1CRM On-Premise Software version 8.5.7 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
Microsoft Windows suffers from a PowerShell unsanitized filename command execution vulnerability.
This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking….
WebIncorp ERP suffers from a remote SQL injection vulnerability. All versions as of 08/01/2019 are supposedly affected.
Cisco Catalyst 3850 Series Device Manager version 3.6.10E suffers from a cross site request forgery vulnerability.
Ultimate Loan Manager version 2.0 suffers from a persistent cross site scripting vulnerability.
This archive contains all of the 146 exploits added to Packet Storm in July, 2019.
D-Link 6600-AP suffers from cross site scripting, key extraction, shell escape, config file disclosure, and denial of service vulnerabilities.
Oracle Hyperion Planning version 11.1.2.3 suffer from an XML external entity injection vulnerability.
JSC suffers from a data mishandling bug in ytecodeGenerator::emitEqualityOpImpl.