WordPress Ultimate Member plugin version 2.0.38 suffers from a cross site request forgery vulnerability.
>> CATEGORY: exploit
Fiverr Clone Script version 1.2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
CentOS Web Panel version 0.9.8.78 suffers from a persistent cross site scripting vulnerability.
This Metasploit module combines an information disclosure (CVE-2019-1653) and a command injection vulnerability (CVE-2019-1652) together to gain unauthenticated remote code execution on Cisco RV320 and RV325 small business routers. Can…
Masch CMStudio Banners module version 8.6.1 suffers from an open redirection vulnerability.
WordPress Form Builder plugin version 1.0 suffers from a database disclosure vulnerability.
Magento versions 2.2.0 through 2.3.0 unauthenticated remote SQL injection exploit.
Pydio 8 suffers from cross site scripting, command injection, and various other vulnerabilities.
WordPress AND-AntiBounce plugin version 1.0.3 suffers from an open redirection vulnerability.