CVE-2020-25483

An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...

U.S. Dept Of Defense: [███] SQL injection & Reflected XSS

SQL injection test 1. Go to site ███████ 2. Intercept this request POST /viewem6.php HTTP/1.1 Host: ████ User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:60.0 Gecko/20100101 Firefox/60.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language:...