This Metasploit module will generate a .NET service executable on the target and utilise InstallUtil to run the payload bypassing the AppLocker protection. Currently only the InstallUtil method is provided,…
>> ARCHIVE: 2016-03
WordPress Bulk Delete plugin version 5.5.3 suffers from a privilege escalation vulnerability.
An independent vulnerability laboratory researcher discovered a remote sql injection vulnerability in the official persian PHPNuke Mod_weblink web extension.
An independent vulnerability laboratory researcher discovered a cross site request forgery web vulnerability in the official AVG Threat Labs web-application.
AppLocker Execution Prevention Bypass
WordPress Bulk Delete Plugin 5.5.3 – Privilege Escalation
Schneider Electric SBO / AS – Multiple Vulnerabilities
An independent vulnerability laboratory researcher discovered a client-side cross site request forgery vulnerability in the Iran Telecom Charging Panel ADSL.
An independent vulnerability laboratory researcher discovered a client-side url redirect and cross site scripting web vulnerability in the official Adobe (Edex) web-application.
This archive contains all of the 240 exploits added to Packet Storm in February, 2016.