COVID19 Testing Management System version 1.0 suffers from a remote SQL injection vulnerability leveraging the searchdata parameter on the patient-search-report.php page. This is a variant of the original discovery of…
RATES SYSTEM version 1.0 suffers from a remote SQL injection vulnerability.
This Metasploit module can be used to upload a plugin on Atlassian Cloud via the pdkinstall development plugin as an unauthenticated attacker. The payload is uploaded as a JAR archive…
Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenticated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at…
Simple Image Gallery System 1.0 – ‘id’ SQL Injection
easy-mock 1.6.0 – Remote Code Execution (RCE) (Authenticated)
4images 1.8 – ‘limitnumber’ SQL Injection (Authenticated)
Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenticated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at…
Trojan-Proxy.Win32.Raznew.gen malware suffers from an unauthenticated open proxy vulnerability.
Backdoor.Win32.IRCBot.gen malware suffers from a hardcoded credential vulnerability.