Anchor CMS version 0.9.2 suffers from cross site scripting and open redirect vulnerabilities.
>> ARCHIVE: 2015-09
Kirby CMS versions 2.1.0 and below suffer from cross site request forgery and remote shell upload vulnerabilities.
ZeusCart version 4.0 suffers from a remote code execution vulnerability.
Kirby CMS versions 2.1.0 and below suffer from an authentication bypass vulnerability via path traversal.
Zen Cart version 1.5.4 suffers from code execution and information leakage vulnerabilities.
Microsoft released a security bulletin (MS15-101) describing a .NET MVC denial of service vulnerability. This post analyzes the vulnerability in detail, starting from the theory and then providing a PoC…
This Metasploit module exploits a pool based buffer overflow in the atmfd.dll driver when parsing a malformed font. The vulnerability was exploited by the hacking team and disclosed on the…
This Metasploit module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account “IntegrationUser” with administrator privileges exists. The account has a default password of “plugin” which…
Wireshark 1.12.7 – Division by Zero Crash PoC
Pligg CMS 2.0.2 – (load_data_for_search.php) SQL Injection