EdgeCore ES3526XA Manager suffers from weak credential, access bypass, and cross site request forgery vulnerabilities.
4c554624c94b5f4cf21ee4495b9c4e0f66a5180eb79df24623c95cf9103237bcWordPress Ultimate Product Catalog plugin version 3.8.6 suffers from a remote shell upload vulnerability.
d5d2b6345ca7d0fde8061b241864354a010b8de0d20146ab1dc71c6e78336944vPet Engine version 2.1 suffers from remote SQL injection and default backdoor admin account vulnerabilities.
08d39470cbc25319403472e611c9ec681e4e89fbc69cceceafd8d9dd7b97dbc9Sierra Wireless AirLink Raven XE Industrial 3G Gateway suffers from cross site request forgery, information disclosure, and remote file upload vulnerabilities.
cf133ee4a7539de41de8f9b10bd820c5bdadc47e30cbefba82a1519fcb4b5918A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system.
38a08b6ee37889a0cd9d35ed8ee32279823b97688768df81253865add1d05bf8FinderView suffers from path traversal and cross site scripting vulnerabilities.
6f0343e72d022fbf8ca84c53fac312b430c2903c7ac17c64256d39c5523fe9abXuezhuLi FileSharing suffers from a cross site request forgery vulnerability.
f60fc03551aa9903def6dd34f7141d7b2309b7088993125112f90e91777bb33fXuezhuLi FileSharing suffers from a path traversal vulnerability.
a4e2043fbe4468389cbc326931a2c4f78de8ef1102c6a13daece3a4b7aa8b215Getsimple CMS versions 3.3.10 and below suffer from a remote shell upload vulnerability.
e533c4e4ee4a7310978c28f7f540538a929f153e141561dd80c4d128d1c5fa32Dolibarr CRM versions prior to 3.9.1 suffer from a command injection vulnerability.
72598740c36ce33bbbb05e4e0c1eab2ccda56772b3cadd684a9b6e1a93d60723Quick.Cart.Ext versions 6.7 and below remote admin add cross site request forgery exploit.
cdc2fb719137f7fda0879b5a08fdda22d982ee74b7962be63484b876663356d3Tiki-Wiki CMS's calendar module contains a remote code execution vulnerability within the viewmode GET parameter. The calendar module is NOT enabled by default. If enabled, the default permissions are set to NOT allow anonymous users to access.
9131c295c6f0a87ffeed5ec24203a47294ef439eb9e76d9c596efa1d5fafc764Open-Xchange App Suite versions 7.8.1 and below suffer from an information disclosure vulnerability.
27b0e6e0ca5abeb66f30b28d40b4ac9eb51c5bb7ed4b48985aba9a1fe1586857WordPress Contus Video Comments plugin version 1.0 suffers from a remote file upload vulnerability.
4f6ec1ff49f824524c93da0857f1b6f61521cb94809158b755faa6e7a4516efaThis Metasploit module exploits a buffer overflow vulnerability found in the ls command of the PCMAN FTP version 2.0.7 Server.
c7b50b153ec04efb07018decce1a122711b94da1e8f8210a118da4147778adcfThis Metasploit module exploits a file upload vulnerability in Wolf CMS version 0.8.2. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the '/public' directory.
bb14eded63b20bf9f13fdec65b93642599468f8b8d60278a25b93898e6f4fc4bThis Metasploit module exploits an arbitrary file download vulnerability in the DarkComet C&C server versions 3.2 and up. The exploit does not need to know the password chosen for the bot/server communication.
526875de4b2f6bc5ec72d1ffc0e835dfcf46ebb40dc25640bde82c28768474fdSSHC version 5.0 is susceptible to an encrypted database content theft vulnerability.
b65f0bcd7a1b909d9cb74e42f7e28b4350fbff790f58e10c2ce3ecbc6b8ec091YetiForce CRM versions prior to 3.1 suffer from a persistent cross site scripting vulnerability.
88f77d119109097e0ff59b4bccf90941faf7911f4ad4ee8ca7d4130767c35bd8Radiant CMS version 1.1.3 suffers from multiple persistent cross site scripting vulnerabilities.
632cfe489664d2879a2526e59d8fd6d08acf732b32e77e62489c5b96fc4c47eaYona CMS version 1.3.x suffers from a cross site request forgery vulnerability.
92dec5774d0ae52f5f489ce2f3acbdb2637cdc8adacd50647918faeca2f19ad6Joomla Publisher component version 3.0.11 suffers from a remote SQL injection vulnerability.
e207bc23de7b81fa6d7bba62a85fb3af31af242aff646877284899d4eda58b47Ionize CMS versions 1.0.8 and below suffer from a cross site request forgery vulnerability.
04a53f78bc0110447c0d663c58372767475534ed26cdb901e7124c35bc4516c4SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.
3227c8ee7e5ffae4107c3102e05d6c483cc347aa6c21ed54de26dc0f839fee13SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer form an information disclosure vulnerability in WD_CHAT.
c86a0c971a9ddf7d0a42320c53175f15d4860f92751a45e80a3910f467711ef4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed