
KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using…
iMessage suffers from a heap overflow vulnerability when deserializing a URL. This affects Macs only.
CentOS Control Web Panel (CWP) versions 0.9.8.836 through 0.9.8.840 suffer from a user enumeration vulnerability.
CentOS Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability.
CentOS Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.
Active PHP Bookmarks version 1.3 suffer from a cookie_auth error-based remote SQL injection vulnerability.
ARMBot Botnet arbitrary code execution exploit.
Sar2HTML version 3.2.1 suffers from a remote code execution vulnerability.
Rest Cafe and Restaurant Website CMS suffers from a remote SQL injection vulnerability.