Internship Portal Management System 1.0 Shell Upload

Exploit Title: Internship Portal Management System 1.0 - Remote Code Execution Via File Upload Unauthenticated Date: 2021-05-04 Exploit Author: argenestel Vendor Homepage: https://www.sourcecodester.com/php/11712/internship-portal-management-system.html Software Link:...

Exploit for Path Traversal in Atlassian Confluence_Server

Confluence unauthorize template injection CVE-2019-3396...

EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2021-1856)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107...

CVE-2021-29468

Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on...

Security Bulletin: Vulnerability in Help system affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0113)

Summary An undisclosed vulnerability in the help system affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC,...

Arbitrary File Download Vulnerability in VUMC Cloud at Shanghai VUMC Software Co.

Ltd. is a foreign trade SaaS service provider, but also a professional foreign trade industry solutions provider. Ltd. VUMA Cloud suffers from an arbitrary file download vulnerability. An attacker can exploit the vulnerability to obtain source code information...

MariaDB: Git Config

Hey Team, I am a Security Researcher and I have found that one of your domain is leaking the git file which may led to source code of git repository exposing can led to sophisticated attacks so kindly remove it. Vuln URL - http://foundation01.mariadb.org/.git/config BEST, ABHINAV SHARMA -...

CVE-2021-25898

An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...

Code injection

An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...

SUPERNOVA malware discovered on SolarWinds Orion server

The Cybersecurity and Infrastructure Security Agency CISA has reported finding the SUPERNOVA web shell collecting credentials on a SolarWinds Orion server. These observations were made during an incident response to an Advanced Persistent Threat APT actor’s year-long compromise of an enterprise...

Void Aural Rec Monitor 信任管理问题漏洞

Void Aural Rec Monitor is an application from the Spanish company Void. Void Aural Rec Monitor in version 9.0.0.1 suffers from an information disclosure vulnerability that originates from the svc-login.php password being stored in an unencrypted source code text file, which can be exploited to ga...

CVE-2021-27393

A vulnerability has been identified in Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2013.08, Nucleus Source Code Versions including affected DNS modules. The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS...

CVE-2020-27009

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...

CVE-2020-15795

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...

CVE-2021-25677

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...

CVE-2021-25664

The CVE-2021-25664 entry affects Capital Embedded AR Classic 431-422 (all versions), Capital Embedded AR Classic R20-11 (all versions < V2303), Nucleus NET (all versions), Nucleus ReadyStart V3 (< V2017.02.4), V4 (

CVE-2021-25663

The CVE-2021-25663 vulnerability affects Siemens Nucleus family: Capital Embedded AR Classic (431-422, all versions; R20-11 < V2303), Nucleus NET, Nucleus ReadyStart V3 (< V2017.02.4), V4 (

PT-2021-16739 · Mentor Graphics · Nucleus Readystart +3

Name of the Vulnerable Software and Affected Versions: Capital Embedded AR Classic 431-422 versions all Capital Embedded AR Classic R20-11 versions prior to V2303 Nucleus NET versions all Nucleus ReadyStart V3 versions prior to V2017.02.4 Nucleus ReadyStart V4 versions prior to V4.1.0 Nucleus...

PT-2021-16738 · Unknown · Capital Embedded Ar Classic +3

Name of the Vulnerable Software and Affected Versions: Capital Embedded AR Classic 431-422 versions all Capital Embedded AR Classic R20-11 versions all through V2303 Nucleus NET versions all Nucleus ReadyStart V3 versions all through V2017.02.4 Nucleus ReadyStart V4 versions all through V4.1.0...

[SECURITY] Fedora 32 Update: kernel-tools-5.11.14-100.fc32

This package contains the tools/ directory from the kernel source and the supporting documentation...