Exploit for Command Injection in Raspap
# CVE-2022-39986 Proof of Concept for RaspAP RCE 
August 16, 2023
Exploit for Command Injection in Raspap
CVE-2022-46898
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function t ...
Continue Reading
August 16, 2023
CVE-2023-35082
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This ...
Continue Reading
August 15, 2023
CVE-2023-39008
A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense before 23.7 allows attackers to execute arbitrary system commands.Read More ...
Continue Reading
August 15, 2023
CVE-2023-33796
** DISPUTED ** A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: t ...
Continue Reading
August 15, 2023
CVE-2023-33236
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authenticat ...
Continue Reading
August 15, 2023
CVE-2023-33371
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication. ...
Continue Reading
August 15, 2023
CVE-2023-33372
Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials ...
Continue Reading
August 15, 2023
CVE-2023-35064
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos ...
Continue Reading
August 15, 2023
CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.Read ...
Continue Reading
August 15, 2023
Load more