This Metasploit module exploits a PHP object injection vulnerability in Magento 2.0.6 or prior.
0f4a54fd7327964f36b2aa61027c88bb06c66470231cb05fee46900549f0def5
This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9
3d697e9884f896d99ec27c73b56469d04ac0450703c51290468ce41cd7c38ae0
Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.
9b1272725e4045835294ef9f644a6664c5657f9a14374d95b6685f5bdc61cc69
TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution.
850efe714be5e6548a264c1cce672a60aa1ae5a53559548aa9e9d66cf64f53b5
Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.
0d0e7c27532f6562403faf6ddb1249c6fce16ba6525feadfe7c92217191a6748
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.
853d2b2d7b1ab2575d40f73544cf31c3010f47bbfc35b70e1a2faa0dfdf9204d