SAPSprint version 7.60 suffers from an unquoted service path vulnerability.
SAPSprint version 7.60 suffers from an unquoted service path vulnerability.
https://www.afrims.go.th/o.txt notified by Mr.ToKeiChun69
This Metasploit module allows an attacker with a privileged rConfig account to start a reverse shell due to an arbitrary file upload vulnerability in /lib/crud/vendors.crud.php.
Lightweight facebook-styled blog 1.3 – Remote Code Execution (RCE) (Authenticated) (Metasploit)
Simple Client Management System 1.0 – ‘uemail’ SQL Injection (Unauthenticated)
Seeddms 5.1.10 – Remote Command Execution (RCE) (Authenticated)
SAPSprint 7.60 – ‘SAPSprint’ Unquoted Service Path
Huawei dg8045 – Authentication Bypass
TP-Link TL-WR841N – Command Injection
Adobe ColdFusion 8 – Remote Command Execution (RCE)