MINI-3QJP-8H8Q-4G7M

Bulletin has no description...

MINI-R3JG-MMPM-XPWV

Bulletin has no description...

MINI-PJ8H-3G8V-6WV2

Bulletin has no description...

MINI-9X27-P9M6-28XP

Bulletin has no description...

MINI-W5HX-CP53-3WH5

Bulletin has no description...

MINI-P9G8-P6XM-9HPQ

Bulletin has no description...

MINI-WFP5-9W4X-7RX9

Bulletin has no description...

MINI-6MQM-GFVQ-R3PP

Bulletin has no description...

MINI-MHQR-5227-M39M

Bulletin has no description...

MINI-8XJM-4RVX-MQC5

Bulletin has no description...

MINI-4RHM-W3JR-FRV8

Bulletin has no description...

MINI-WHC4-84JQ-6QFX

Bulletin has no description...

MINI-5QGC-FWW7-XQJ5

Bulletin has no description...

VulnLinux-Exploitation

Lab 01: Vulnerable Linux Reconnaissance + Enumeration + Remote...

WordPress File Manager Plugin - Remote Code Execution

The WordPress File Manager plugin prior to version 6.9 is susceptible to remote code execution. The vulnerability allows unauthenticated remote attackers to upload .php files. id: CVE-2020-25213 Uploaded file will be accessible at:-...

Apache Airflow - Unauthenticated Variable Import

Apache Airflow Airflow =2.0.0 and =2.0.0 and 2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution...

Sitecore Experience Platform Pre-Auth RCE

Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required. id: CVE-2021-42237 info: name: Sitecore Experience Platform Pre-Auth RCE author: pdteam...

Mida eFramework <=2.9.0 - Remote Command Execution

Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative root privileges. No authentication is required. id: CVE-2020-15920 info: name: Mida eFramework =2.9.0 - Remote Command Execution author: dwisiswant0 severity: critical description: Mida eFramewor...

ZeroShell <= 1.0beta11 Remote Code Execution

ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary commands through shell metacharacters in the type parameter in a NoAuthREQ x509List action. id: CVE-2009-0545 info: name: ZeroShell = 1.0beta11 Remote Code Execution author: geeknik severity: critica...

RWS WorldServer - Authentication Bypass

An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint. id: CVE-2022-34267 info: name: RWS...