📄 Eramba GRC 3.19.1 Command Injection

Eramba GRC platform version 3.19.1 proof of concept command injection exploit. ============================================================================================================================================= | Title : Eramba GRC platform 3.19.1 Command injection in download-test-pdf...

CVE-2020-36884

BrightSign Digital Signage Diagnostic Web Server ≤ 8.2.26 is affected by an unauthenticated SSRF in the Download Speed Test service via the url parameter. The vulnerability allows an attacker to force the application to perform arbitrary HTTP requests to internal network hosts, potentially bypass...