Event Management version 1.0 suffers from a remote SQL injection vulnerability.
5135d01cd318616d2a8b1711363d2378d7b2686ffcd1083f2936d0248e4164fd
The util-linux wall command does not filter escape sequences from command line arguments. The vulnerable code was introduced in commit cdd3cc7fa4 (2013). Every version since has been vulnerable. This allows unprivileged users to put arbitrary text on other users terminals, if mesg is set to y and wall is setgid. CentOS is not vulnerable since wall is not setgid. On Ubuntu 22.04 and Debian Bookworm, wall is both setgid and mesg is set to y by default.
c3644f61b4f68f9fafd4782ffb69bd4b73d2b6ff8ac981711c3329c0a8408077
The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection.
2a13323836730c890a63f333a24fcfb62637513c16193386327b7be986133bb0
FusionPBX suffers from a session fixation vulnerability.
80babf076c9e7398fb72180f2da01bce706e004dd86503ce23c6645034cb5d21
Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability.
265530e02c210729e3640de0f5f23192ea5b21cae936f5ed87be61a93898f695
Purei CMS version 1.0 suffers from a remote SQL injection vulnerability.
49145a8ded157d117fc08cb54211098512a41f3d792bba94457249d4e633af9c
Workout Journal App version 1.0 suffers from a persistent cross site scripting vulnerability.
4b4377b2f91858e8fe3f26542f71de50ed7f461bf1202b6e0d6ab51cb382144f
LMS PHP version 1.0 suffers from a remote SQL injection vulnerability.
049c8de17cf497bf303930585481eadeb964f519906d25f2f09f96d1d4f41c47
Asterisk AMI version 18.20.0 suffers from authenticated partial file content and path disclosure vulnerabilities.
616b45986a6e97b2ba327758ffa9a1c224a4e92e3b4968de364f6df455139bbc
Siklu MultiHaul TG Series versions prior to 2.0.0 suffer from an unauthenticated credential disclosure vulnerability.
4bcbd835a57c3cca5d5e02db8c60bf815e9261ff51ef70b5f88a98847262fb47
RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 suffers from a denial of service vulnerability.
9b7bae3bbe0ac19177c74574f4b0842856727f5af1b375f506fcf40ac529539d
NodeBB version 3.6.7 suffers from a broken access control that lets attackers via data only meant for an administrator.
041c25c9e6a6f39edbd0310972213b33068fbb7cec138cd4aa848275f0af4d90
WinRAR version 6.22 suffers from a remote code execution vulnerability via a malicious zip archive.
c9b468baa4eac879ce098155bfc3889b87ef0d5373ba5a2b473d75bc3f0cb552
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers to impersonate the Sharepoint Admin user. This vulnerability stems from the signature validation check used to verify JSON Web Tokens (JWTs) used for OAuth authentication. If the signing algorithm of the user-provided JWT is set to none, SharePoint skips the signature validation step due to a logic flaw in the ReadTokenCore() method. After impersonating the administrator user, the attacker has access to the Sharepoint API and is able to exploit CVE-2023-24955. This authenticated remote command execution vulnerability leverages the impersonated privileged account to replace the /BusinessDataMetadataCatalog/BDCMetadata.bdcm file in the webroot directory with a payload. The payload is then compiled and executed by Sharepoint allowing attackers to remotely execute commands via the API.
3b1724367c87a328eb0a2106c305037f2a413ec6310fe39613f91e443e4e1a9c
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and exploit the eval() function usage within the theme. Successful exploitation allows for full control of the affected WordPress site. It is recommended to upgrade to version 1.9.6.1 or higher.
5a32fb78bdb52593a7f339d7321ec50570d8dc8998da3f4da0c0eaf663f73ac5
A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.
769d2d7e8f18e8bd0ce142472f159825e87239bfc4426229f241a00de99425a0
Bludit version 3.13.0 suffers from a cross site scripting vulnerability.
e30c7734bfb11521c11bd57e218e971d8a00d093a2268443b78f2c2f295a3316
Insurance Management System PHP and MySQL version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
57a616cd0cf4b87402d807007a9cc4baf3849c77c283470d324acd935adbc001
Craft CMS version 4.4.14 suffers from an unauthenticated remote code execution vulnerability.
6dada91b5125e5cbc3f8d9cb9d59a5f937052241fe1e5481dab19199fced220c
LimeSurvey Community version 5.3.32 suffers from a persistent cross site scripting vulnerability.
a0fc1c6d55d96c794b571df26d967b5cf55a3845f9c967220231741cb99ae87c
Orange Station version 1.0 suffers from a remote shell upload vulnerability.
5a9f8a0ab40cab9d931909357ed512b4a4e0910b05218556dc4ed1977fa5b4d8
Nagios XI versions 2024R1.01 suffers from a remote SQL injection vulnerability.
68cad0f6ebae36d741e3c09fbbc2013acb66e4c861404dd3fb579aa2eaef4245
MobileShop Master version 1.0 suffers from a remote SQL injection vulnerability.
5382f069d5f87ca82e7aaa55d06e27880b17bfe303bf5c846c032003643ba5ec
LBT-T300-mini1 suffers from a remote buffer overflow vulnerability.
0d5605d4bf931abe29807024d5f54120a110b26a29b7d0372e0c12e6e2b5b118
Win32.STOP.Ransomware (smokeloader) malware suffers from both local and remote code execution vulnerabilities. The remote code execution can be achieved by leveraging a man-in-the-middle attack.
9740a4e0b25da98023aa4b00d3dc186e1ae19f18ff322ffbd1efa8acd634f49a