EUVD-2021-29072

Malicious code in bioql PyPI...

Zammad 安全漏洞

Zammad is an open source web-based help desk/customer support system. an elevation of privilege vulnerability exists in versions of Zammad prior to 4.1.1. An attacker could exploit this vulnerability by sending a specially crafted request to modify other agent accounts to be able to log in with...

CVE-2021-22505

Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent...

WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...

Zoner < 4.2 - Persistent XSS & IDOR

----- Persistent XSS: ----- 'Address' input field on the 'Local information' block is vulnerable so you can use your payload to steal admin cookies or do some redirects etc. ----- IDOR: ----- POST request https://zoner.fruitfulcode.com/wp-admin/admin-ajax.php?action=deletepropertyactid=XXX=YYY...

OTRS 5.0.x/6.0.x - Remote Command Execution Vulnerability

Exploit for perl platform in category web applications Exploit Title: OTRS Shell Access Exploit Author: Bæln0rn Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE :...