This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the system_service.cgi file’s ntpIp Parameter. The field…
This Metasploit module exploits a remote SQL injection vulnerability in the “query” parameter found on Gila CMS version 1.1.18.1.
This Metasploit module exploits an unauthenticated remote SQL injection vulnerability in Cayin xPost versions 2.5 and below. The wayfinder_meeting_input.jsp file’s wayfinder_seqid parameter can be injected blindly. Since this app bundles…
This Metasploit module exploits a command injection vulnerability within the Agent Tesla control panel, in combination with an SQL injection vulnerability and a PHP object injection vulnerability, to gain remote…
http://necvep.go.th/1.php notified by -1
Beauty Parlour Management System 1.0 – Authentication Bypass
MJML versions 4.6.2 and below suffer from a path traversal vulnerability.
SOS JobScheduler version 1.13.3 encrypts a secret by simply using the name of a profile as the key, making it trivial to decrypt.
Gila CMS version 1.11.8 suffers from a remote SQL injection vulnerability.
TP-LINK Cloud Cameras NCXXX suffer from a DelMultiUser stack overflow vulnerability.