CVE-2010-20059 FreeNAS < 0.7.2 rev 5543 exec_raw.php Arbitrary Command Execution

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...

Invision Power Services, Inc.: XSS with Visual Language Editor tags

A security vulnerability allowed an attacker to execute arbitrary code on a website by exploiting the Visual Language Editor tags. By injecting malicious code into a post or comment, the attacker could gain full control of the website and its data. The vulnerability has been patched...

elearning-script 1.0 - Authentication Bypass

elearning-script 1.0 - Authentication Bypass Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version:...

elearning-script 1.0 - Authentication Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1...

elearning-script 1.0 SQL Injection

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...