OpenAsset Digital Asset Management Cross Site Scripting
Authored by Jack Misiura
The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
advisories |...
Archon CMS 3.14 Cross Site Scripting
Authored by indoushka
Archon CMS version 3.14 suffers from a cross site scripting vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : Archon CMS V3.14 XSS Vulnerability ...
FreeSWITCH 1.10.6 Missing SIP MESSAGE Authentication
Authored by Sandro Gauci | Site enablesecurity.com
FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities.
advisories | CVE-2021-37624
Change Mirror Download
# FreeSWITCH...
EgavilanMedia PHPCRUD 1.0 Cross Site Scripting
Authored by Mahendra Purbia
EgavilanMedia PHPCRUD version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting#...
Seagate Central Storage 2015.0916 User Creation / Command Execution
Authored by Ege Balci | Site metasploit.com
This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
Authored by Charles FOL, Dylan Pindur, h00die-gr3y, Misterxid | Site metasploit.com
This Metasploit module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox and XTM...
CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle
Authored by malvuln | Site malvuln.com
The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/54530f88c8e4f4371c9418f00c256b1d_B.txtContact:...
College Website Management System 1.0 SQL Injection
Authored by Mr Empy
College Website Management System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: College Website Management System 1.0 - SQL Injection# Date:...
FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication
Authored by Sandro Gauci | Site enablesecurity.com
FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.
advisories | CVE-2021-41157
Change Mirror Download
# FreeSWITCH does not authenticate SIP SUBSCRIBE...
JBOSS EAP/AS 6.x Remote Code Execution
Authored by Heyder Andrade, Marcio Almeida, Joao Matos | Site metasploit.com
An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can...





