Anuko Time Tracker 1.19.23.5311 Missing Rate Limiting
Authored by Mufaddal Masalawala
Anuko Time Tracker version 1.19.23.5311 suffers from an implementation flaw where password reset emails can be continuously triggered against unsuspecting users.
advisories | CVE-2020-27423
Change Mirror Download
*#Exploit Title:*...
ReadyTalk Avian JVM FileOutputStream.write() Integer Overflow
Authored by Pietro Oliva
ReadyTalk Avian JVM versions 1.2.0 before 27th October 2020 suffer from a FileOutputStream.write() integer overflow vulnerability.
Change Mirror Download
Vulnerability title: Avian JVM FileOutputStream.write() Integer OverflowAuthor: Pietro OlivaVendor:...
HorizontCMS 1.0.0-beta Shell Upload
Authored by Erik Wynter | Site metasploit.com
This Metasploit module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta in order to execute arbitrary commands. The module first attempts to...
Citrix ADC NetScaler Local File Inclusion
Authored by Donny Maasland, Ramella Sebastien | Site metasploit.com
This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.
advisories | CVE-2020-8193, CVE-2020-8195, CVE-2020-8196
Change Mirror Download
### This module...
Bludit Panel Brute Forcer
Authored by Eren Simsek | Site metasploit.com
This Metasploit module performs an authentication brute forcing attack against the panel in Bludit version 3.9.2.
Change Mirror Download
### This module requires Metasploit: https://metasploit.com/download#...
ASUS TM-AC1900 Arbitrary Command Execution
Authored by b1ack0wl | Site metasploit.com
This Metasploit module exploits a code execution vulnerability within the ASUS TM-AC1900 router as an authenticated user. The vulnerability is due to a failure...
Rapid7 Metasploit Framework msfvenom APK Template Command Injection
Authored by Justin Steven | Site metasploit.com
This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android...
Joomla SIGE 3.4.1-FREE / 3.5.3-PRO RFI / Cross Site Scripting
Authored by h4shur
Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
Change Mirror Download
# Title: SIGE - Simple...
Customer Support System 1.0 Cross Site Request Forgery
Authored by Ahmed Abbas
Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.
Change Mirror Download
# Exploit Title: Customer Support System 1.0 - Cross-Site Request Forgery...
Customer Support System 1.0 Cross Site Scripting
Authored by Ahmed Abbas
Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Customer Support System 1.0 - Stored XSS in...