Source
Packet Storm
HughesNet HT2000W Satellite Modem remote password reset exploit that leverages a path traversal vulnerability.
Human Resource Management System version 2024 version 1.0 suffers from a cross site scripting vulnerability.
Employee Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
DETS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Aruba 501 version CN12G5W0XX suffers from a remote command execution vulnerability.
Bang Resto version 1.0 suffers from an information disclosure vulnerability.
School Log Management System version 1.0 appears to suffers from a remote SQL injection vulnerability that allows an attacker to achieve code execution.
Simple College Website version 1.0 appears to suffers from a remote SQL injection vulnerability that allows an attacker to achieve code execution.
This Metasploit module demonstrates a command injection vulnerability in Ray via cpu_profile.
This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication.