VulnCheck KEV: CVE-2012-3347

AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment...

Ganib 2.3 SQL Injection

Exploit title: Ganib 2.x SQLi Date: 02/02/2014 Exploit author: drone @dronesec More information: http://hatriot.github.io/blog/2014/02/24/ganib-project-management-2.3-sqli/ Vendor homepage: http://www.ganib.com/ Software link:...