Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)
>> TAG: #remote exploit
Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)
Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)
dnsrecon 0.10.0 – CSV Injection
WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)
WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)
ECSIMAGING PACS 6.21.5 – Remote code execution
Employee Record System 1.0 – Unrestricted File Upload to Remote Code Execution
Cockpit CMS 0.6.1 – Remote Code Execution
Curfew e-Pass Management System 1.0 – Stored XSS
iBall-Baton WRA150N Rom-0 Backup – File Disclosure (Sensitive Information)