Home | Latest News | Popular News | Our Network | About | Contact
Latest Exploits | www.SecurityPhresh.com
Latest Exploits
Showing 'Latest Exploits' from 51 to 60
Joomla JS Support Ticket 1.1.6 SQL Injection
12th Aug 2019 [12 days ago] from PacketStormSecurity
Joomla JS Support Ticket component version 1.1.6 suffers from a remote SQL injection vulnerability in ticketreply.php.
BSI Advance Hotel Booking System 2.0 Cross Site Scripting
12th Aug 2019 [12 days ago] from PacketStormSecurity
BSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php.
ManageEngine OpManager 12.4x Privilege Escalation / Remote Command Execution
12th Aug 2019 [12 days ago] from PacketStormSecurity
This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below.
VxWorks 6.8 Integer Underflow
12th Aug 2019 [12 days ago] from PacketStormSecurity
VxWorks version 6.8 suffers from an integer underflow vulnerability.
ManageEngine OpManager 12.4x Remote Command Execution
12th Aug 2019 [12 days ago] from PacketStormSecurity
This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server.
Webmin 1.920 Remote Code Execution
12th Aug 2019 [12 days ago] from PacketStormSecurity
This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.920 and below. If the password change module is turned on, the unauthenticated user can execute arbitrary commands with root privileges.
Joomla JS Support Ticket 1.1.6 Arbitrary File Deletion
12th Aug 2019 [12 days ago] from PacketStormSecurity
Joomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.
UNA 10.0.0 RC1 Cross Site Scripting
12th Aug 2019 [12 days ago] from PacketStormSecurity
UNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.
OsTicket 1.12 Cross Site Scripting
11th Aug 2019 [13 days ago] from PacketStormSecurity
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application....
OsTicket 1.12 Formula Injection
11th Aug 2019 [13 days ago] from PacketStormSecurity
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »