PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through “cli” parameter that is directly used to invoke “ayecli” binary. Vulnerable firmwares…
Nordex N149/4.0-4.5 Wind Turbine Web Server suffers from a remote SQL injection vulnerability.
Siemens SIMATIC S7-1200 suffers from a CPU functionality related cross site request forgery vulnerability.
ERPnext version 11.x.x suffers from a cross site scripting vulnerability.
Teradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.
NewsBee CMS version 1.4 suffers from a remote SQL injection vulnerability in home-text-edit.php.
Teradek Cube version 7.3.6 suffers from a password changing cross site request forgery vulnerability.
Teradek Slice version 7.3.15 suffers from a password changing cross site request forgery vulnerability.
PaulPrinting CMS Printing version 1.0 suffers from a remote SQL injection vulnerability.