WebTareas 2.4 - RCE (Authorized)

Exploit Title: WebTareas 2.4 - RCE Authorized Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10...

CVE-2020-9758

An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 Helpdesk. A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level...