This Metasploit module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as…
Client Management System version 1.1 suffers from a persistent cross site scripting vulnerability.
Client Management System version 1.1 suffers from a remote SQL injection vulnerability.
A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged…
http://www.banyanglocal.go.th notified by Xyp3r2667
http://www.nongchaisri.go.th notified by Xyp3r2667
Disk Sorter Server 13.6.12 – ‘Disk Sorter Server’ Unquoted Service Path
DiskPulse 13.6.14 – ‘Multiple’ Unquoted Service Path
A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged…
Spy Emergency version 25.0.650 suffers from an unquoted service path vulnerability.