Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

Roxy WI 6.1.0.0 Remote Command Execution

Roxy WI version 6.1.0.0 remote command execution exploit. This is a variant of the original disclosure of remote command execution in this version by Nuri Cilengir in April of 2023.

Packet Storm
#ubuntu#linux#git#rce#auth#firefox
Smart School 1.0 SQL Injection

Smart School version 1.0 suffers from a remote SQL injection vulnerability.

LeadPro CRM 1.0 SQL Injection

LeadPro CRM version 1.0 suffers from a remote SQL injection vulnerability.

CVE-2023-2494: Go Pricing - WordPress Responsive Pricing Tables

The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_postdata' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin to modify access to the plugin when it should only be the administrator's privilege.

CVE-2023-25440: CiviCRM 5.59.alpha1 Cross Site Scripting ≈ Packet Storm

Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.

CVE-2023-31689: Arbitrary file write vulnerability in /wcms/wex/html.php · Issue #15 · vedees/wcms

In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute scripts to trigger command execution.

hyiplab 2.1 Default Credentials

hyiplab version 2.1 leaves a default set of administrative credentials installed post installation.

Esg 2.5 SQL Injection

Esg version 2.5 suffers from a remote SQL injection vulnerability.

Code Bakers 1.0 SQL Injection

Code Bakers version 1.0 suffers from a remote SQL injection vulnerability.