>> TAG: #remote exploit

PHP-Fusion 9.03.00 – ‘Edit Profile’ Remote Code Execution (Metasploit)

PasteShr 1.6 – Multiple SQL Injection

Schneider Electric U.Motion Builder 1.3.4 – ‘track_import_export.php object_id’ Unauthenticated Command Injection

SpotMSN 2.4.6 – Denial of Service (PoC)

DNSS 2.1.8 – Denial of Service (PoC)

SOCA Access Control System 180612 – Information Disclosure

SOCA Access Control System 180612 – Cross-Site Request Forgery (Add Admin)

XOOPS 2.5.9 – SQL Injection

Google Chrome V8 – Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write

OpenProject 5.0.0 – 8.3.1 – SQL Injection