IWEBSOUL CMS version 1.0 suffers from multiple cross site scripting vulnerabilities.
Source: IWEBSOUL CMS 1.0 Cross Site Scripting
The post IWEBSOUL CMS 1.0 Cross Site Scripting appeared first on MondoUnix.
WordPress Gym Management System versions 07-05-2017 and below suffer from code execution and cross site scripting vulnerabilities.
Source: WordPress Gym Management System 07-05-2017 Code Execution / Cross Site Scripting
The post WordPress Gym Managemen…
NEC EXPRESS CLUSTER comes with Cluster Manager, a Java applet for cluster configuration and management. The underlying webserver ‘clpwebmc’ runs as root and accepts connections on TCP port 29003 which can be initiated without authentication in the default installation. Source: NEC EXPRESS CLUSTER clpwebmc Remote Root
The post NEC EXPRESS CLUSTER clpwebmc Remote Root appeared first on MondoUnix.
Mongoose Web Server version 6.5 suffers from cross site request forgery and remote command execution vulnerabilities.
Source: Mongoose Web Server 6.5 CSRF / Command Execution
The post Mongoose Web Server 6.5 CSRF / Command Execution appeared first on M…
Wibu Systems AG CodeMeter version 6.5.0 suffers from a persistent cross site scripting vulnerability.
Source: Wibu Systems AG CodeMeter 6.50 Cross Site Scripting
The post Wibu Systems AG CodeMeter 6.50 Cross Site Scripting appeared first on MondoUnix.
WordPress WpJobBoard plugin version 4.5.1 suffers from multiple cross site scripting vulnerabilities.
Source: WordPress WpJobBoard 4.5.1 Cross Site Scripting
The post WordPress WpJobBoard 4.5.1 Cross Site Scripting appeared first on MondoUnix.
Wireless Repeater BE126 suffers from a remote code execution vulnerability.
Source: Wireless Repeater BE126 Remote Code Execution
The post Wireless Repeater BE126 Remote Code Execution appeared first on MondoUnix.
This archive contains all of the 171 exploits added to Packet Storm in August, 2017.
Source: Packet Storm New Exploits For August, 2017
The post Packet Storm New Exploits For August, 2017 appeared first on MondoUnix.
This Metasploit module exploits CVE-2017-1000117, which affects Git versions 2.7.5 and lower. A submodule of the form ‘ssh://’ can be passed parameters from the username incorrectly. This can be used to inject commands to the operating system when the submodule is cloned. This Metasploit module creates a fake git repository which contains a submodule containing […]
The post Malicious GIT HTTP Server appeared first on MondoUnix.
The Next Generation of Genealogy Sitebuilding versions prior to 11.1.1 suffer from a remote SQL injection vulnerability.
Source: The Next Generation Of Genealogy Sitebuilding SQL Injection
The post The Next Generation Of Genealogy Sitebuilding SQL Inje…
