>> CATEGORY: exploit

ClipperCMS version 1.3.3 suffers from a cross site request forgery vulnerability.

Webiness Inventory version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

SwitchVPN for MacOS version 2.1012.03 suffers from a privilege escalation vulnerability.

Webiness Inventory version 2.3 suffers from a remote SQL injection vulnerability.

SIPve version 0.0.2-R19 suffers from a remote SQL injection vulnerability.

Maitra Mail Tracking System version 1.7.2 suffers from remote SQL injection and database file download vulnerabilities.

Alive Parish version 2.0.4 suffers from remote file upload and remote SQL injection vulnerabilities.

OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.

SwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability.

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access…