HealthForYou 1.11.1 / HealthCoach 2.9.2 Missing Password Policy
Authored by Nick Decker | Site trovent.io
HealthForYou version 1.11.1 and HealthCoach version 2.9.2 are missing a server-side password policy. When creating an account or changing your password the mobile...
Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection
Authored by Altion Malka, Alberto Favero
Pentaho allows users to create and manage Data Sources. Users can select a Data Source when creating a Dashboard through the Pentaho User Console....
WordPress Pie Register 3.7.1.4 Authentication Bypass / Remote Code Execution
Authored by h00die, Lotfi13-DZ | Site metasploit.com
This Metasploit module uses an authentication bypass vulnerability in Wordpress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With...
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Authored by ro0k
10-Strike Network Inventory Explorer Pro version 9.31 suffers from a buffer overflow vulnerability.
Change Mirror Download
# Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)#...
Employee Record Management System 1.2 SQL Injection
Authored by Anubhav Singh
Employee Record Management System version 1.2 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Title: Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)#...
Dynojet Power Core 2.3.0 Unquoted Service Path
Authored by Pedro Sousa Rodrigues
Dynojet Power Core version 2.3.0 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path# Exploit...
Ericsson Network Location MPS GMPC21 Remote Code Execution
Authored by AkkuS | Site metasploit.com
This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the...
Ericsson Network Location MPS GMPC21 Privilege Escalation
Authored by AkkuS | Site metasploit.com
This Metasploit module exploits a privilege escalation vulnerability in Ericsson Network Location Mobile Positioning Systems.
Change Mirror Download
### This module requires Metasploit: https://metasploit.com/download# Current source:...
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw
Authored by LiquidWorm | Site zeroscience.mk
i3 International Annexxus Cameras Ax-n version 5.2.0 does not allow creation of more than one administrator account on the system. This also applies for...
Fuel CMS 1.4.1 Remote Code Execution
Authored by Padsala Trushal
Fuel CMS version 1.4.1 remote code execution exploit. Original discovery of remote code execution in this version is attributed to 0xd0ff9 in July of 2019.
advisories |...
