Webmin 1.996 Remote Code Execution
Authored by Emir Polat
Webmin version 1.996 suffers from an authenticated remote code execution vulnerability.
advisories | CVE-2022-36446
Change Mirror Download
# Exploit Title: Webmin 1.996 - Remote Code Execution (RCE) (Authenticated)# Date:...
Dingtian-DT-R002 3.1.276A Authentication Bypass
Authored by Victor Hanna
Dingtian-DT-R002 version 3.1.276A suffers from an authentication bypass vulnerability.
advisories | CVE-2022-29593
Change Mirror Download
# Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass# Google Dork: NA# Date: 13th July...
Transposh WordPress Translation 1.0.7 Incorrect Authorization
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.7 and below suffer from an incorrect authorization vulnerability. When installed, Transposh comes with a set of pre-configured options,...
rpc.py 0.6.0 Remote Code Execution
Authored by Elias Hohl
rpc.py version 0.6.0 suffers from a remote code execution vulnerability.
advisories | CVE-2022-35411
Change Mirror Download
# Exploit Title: rpc.py 0.6.0 - Remote Code Execution (RCE)# Google Dork: N/A#...
Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.8.1 and below suffer from cross site request forgery vulnerabilities.
advisories | CVE-2021-24912
Change Mirror Download
RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product: ...
Crime Reporting System 1.0 Cross Site Scripting
Authored by Eslam Reda
Crime Reporting System version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Crime reporting system - Stored cross-site scripting (XSS)# Date:...
Transposh WordPress Translation 1.0.8.1 Information Disclosure
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.8.1 and below have an ajax action called "tp_history" which is intended to return data about who has translated...
Geonetwork 4.2.0 XML Injection
Authored by Amel Bouziane-Leblond
Geonetwork versions 3.1.x through 4.2.0 suffer from an XML external entity injection vulnerability.
Change Mirror Download
# Exploit Title: Geonetwork 4.2.0 - XML External Entity (XXE)# Date: 2022-July-11#...
Transposh WordPress Translation 1.0.8.1 Improper Authorization
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.8.1 and below do not properly enforce authorization on functionalities available on the plugin's "Utilities" page leading to unauthorized...
Transposh WordPress Translation 1.0.8.1 SQL Injection
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.8.1 and below have a "tp_editor" page at "/wp-admin/admin.php?page=tp_editor" that is vulnerable to two authenticated, blind SQL injections when...





