Tag: remote exploit

[webapps] Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

[webapps] Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

[local] dnsrecon 0.10.0 – CSV Injection

[webapps] WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

[webapps] WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

[webapps] ECSIMAGING PACS 6.21.5 – Remote code execution

[webapps] Employee Record System 1.0 – Unrestricted File Upload to Remote Code Execution

[webapps] Cockpit CMS 0.6.1 – Remote Code Execution

[webapps] Curfew e-Pass Management System 1.0 – Stored XSS

[webapps] iBall-Baton WRA150N Rom-0 Backup – File Disclosure (Sensitive Information)