WordPress Photo Album plugin versions 5.4.3 through 5.4.4 suffer from multiple cross site scripting vulnerabilities.
c38d7002e32eb064b1714abb53b8e2a9009080e41e1a14a2eb784e026081cc25
Travel Portal II version 6.0 suffers from a cross site request forgery vulnerability.
62a86dc8112532213efcb4069d4e0905784a3f5239b1a32bb2fa868ea3dd6b04
HttpFileServer version 2.3.x suffers from a remote command execution vulnerability due to a poorly formed regex.
b3271bba3fc147d5debc54d8dbb9d30c83064441e55e54ba453b1f75c0faa5bc
This Metasploit module exploits a remote file include vulnerability in Railo, tested against version 4.2.1. First, a call using a vulnerable cffile line in thumbnail.cfm allows an attacker to download an arbitrary PNG file. By appending a .cfm, and taking advantage of a directory traversal, an attacker can append cold fusion markup to the PNG file, and have it interpreted by the server. This is used to stage and execute a fully-fledged payload.
0bbe174102c9e26fadfffb5af3c7e341a378b56297c9ad11a3b67c73f86ebcd0
This Metasploit module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer. The vulnerability exists in the agentUpload servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses a remote attacker can achieve remote code execution. This Metasploit module has been tested successfully on versions v7.0 - v9.9 b9002 in Windows and Linux. Versions between 7.0 and < 8.1 are only exploitable via EAR deployment in the JBoss server, while versions 8.1+ are only exploitable via a JSP upload.
7a0773137d222dd2f47bbc5c83d57f0b5cff637f5610d1a372378c64bc78f404
This Metasploit module exploits an authentication bypass vulnerability in Solarwinds Storage Manager. The vulnerability exists in the AuthenticationFilter, which allows to bypass authentication with specially crafted URLs. After bypassing authentication, is possible to use a file upload function to achieve remote code execution. This Metasploit module has been tested successfully in Solarwinds Store Manager Server 5.1.0 and 5.7.1 on Windows 32 bits, Windows 64 bits and Linux 64 bits operating systems.
8e0158bd6ed6894515f4b2ee12c6dea89374d232c9a98949f115bcf2c61c7927
ChatSecure IM version 2.2.4 suffers from a script insertion vulnerability.
a1d63992776f6b160baadca0cf9825cb09885083022c371a9e0bcecbe4a38c27
Photorange version 1.0 suffers from a local file inclusion vulnerability.
75bef9925a77ffb1dc427868354508f7fe746ca675fc20a44c20d9fc5c720bf1
OroCRM suffers from a persistent cross site scripting vulnerability.
84996ee9bc53114b04b4bfff8064bb94359d641af5420bd761a209d98f948364
Joomla Spider Contacts component versions 1.3.6 and below suffer from a remote SQL injection vulnerability.
6f2b86284ad1bc99c5954d40a1047c2cb0cd6f5aac20f3b8cf5d551b4f32d770
CacheGuard-OS version 5.7.7 suffers from multiple cross site request forgery vulnerabilities.
459f37638c449ea360876b291a388b718f1d4252975336fd9366554089060d02
WordPress Rich Counter plugin version 1.1.5 suffers from a cross site scripting vulnerability.
006080048611c01cb0a9e987ef452fec1eeee62b4f9ad4df9861ce4edcb36a52
Onlineon E-Ticaret suffers from a database disclosure vulnerability.
cfa73c040d0c831090d58647a0ba836c68cf4b2b36a576978373e171edbb5ab9
WordPress Trinity theme suffers from an arbitrary file download vulnerability.
2898b961fbfdbf532d108cdb1195b27dc02b27340397a68d194636f607f4125b
Airties Air6372SO modem web interface suffers from a cross site scripting vulnerability.
357e487a72b1b83c1f56a9ebab4312db1bee5c4bc581cc35b93289e73b431a01
This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine DesktopCentral v7 to v9 build 90054 (including the MSP versions). A malicious user can upload a JSP file into the web root without authentication, leading to arbitrary code execution as SYSTEM. Some early builds of version 7 are not exploitable as they do not ship with a bundled Java compiler.
3f00913148c06a584d92ce2a97c94e9b52e8665ae0cc5ea1934eb1b11d43053a
This Metasploit module attempts to execute an arbitrary payload on a loose gdbserver service.
22f9dfcd1753eef9d08e04be2668d3d18e028c7c2608acca1cfc555f0e9e7004
Alcasar versions 2.8 and below remote root command execution exploit.
d1c8179bd9e01b76a237b47bd35f1178f37edcdb81f143fa85e1be5913be2872
Joomla Spider Calendar component versions 3.2.6 and below suffer from a remote authenticated SQL injection vulnerability.
b2f23c07b9823a2b8e3c2c8f67c97ec1a0c328ca5c972a2d9a04edf32244055c
Loaded Commerce 7 shopping cart/online store suffers from a systemic vulnerability in its query factory, allowing attackers to circumvent user input sanitizing to perform remote SQL injection.
bc6c0793f0b1ad0e2f4281bcd1c2cc29d75921c3c2de9a5a7d02ed243ff40765
WordPress Antioch theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data.
2b12727a6b9750cf997f7294938d75876289238f5c437e1c5bbe279593a9373e
WordPress Authentic theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data.
3fb05a1ff5059197a68b63f8a42972fadb202c1f37a2eb251656ffd7ab5ba15f
WordPress Epic theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data.
872ea7f538647ff21665de1428558d1475096061e8f26fe1188f7371aea4bd8c
WordPress Urban City theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data.
c428200eaeadf73d90d6a9c19f0a9f6bbea9fdbc425190ad9733733f38c59da2
WordPress Spider Facebook plugin version 1.0.8 suffers from a remote authenticated SQL injection vulnerability.
6b3381dcc55b2273beff5e079cefcf1f80c1edc3c067ef48167f2486c82ea018