OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.
c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701
OpenEMR version 5.0.1.3 authenticated remote shell upload exploit.
1c976d82d20d572267256bdb0e89f3da86fd7a4937ea55c99df13535b3d1abf2
This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.
89a708ff133e6615ee3040a41d60178a5e2e6c21344ec723424eb420b1cc5b8c
IBM Sterling B2B Integrator versions 5.2.0.1 5.2.6.3 suffer from a cross site scripting vulnerability.
2373691d9a25fade76fc8842f910a8fe4636f929f8a58f8b0c4882cffd89dd17