Simple Payroll System 1.0 SQL Injection
Authored by Yash Mahajan Simple Payroll System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication…
Alchemy CMS 6.0.0 Arbitrary File Upload
Authored by Abdulrahman Alchemy CMS versions 2.x through 6.0.0 suffers from an arbitrary file upload vulnerability. Change Mirror Download #…
Keycloak 12.0.1 Server-Side Request Forgery
Authored by Mayank Deshmukh Keycloak version 12.0.1 suffers from a blind server-side request forgery vulnerability. advisories | CVE-2020-10770 Change Mirror…
Apache HTTP Server 2.4.50 Path Traversal / Code Execution
Authored by Lucas Souza Apache HTTP Server version 2.4.50 suffers from path traversal and code execution vulnerabilities. advisories | CVE-2021-42013…
Moodle Authenticated Spelling Binary Remote Code Execution
Authored by Brandon Perry | Site metasploit.com Moodle allows an authenticated user to define spellcheck settings via the web interface.…
Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution
Authored by h00die, lanz, HoangKien1020 | Site metasploit.com Moodle versions 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12,…
Microsoft Fixes Zero-Day Flaw in Win32 Driver
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including…
NSA explains how to avoid dangers of Wildcard TLS Certificates and ALPACA attacks
The NSA issued a technical advisory to warn organizations against the use of wildcard TLS certificates and the […] The…
WordPress Pie Register 3.7.1.4 Privilege Escalation
Authored by Lotfi13-DZ WordPress Pie Register plugin versions 3.7.1.4 and below suffer from a privilege escalation vulnerability. Change Mirror Download…