GLPI GZIP(Py3) 9.4.5 Remote Code Execution

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

Oracle FCDB <= 10.5 Cross Site Scripting Vulnerability

Exploit for multiple platform in category remote exploits Title: Cross Site Scripting - Oracle Flex cube Direct Banking Application 10.5 Application: Oracle FCDB Versions Affected: Oracle Flex cube Direct Banking Software 10.5 Note: The payload will bypass the most of the WAFs running behind the...

Moodle CMS 3.1.2 Cross Site Scripting / File Upload

Title: Multiple Vulnerabilities - Moodle CMS -3.1.2 Application: Moodle CMS Versions Affected: = 3.1.2 Vendor URL: https://moodle.org/ Software URL: https://download.moodle.org/ Discovered by: Joel Vadodil Varghese Tested on: Windows 10 Pro Bugs: Persistent Cross Site Scripting, Non-Persistent...

Pacific Software URL Live! 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/746/info The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files outside the intended web file structure. Example: http...