SAP SAProuter suffers from an improper access control vulnerability where permitting loopback traffic can lead to unexpected behavior.
>> CATEGORY: exploit
This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS…
SAPControl Web Service Interface (sapstartsrv) suffers from a privilege escalation vulnerability via a race condition.
This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affects Gitea versions prior to…
News247 News Magazine version 1.0 suffers from a persistent cross site scripting vulnerability.
WordPress WPGateway plugin versions 3.5 and below suffer from an unauthenticated privilege escalation vulnerability.
Rocket LMS version 1.6 suffers from a remote shell upload vulnerability.
Rocket LMS version 1.6 suffers from a cross site scripting vulnerability.
Academy Learning Management System version 5.7 suffers from a remote shell upload vulnerability.
Due to JMX/RMI services in TIBCO JasperReports Server version 8.0.2 Community Edition performing unsafe deserialization, it is possible to execute arbitrary code and system commands on the server system.