An SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
A combination of a server-side request forgery vulnerability and an arbitrary file write vulnerability, allows unauthenticated attackers to execute commands with SYSTEM privileges in Microsoft Exchange Server.
This update adds several parameters for module flexibility; more log verbosity on errors and fixes a bug when using autodiscover to retrieve email SID.
This update adds several parameters for module flexibility; more log verbosity on errors and fixes a bug when using autodiscover to retrieve email SID.
This update adds reliability improvements to check if the target is vulnerable.
An Authentication bypass and a .NET deserialization vulnerability allows unauthenticated remote attackers to execute system commands in Progress Telerik Report Server.
An unauthenticated remote attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable server. Successful exploitation would allow an attacker to read files from the underlying operating system, which may include sensitive information such as user data (which may include encrypted passwords)
The Client Side Caching Driver (csc.sys) present in Microsoft Windows is vulnerable to a memory corruption, which can result in arbitrary memory write. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An update for the module Oracle WebLogic WLS Core Components T3 Remote Code Execution Exploit that fixes a problem while using it in a pivoted context.
In PHP, when using Apache and PHP-CGI on Windows and if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow remote attackers to pass options to PHP binary being run, leading to execute system commands in the context of the affected application.
An authorized attacker with regular user privileges may be able to inject a malicious file and then convince a user to execute a UWP application.An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
A Server-side Template Injection vulnerability in CrushFTP allows unauthenticated remote attackers to leak server variables values and read arbitrary files in the operating system. This allows authentication bypass of currently logged in users via leak of session tokens by sessions.obj file or log files reading. If the leaked session token is from a CrushFTP administrator user then remote code execution is possible via arbitrary class instantiation vulnerability on the admin panel (dynamic SQL driver loading).