Wing FTP Server 4.3.8 – Remote Code Execution (RCE) (Authenticated)
Wing FTP Server 4.3.8 – Remote Code Execution (RCE) (Authenticated)
WordPress Plugin International Sms For Contact Form 7 Integration V1.2 – Cross Site Scripting (XSS)
Hospital Management System 4.0 – ‘multiple’ SQL Injection
FileBrowser 2.17.2 – Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)
Hotel Reservation System 1.0 – SQLi (Unauthenticated)
Strapi CMS 3.0.0-beta.17.4 – Set Password (Unauthenticated) (Metasploit)
WordPress IP2Location Country Blocker plugin version 2.26.7 suffers from a persistent cross site scripting vulnerability.
FLAME II MODEM USB suffers from an unquoted service path vulnerability.
This Metasploit module exploits an authentication bypass in Servisnet Tessa, triggered by add new sysadmin user. The app.js is publicly available which acts as the backend of the application. By…
This Metasploit module exploits an MQTT credential disclosure vulnerability in Servisnet Tessa. The app.js is publicly available which acts as the backend of the application. By exposing a default value…