This Metasploit module will generate a .NET service executable on the target and utilise InstallUtil to run the payload bypassing the AppLocker protection. Currently only the InstallUtil method is provided, but future methods can be added easily.
WordPress Bulk Delete plugin version 5.5.3 suffers from a privilege escalation vulnerability.
An independent vulnerability laboratory researcher discovered a remote sql injection vulnerability in the official persian PHPNuke Mod_weblink web extension.
An independent vulnerability laboratory researcher discovered a cross site request forgery web vulnerability in the official AVG Threat Labs web-application.
An independent vulnerability laboratory researcher discovered a client-side cross site request forgery vulnerability in the Iran Telecom Charging Panel ADSL.
An independent vulnerability laboratory researcher discovered a client-side url redirect and cross site scripting web vulnerability in the official Adobe (Edex) web-application.
This archive contains all of the 240 exploits added to Packet Storm in February, 2016.