Anuko Time Tracker version 1.19.23.5311 suffers from an implementation flaw where password reset emails can be continuously triggered against unsuspecting users.

ReadyTalk Avian JVM versions 1.2.0 before 27th October 2020 suffer from a FileOutputStream.write() integer overflow vulnerability.

This Metasploit module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta in order to execute arbitrary commands. The module first attempts to authenticate to HorizontCMS. It then tries to…

This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.

This Metasploit module performs an authentication brute forcing attack against the panel in Bludit version 3.9.2.

This Metasploit module exploits a code execution vulnerability within the ASUS TM-AC1900 router as an authenticated user. The vulnerability is due to a failure filter out percent encoded newline characters…

Water Billing System version 1.0 suffers from a remote SQL injection vulnerability.

WordPress Good LMS plugin versions 2.1.4 and below suffer from a remote SQL injection vulnerability.

This Metasploit module exploits an authentication bypass and command injection in SaltStack Salt’s REST API to execute commands as the root user. The following versions have received a patch: 2015.8.10,…