This Metasploit module exploits an unauthenticated remote command execution vulnerability that affects Chamilo versions 1.11.18 and below. Due to a functionality called Chamilo Rapid to easily convert PowerPoint slides to courses on Chamilo, it is possible for an unauthenticated remote attacker to execute arbitrary commands at the OS level using a malicious SOAP request at the vulnerable endpoint /main/webservices/additional_webservices.php.
9eddd6c9a39fb97ca77aeebd1ec713969953ce2f89e609c528b4a46ca5ec152d
Moxa EDR-810 suffers from command injection and information disclosure vulnerabilities.
93e38fc3569bee3955b056de09b84048ae4fb87e813b1c03a73b32bcd0449b36
Bull / IBM AIX Clusterwatch / Watchware suffers from having trivial admin credentials, system file writes, and OS command injection vulnerabilities.
d5ea9a2e2afcd82dffc078e52492c712606d34f2aea367c7be11a1e1d36a6f0f